UUPS _authorizeUpgrade correctly permissioned

Centrifuge's assessment for RD-F-021 — scored not_applicable on the v1.7.0 rubric. The evidence below is the curator's reasoning for this score.

Evidence summary #

N/A — Centrifuge V3/V3.1 does not use UUPS or any proxy upgrade pattern. All contracts use constructor-based initialization. The protocol's immutable core design explicitly avoids proxy upgrades. No _authorizeUpgrade function needed or present. Contract changes are deployed as new instances.

Sources #

URL
https://x.com/offerijns/status/1976400242175267245retrieved 2026-04-27
GitHub
https://github.com/centrifuge/protocol/blob/main/src/admin/Root.solretrieved 2026-04-27

Methodology #

Determine whether the UUPS implementation defines `_authorizeUpgrade(address)` restricted to owner/admin/timelock (not open to arbitrary callers).

See the full factor methodology and distribution across all protocols →

rubric_version v1.7.0 protocol centrifuge factor RD-F-021 score not_applicable collected_at 2026-04-30 21:19:10