defirisk.co
rubric v1.7.0

Admin/upgrade transaction in mempool

Save (formerly Solend)'s assessment for RD-F-102 — scored not_applicable on the v1.7.0 rubric. The evidence below is the curator's reasoning for this score.

Evidence summary #

EVM-mempool-specific: admin/upgrade transaction appearing in mempool. Solana has no EVM-style public mempool. BPFLoaderUpgradeable program upgrade transactions are broadcast directly to validators. There is no observable 'pending upgrade tx in mempool' state on Solana equivalent to EVM. Per U10, this signal does not apply. Note: the underlying risk (single-EOA `RY93CZYe` can silently upgrade the program without governance) is real but is captured under F182 (Squads threshold change) and Cat 2 (governance-admin-analyst's F027 red).

Sources #

  • Internal
    Save protocol profile — BPFLoaderUpgradeable single-EOA upgrade path.research/protocols/save/00-profile.md §3 — BPFLoaderUpgradeable upgrade_authority RY93CZYe single-key EOA; no EVM proxy/mempool architectureretrieved 2026-05-17

Methodology #

Detect an admin-role or upgrade transaction appearing in the mempool before confirmation.

See the full factor methodology and distribution across all protocols →

rubric_version v1.7.0 protocol save factor RD-F-102 score not_applicable collected_at 2026-05-17 15:20:15