Guardian/pause-keeper distinct from upgrader
Multipli's assessment for RD-F-034 — scored yellow on the v1.7.0 rubric. The evidence below is the curator's reasoning for this score.
Evidence summary #
MultipliVault pause() and _authorizeUpgrade() both use requiresAuth — same auth system, meaning the same key (owner EOA) can both pause and upgrade. Docs describe a conceptual Guardian role but no distinct on-chain guardian address is confirmed. Yellow: architectural pattern exists (separate roles defined) but effective key separation unconfirmed.
Sources #
- DocsMultipli governance docs — Guardian role architectural onlydocs.multipli.fi governance: Guardian can pause risk-increasing actions — conceptual only, no on-chain addressretrieved 2026-05-17
- MultipliVault.sol — pause and upgrade share requiresAuth modifierMultipliVault.sol: function pause() public requiresAuth; function _authorizeUpgrade() internal requiresAuth — same modifierretrieved 2026-05-17
Methodology #
Determine whether a pauser/guardian role exists and is held by an address distinct from the upgrader address.
See the full factor methodology and distribution across all protocols →
rubric_version v1.7.0 protocol multipli factor RD-F-034 score yellow collected_at 2026-05-17 11:48:35