UUPS _authorizeUpgrade correctly permissioned
stHYPE (Valantis Labs)'s assessment for RD-F-021 — scored not_applicable on the v1.7.0 rubric. The evidence below is the curator's reasoning for this score.
Evidence summary #
All three core contracts use EIP-1967 Transparent Upgradeable Proxy pattern, not UUPS. The _authorizeUpgrade function does not exist in a transparent proxy setup; the proxy admin controls upgrades directly. Factor is N/A for non-UUPS contracts.
Sources #
- URLstHYPE token proxy — EIP-1967 Transparent Upgradeable Proxyhyperevmscan.io/address/0xfFaa4a3D97fE9107Cef8a3F48c069F577Ff76cC1#code — EIP-1967 Transparent Proxy confirmedretrieved 2026-05-17
- wstHYPE proxy — EIP-1967 Transparent Upgradeable Proxyhyperevmscan.io/address/0x94e8396e0869c9F2200760aF0621aFd240E1CF38#code — EIP-1967 Transparent Proxy confirmedretrieved 2026-05-17
- OverseerV1 proxy — EIP-1967 Transparent Upgradeable Proxyhyperevmscan.io/address/0xB96f07367e69e86d6e9C3F29215885104813eeAE#code — EIP-1967 Transparent Proxy confirmedretrieved 2026-05-17
Methodology #
Determine whether the UUPS implementation defines `_authorizeUpgrade(address)` restricted to owner/admin/timelock (not open to arbitrary callers).
See the full factor methodology and distribution across all protocols →
rubric_version v1.7.0 protocol staked-hype factor RD-F-021 score not_applicable collected_at 2026-05-17 13:02:38