Security-Council threshold reduction (RT)
Lombard Finance's assessment for RD-F-182 — scored green on the v1.7.0 rubric. The evidence below is the curator's reasoning for this score.
Evidence summary #
Security-Council threshold reduction (RT signal, batch-24) | Applicable: Yes (HIGHLY RELEVANT) | Lombard Security Consortium (10-of-15 threshold via 0xed6D647E2F81E5262101aFf72c4A7bcDcfd780e0) IS the effective Security Council. 3-of-5 GnosisSafe (0x251a604E8E8f6906d60f8dedC5aAeb8CD38F4892) is Timelock proposer/executor. Context: KelpDAO April 2026 exploit (attributed to Lazarus) used DVN threshold reduction before $292M drain -- exact pattern this signal monitors. Current posture: Consortium threshold unchanged at 10-of-15 per March 2026 docs; GnosisSafe most recent tx 2026-04-27 was routine Exec Transaction with no threshold change. No threshold reduction event detected. Signal not firing. v1.1 candidate (not yet production-live). Priority monitoring target given Drift/KelpDAO precedents.
Sources #
- URLhttps://www.coindesk.com/tech/2026/04/20/layerzero-blames-kelp-s-setup-for-usd290-million-exploit-attributes-it-to-north-korea-s-lazarusretrieved 2026-05-05
- https://docs.lombard.finance/learn/security/consortium-membersretrieved 2026-05-05
- https://etherscan.io/address/0x251a604E8E8f6906d60f8dedC5aAeb8CD38F4892retrieved 2026-05-05
Methodology #
Detect in real-time whether the bridge/protocol Security Council multisig executes a threshold reduction (e.g. 3/5 → 2/5), timelock removal, or new-signer addition within ≤14 days of either of those events.
See the full factor methodology and distribution across all protocols →