defirisk.co
rubric v1.7.0

Unusual pending/executed proposal ratio

A real-time signals factor in the v1.7.0 rubric. Measured per protocol on a rt cadence.

Methodology how we score #

**What this measures** This real-time signal fires when the ratio of pending governance proposals to executed proposals deviates significantly from the protocol's trailing 30-day baseline — specifically when an unusual number of proposals are queued for execution in a short window, or when proposals are moving from Queued to Executed at an abnormal pace. The signal is generated by monitoring governance contract state transitions and comparing the pending/executed ratio against the established baseline. Category 6 context: unusual proposal velocity is a governance-attack precursor signal, as flash-loan governance exploits require rapid proposal creation and execution within a single transaction or block.

**Why it matters** Beanstalk ($181M, 2022) is the clearest example: multiple malicious proposals were submitted and executed within a single emergency governance session enabled by flash-loaned voting weight — the proposal-execution velocity was far outside any historical baseline for the protocol. Compound Finance ($147M) shows a different variant: governance activity around Proposal 62 and 64 represented an unusual cluster of high-impact proposals in a short window. Monitoring the pending-to-executed ratio provides an early-warning signal for governance manipulation, particularly when combined with flash-loan signals and unusually large voting positions appearing within a proposal window.

**Green / Yellow / Red** Green is the baseline when proposal creation and execution rates are within the expected range of the trailing 30-day governance activity pattern. Yellow fires when an above-average number of proposals enter the queue within a 24-hour window — potentially legitimate governance activity. Red fires when the pending-to-executed ratio shows an anomalous spike — particularly when multiple proposals move to Executed within a single block or governance session — or when a proposal with an unusually large impact payload (contract upgrade, collateral change) executes faster than the declared timelock minimum.

**Common gray cases** Gray applies when the protocol uses off-chain governance (Snapshot) where the on-chain execution step provides insufficient context to assess the full proposal pipeline, or when the protocol has very low historical governance activity making baseline-setting unreliable.

**Notable historical examples** No cross-hacked incidents currently linked in database for this factor.

Measurement what to look for #

Detect an unusual ratio of pending-to-executed governance proposals versus the trailing-30-day baseline.

Data & output #

Data source
Governance contract proposal state enumeration via subgraph + 30-day baseline model
Output format
Green / Yellow / Red
Evidence artifact
Pending count + executed count + ratio vs baseline + timestamp
Confidence signal
green = signal not firing; red = ratio anomaly exceeds baseline by >3σ; gray = no on-chain governance

Scored protocols 80 carry this factor #

Protocol RD-F-110
Aave v3 ethereum not_assessed Across Protocol ethereum gray Aerodrome Finance base gray Axelar Network ethereum green Babylon Protocol bitcoin green Balancer (v2 + v3) ethereum gray Beefy Finance ethereum not_applicable BENQI avalanche not_applicable BlackRock USD Institutional Digital Liquidity Fund (BUIDL) ethereum not_applicable Cap (cUSD / stcUSD) ethereum not_applicable Centrifuge ethereum gray Chainlink CCIP ethereum gray Circle USYC binance not_applicable Compound V3 (Comet) ethereum green Concrete ethereum not_applicable Convex Finance ethereum green crvUSD (Curve Stablecoin) ethereum green Curve Finance ethereum not_assessed deBridge ethereum gray Dolomite ethereum gray dYdX v4 (dYdX Chain) dydx green EigenLayer ethereum gray Ethena ethereum gray ether.fi ethereum green Euler V2 ethereum not_assessed Falcon Finance ethereum not_applicable Fluid ethereum green Frax Finance ethereum gray GMX v2 (GMX Synthetics) arbitrum green Hyperlane ethereum not_applicable Hyperliquid arbitrum gray Jito solana not_assessed Jupiter solana not_assessed Jupiter Perpetual Exchange solana gray JustLend DAO tron gray Kamino Lend solana gray Kinetiq hyperliquid not_applicable Lido ethereum green Liquid Collective (LsETH) ethereum not_applicable Liquity V1 + V2 (LUSD / BOLD) ethereum green Lista DAO bsc gray Lombard Finance ethereum gray M^0 ethereum green Maple Finance ethereum green Marinade Finance solana gray Meteora solana gray mETH Protocol ethereum not_applicable Midas ethereum not_applicable Morpho V1 (Morpho Blue + MetaMorpho) ethereum green Multipli ethereum not_applicable Ondo Finance ethereum gray OpenEden ethereum not_applicable Orca solana green PancakeSwap bsc not_assessed Pendle Finance ethereum not_assessed Polymarket polygon not_applicable QuickSwap polygon green Raydium solana not_assessed Rocket Pool ethereum green Sanctum solana gray Save (formerly Solend) solana gray Sky Lending (formerly MakerDAO) ethereum gray Spark Protocol ethereum green Spiko stellar not_assessed Stake DAO ethereum gray StakeWise v3 ethereum gray Stargate Finance ethereum gray stHYPE (Valantis Labs) hyperliquid not_applicable SUNSwap (sun.io) tron gray Superstate ethereum not_applicable Sushi (SushiSwap) — v2 + v3 + Trident + BentoBox/Kashi + SushiXSwap ethereum green Symbiotic ethereum not_applicable Synapse Protocol ethereum not_assessed Uniswap (v2 + v3) ethereum gray USDD (Decentralized USD) tron not_applicable Usual (USD0 / bUSD0 / USUAL) ethereum not_applicable Veda (BoringVault) ethereum not_applicable Venus Protocol bsc not_assessed Wormhole ethereum green Yearn Finance ethereum gray
0 red · 0 yellow · 20 green

Linked hacks no historical incidents linked #

No historical incidents are linked to this factor.
rubric_version v1.7.0 factor RD-F-110 category 6 carried 80 critical no