External keeper/relayer not redundant

Midas's assessment for RD-F-062 — scored yellow on the v1.7.0 rubric. The evidence below is the curator's reasoning for this score.

Evidence summary #

Midas standard redemption process involves off-chain operational agents for T-bill sales and USDC return. The oracle NAV price update (setRoundData) relies on a single admin role (M_TBILL_CUSTOM_AGGREGATOR_FEED_ADMIN_ROLE) with no confirmed redundancy or fallback keeper. If the oracle admin fails to update prices, the CustomAggregatorFeed returns stale data indefinitely (no staleness reversion). Instant redemption vaults are on-chain but rely on oracle freshness.

Sources #

GitHub
Sherlock 2024-08 README — Admin Centralizationsherlock-audit/2024-08-midas-minter-redeemer README: admin centralization acknowledged as known risk; instant vs standard redemption flowsretrieved 2026-05-16

Methodology #

Determine whether the protocol depends on a single keeper or relayer (Gelato, Chainlink Automation, custom) with no redundancy or failover.

See the full factor methodology and distribution across all protocols →

rubric_version v1.7.0 protocol midas factor RD-F-062 score yellow collected_at 2026-05-16 09:34:55