★ Sudden admin-rescue/ACL change without discussion

QuickSwap's assessment for RD-F-123 — scored yellow on the v1.7.0 rubric. The evidence below is the curator's reasoning for this score.

Evidence summary #

DEX core contracts are immutable - no admin-rescue function exists. Treasury multisig (0xdB74C5D4F154BBD0B8e0a28195C68ab2721327e5) controls QUICK holdings and fee-setter. Multisig owner set stable across visible Polygonscan transaction history (no owner change transactions detected). June 2025 Sameep Singhania transition to advisory and Protofire taking development lead was announced via public governance blog post and Snapshot vote - not a silent change. However: (a) NO on-chain timelock means any multisig action executes with zero delay; (b) Solidity 0.4.19 legacy contract has no structured event log for governance tracking; (c) whether operational signer wallets were updated for the Protofire transition is not publicly confirmed. Yellow: public announcement mitigates insider-implant concern but no-timelock and unclear signer-identity continuity reduce confidence.

Sources #

Governance
QUICK Tokenomics Update - Governance BlogQuickSwap governance blog post June 2025: Sameep stepping into advisory role, Protofire leading developmentretrieved 2026-05-16
Etherscan
QuickSwap Admin MultiSigWalletWithDailyLimit - PolygonscanPolygonscan multisig 0xdB74C5D4F154BBD0B8e0a28195C68ab2721327e5 - transaction history shows stable owner set, no changeOwner events in visible historyretrieved 2026-05-16

Methodology #

Determine whether any admin-rescue function or ACL change was committed to the repo or executed on-chain without corresponding public discussion in issues, PRs, or governance forum.

See the full factor methodology and distribution across all protocols →

rubric_version v1.7.0 protocol quickswap factor RD-F-123 score yellow collected_at 2026-05-16 08:48:31