Large governance proposal queued
Raydium's assessment for RD-F-101 — scored gray on the v1.7.0 rubric. The evidence below is the curator's reasoning for this score.
Evidence summary #
Cat 6B exploit-in-progress signal [T-09 v1 launch]. Raydium has no on-chain Governor contract (no OpenZeppelin Governor, no Compound Governor, no Realms-based on-chain governance). Governance forum (raydium.discourse.group) is advisory only. Program upgrades use Squads V4 multisig (3/4 threshold, 24-hr timelock at FytDrVzDybM1TwFQPGb8qaxZR7dBCzNeqT3vtQsceZQK) — not a Governor with ProposalCreated events. Signal requires EVM Governor contract event monitoring which is structurally absent. Solana-adapted variant (monitoring Squads V4 transaction queue for malicious-pattern upgrade proposals) is technically feasible but not specified in T-09 v1. Signal would need Solana/Squads adaptation. Data cache governance.type: unknown; governor_address: null.
Sources #
- DocsRaydium Protocol Security DocumentationRaydium security docs: Program Upgrade Multi-Sig (3/4) controls program upgrades; no on-chain Governor contractretrieved 2026-04-29
- raydium.discourse.group is fully decommissioned (DNS no longer resolves; ECONNREFUSED). Raydium retired its Discourse forum at some point post-2023; no canonical replacement community forum exists - governance now happens via Twitter/X and Discord. archive.org is blocked from this environment. Grader to drop forum-existence claim or cite Discord/X as the live community surface. [dead-link, original: https://raydium.discourse.group]retrieved 2026-05-06
Methodology #
Detect whether a governance proposal with potentially protocol-impactful payload has been queued for execution (including Security-Council threshold-reduction variant).
See the full factor methodology and distribution across all protocols →