★ Low-threshold multisig vs TVL

Falcon Finance's assessment for RD-F-028 — scored red on the v1.7.0 rubric. The evidence below is the curator's reasoning for this score.

Evidence summary #

[★ CRITICAL] 4-of-6 Safe at $1.618B TVL with ZERO timelock. Peer norm at $1B+ TVL is 5/8+ with 24-72h timelock. All 5 non-deployer signer identities are opaque — effective trust relies on 4 anonymous parties. Single coordinated compromise enables immediate drain with no user exit window.

Detail #

Safe API: threshold=4, owners=6. TVL per DefiLlama: $1,618,100,259 as of 2026-05-12. No timelock contract identified anywhere in the protocol. Signer identities: only 0x804016... is labeled (deployer). 0xF4161e..., 0xE313db..., 0xA91472..., 0x276c58..., 0xa76095... have no Etherscan labels, no ENS, no public attestation. Effective threshold confidence is reduced by opacity. Lombard Finance (comparable TVL $1.07B) uses 3-of-5 with 1-hour timelock and was rated yellow/red for the timelock. Falcon has 0-second delay — structurally worse.

Sources #

Docs
Falcon Finance governance docs — no timelock mentionedhttps://docs.falcon.finance/sff-token/governanceretrieved 2026-05-12
URL
Safe Transaction Service — Falcon Finance Admin Safehttps://api.safe.global/tx-service/eth/api/v1/safes/0x1E482B60bf19Cb1cc859389e0eA3DED153f16Bd7/retrieved 2026-05-12
URL
DefiLlama — TVL $1.618B as of 2026-05-12https://defillama.com/protocol/falcon-financeretrieved 2026-05-12

Methodology #

Determine whether the multisig threshold is abnormally low relative to TVL peer cohort (e.g., 2-of-3 for a protocol with >$100M TVL where peer norm is 5-of-8).

See the full factor methodology and distribution across all protocols →

rubric_version v1.7.0 protocol falcon-finance factor RD-F-028 score red collected_at 2026-05-12 04:06:37