defirisk.co
rubric v1.7.0

Upgrade multisig signer configuration (M/N)

Sanctum's assessment for RD-F-026 — scored yellow on the v1.7.0 rubric. The evidence below is the curator's reasoning for this score.

Evidence summary #

CLOUD supply multisigs: 4-of-7 (Team Cold address DEnpgmzoAGKXjRCGoLTALm91XMAw88q6npDHPRAmMQj1; Community Cold address not enumerated). Program upgrade multisig: 5-of-8 Squads V3 per one source; 6-of-10 per another source (discrepancy noted). LST programs: 11-member ecosystem multisig (Jito, Jupiter, Laine, Mango, MRGN, Solblaze, SolanaFM, Sanctum + others). Exact upgrade-authority addresses for core programs not on-chain-confirmed from public evidence.

Sources #

  • URL
    Is Sanctum Safe | Legacy docsSearch result confirming 5-of-8 Squads V3 for Sanctum program upgrade authority; 11-member multisig for LST programsretrieved 2026-05-04
  • Docs
    $CLOUD Genesis Mint and AccountabilityCLOUD Genesis Mint blog confirming Team Cold Multisig DEnpgmzoAGKXjRCGoLTALm91XMAw88q6npDHPRAmMQj1 with 4-of-7 thresholdretrieved 2026-05-04

Methodology #

Read `threshold` and `getOwners()` on the multisig controlling upgrade / sensitive ops. Store as `required` (M) and `total` (N); render as "M/N". For EOA admins record `required=1, total=1` (display "1/1"). Null when admin is immutable or full DAO with no fixed signer set.

See the full factor methodology and distribution across all protocols →

rubric_version v1.7.0 protocol sanctum factor RD-F-026 score yellow collected_at 2026-05-04 18:49:23