defirisk.co
rubric v1.7.0

Emergency-veto multisig present

Save (formerly Solend)'s assessment for RD-F-040 — scored red on the v1.7.0 rubric. The evidence below is the curator's reasoning for this score.

Evidence summary #

No emergency veto multisig exists. The Squads treasury multisig (4-of-6) controls only treasury funds. Recovery Mode (docs.save.finance/protocol/parameters) allows a 'council of contributors' to make parameter changes but this is not a veto structure that can block a malicious proposal or upgrade. No on-chain mechanism can stop the single-EOA upgrade authority from pushing malicious bytecode.

Sources #

  • URL
    Save Protocol Parametersdocs.save.finance/protocol/parameters — Recovery Mode description; no veto multisig mentionedretrieved 2026-05-17

Methodology #

Determine whether an emergency-veto or guardian multisig exists with power to cancel malicious proposals before execution.

See the full factor methodology and distribution across all protocols →

rubric_version v1.7.0 protocol save factor RD-F-040 score red collected_at 2026-05-17 15:20:15