★ Single admin EOA

Midas's assessment for RD-F-027 — scored red on the v1.7.0 rubric. The evidence below is the curator's reasoning for this score.

Evidence summary #

ProxyAdmin 0xbf25b58c is owned by EOA 0x875c06A295C41c27840b9C9dfDA7f3d819d8bC6A (confirmed: no bytecode, compiler=0). This EOA directly executed the Sep-4-2024 mTBILL upgrade (tx 0xf04945...) and Apr-23-2025 unknown proxy upgrade (tx 0x36f1cca4...) without passing through the Safe or Timelock. Operational role-grant admin 0xd4195CF4 is also an EOA (funded by Old Deployer, active grant/revoke calls within 9 hours of assessment). Single EOA effectively holds upgrade authority on the core mTBILL/vault contract set. [★ CRITICAL]

Sources #

Tx
mTBILL direct-EOA upgrade Sep-2024 — EtherscanSep-2024 mTBILL upgrade tx: from=0x875c06A2, no Safe/Timelock events in logretrieved 2026-05-16
Etherscan
ProxyAdmin owner EOA — EtherscanEOA confirmed: no bytecode at 0x875c06A295c41c27840b9c9dfda7f3d819d8bc6a; 74 txs including Grant Role and Upgrade callsretrieved 2026-05-16
Etherscan
Operational admin EOA — EtherscanOperational admin EOA 0xd4195CF4: funded by Old Deployer, 126 txs, active grant/revoke role calls to MidasAccessControl 0x0312A9D1retrieved 2026-05-16

Methodology #

Determine whether the effective upgrade/owner/rescue role is held by a single EOA (not a multisig) with no timelock on sensitive operations.

See the full factor methodology and distribution across all protocols →

rubric_version v1.7.0 protocol midas factor RD-F-027 score red collected_at 2026-05-16 09:34:55