UUPS _authorizeUpgrade correctly permissioned

StakeWise v3's assessment for RD-F-021 — scored green on the v1.7.0 rubric. The evidence below is the curator's reasoning for this score.

Evidence summary #

EthVault uses UUPS with `_disableInitializers()` in the constructor and `reinitializer(_version)` on initialize(). The `_authorizeUpgrade` function is gated by vault ownership. Consensys Diligence specifically reviewed vault upgrade mechanics. No improperly permissioned _authorizeUpgrade finding reported.

Sources #

Audit
Consensys Diligence StakeWise v3 Vaults Audit 2024-03Consensys Diligence 2024-03 reviewed vault upgrade mechanicsretrieved 2026-05-16
GitHub
EthVault.sol source — UUPS patternEthVault.sol constructor calls _disableInitializers(); initialize() uses reinitializer(_version=5) — UUPS pattern correctly implementedretrieved 2026-05-16

Methodology #

Determine whether the UUPS implementation defines `_authorizeUpgrade(address)` restricted to owner/admin/timelock (not open to arbitrary callers).

See the full factor methodology and distribution across all protocols →

rubric_version v1.7.0 protocol stakewise factor RD-F-021 score green collected_at 2026-05-16 01:03:28