defirisk.co
rubric v1.7.0

Admin/upgrade transaction in mempool

Dolomite's assessment for RD-F-102 — scored yellow on the v1.7.0 rubric. The evidence below is the curator's reasoning for this score.

Evidence summary #

T-09 phase-2 signal tier. Admin map: GnosisSafe (0xa75c21, 2/3) executes via PartiallyDelayedMultiSig (0x52d7BC) for most changes, but 4 bypass functions execute directly without timelock. If the signal were live, bypass-function executions (ownerSetMarketIsClosing, ownerSetMarketMaxWei, ownerSetInterestSetter, setUserVaultImplementation) would satisfy the primary fire condition (no matching queued proposal preceding the Safe tx). No protocol-declared rotation schedule or suppression allowlist found publicly. No current anomalous admin tx observed. Yellow: bypass functions create a structural monitoring challenge requiring suppression allowlist configuration before the signal can operate with acceptable FP rates.

Sources #

  • Internal
    Dolomite data cache 00-data-cache.jsondata-cache safe_multisigs[0]: threshold=2, owners=[0x52256ef..., 0x42acD31..., 0xbDEf2b2...]retrieved 2026-05-16
  • Docs
    Admin Privileges — Dolomitedocs.dolomite.io/admin-privileges: 4 functions bypass timelock on PartiallyDelayedMultiSig (0x52d7BC); GnosisSafe (0xa75c21, 2/3) is sole callerretrieved 2026-05-16

Methodology #

Detect an admin-role or upgrade transaction appearing in the mempool before confirmation.

See the full factor methodology and distribution across all protocols →

rubric_version v1.7.0 protocol dolomite factor RD-F-102 score yellow collected_at 2026-05-16 11:12:56