Admin key custody type

Hyperlane's assessment for RD-F-025 — scored yellow on the v1.7.0 rubric. The evidence below is the curator's reasoning for this score.

Evidence summary #

Multisig-only governance (no full DAO+timelock). Core Governance Safe is 6-of-10; Operations Safe is 4-of-9. An Upgrade Timelock (0xBE8B8dc0510F80f0Dfb805302c1A60DaEE8f3434) was deployed 2025-07-18 with confirmed getMinDelay()=86400s (24h) via MinDelayChange event in creation tx. Proposer is Core Governance Safe (6-of-10); executor is open (zero address). Categorical result: multisig with an operative 24h timelock, below the 48h+ peer norm for $132M bridge protocols.

Sources #

Etherscan
Upgrade Timelock creation tx — minDelay=86400s confirmedTimelock creation tx 0xd11c92e4...: MinDelayChange event oldDuration=0 newDuration=86400; proposer=0x562Dfaac (Core Governance Safe); executor=0x0000...0000retrieved 2026-05-17
Etherscan
Hyperlane Core Governance SafeCore Governance Safe — threshold 6, owners 10retrieved 2026-05-17
Etherscan
Hyperlane Operations SafeOperations Safe — threshold 4, owners 9retrieved 2026-05-17

Methodology #

Read the effective admin/owner/upgrader role on deployed contracts and classify as: EOA / multisig / multisig+timelock / full DAO+timelock / immutable.

See the full factor methodology and distribution across all protocols →

rubric_version v1.7.0 protocol hyperlane factor RD-F-025 score yellow collected_at 2026-05-16 23:03:56