defirisk.co
rubric v1.7.0

Admin EOA signing from new geography/device

Chainlink CCIP's assessment for RD-F-107 — scored gray on the v1.7.0 rubric. The evidence below is the curator's reasoning for this score.

Evidence summary #

P2 signal; not assessable without team opt-in to signing telemetry. CCIP admin operations flow through MCMS (a smart contract), not individual EOA signing. Geographic signing telemetry would apply to MCMS signers but their identities are not publicly disclosed by Chainlink Labs. Structurally gray for all CCIP governance operations — not negligence, just the opacity of the MCMS model.

Sources #

  • Docs
    CCIP Onchain Architecture - UpgradabilityCCIP upgradability docs — signers include Chainlink node operators plus Chainlink Labs representatives in multiple geographic regions; exact identities not disclosedretrieved 2026-05-16

Methodology #

Detect whether an admin/upgrader EOA signs from a geography or device fingerprint inconsistent with prior signing history.

See the full factor methodology and distribution across all protocols →

rubric_version v1.7.0 protocol chainlink-ccip factor RD-F-107 score gray collected_at 2026-05-16 01:55:09