Role separation: upgrade ≠ fee ≠ oracle

Beefy Finance's assessment for RD-F-035 — scored yellow on the v1.7.0 rubric. The evidence below is the curator's reasoning for this score.

Evidence summary #

Dev multisig (owner) can set fee config, unirouter, fee recipient, and also upgrade strategies — conflating upgrade and fee configuration authority. The strategist role is distinct (can update own address, receives fees) but the owner controls the rest. Some separation exists between strategist fee collection and upgrade authority, but upgrade and fee-config are held by the same owner.

Sources #

Docs
Beefy StratFeeManager Contract DocumentationsetBeefyFeeRecipient() onlyOwner; setBeefyFeeConfig() onlyOwner; setUnirouter() onlyOwner — all under dev multisig controlretrieved 2026-05-16

Methodology #

Determine whether the upgrade role, fee-collection role, and oracle-config role are assigned to distinct addresses.

See the full factor methodology and distribution across all protocols →

rubric_version v1.7.0 protocol beefy factor RD-F-035 score yellow collected_at 2026-05-16 13:10:30