UUPS _authorizeUpgrade correctly permissioned

Save (formerly Solend)'s assessment for RD-F-021 — scored not_applicable on the v1.7.0 rubric. The evidence below is the curator's reasoning for this score.

Evidence summary #

UUPS is an EVM proxy pattern. Solana uses BPFLoaderUpgradeable with upgrade_authority access control. The upgrade authority is RY93CZYe5g6drtG7W9PmHRPzaBLZ1uwihTzayQTmJfh (single-key EOA). Structurally inapplicable as an EVM-proxy factor.

Sources #

URL
Solend Program — Solana ExplorerSolend program on Solana Explorer — BPFLoaderUpgradeableretrieved 2026-05-17

Methodology #

Determine whether the UUPS implementation defines `_authorizeUpgrade(address)` restricted to owner/admin/timelock (not open to arbitrary callers).

See the full factor methodology and distribution across all protocols →

rubric_version v1.7.0 protocol save factor RD-F-021 score not_applicable collected_at 2026-05-17 15:20:15