Timelock on sensitive actions

dYdX v4 (dYdX Chain)'s assessment for RD-F-033 — scored yellow on the v1.7.0 rubric. The evidence below is the curator's reasoning for this score.

Evidence summary #

Cosmos reframe: all on-chain parameter changes and software upgrades require x/gov proposals (4-day voting). However, the October 2025 chain-halt patch demonstrated validators can coordinate an emergency binary upgrade outside the 4-day period (67%+ consensus required). This is a legitimate but timelock-bypassing emergency path. Yellow: most sensitive actions are governance-gated; the emergency validator patch path is a known-approved bypass.

Sources #

URL
October 2025 dYdX Chain Incident ReviewOctober 2025 incident review — emergency patch without full governance voting periodretrieved 2026-05-17
Docs
Governance Functionalities - dYdX v4Governance functionalities listing all proposal typesretrieved 2026-05-17

Methodology #

For each sensitive action category (mint / pause / rescue / setOracle / upgrade), determine whether execution requires going through the declared timelock.

See the full factor methodology and distribution across all protocols →

rubric_version v1.7.0 protocol dydx-v4 factor RD-F-033 score yellow collected_at 2026-05-17 09:58:47