Security-Council threshold reduction (RT)

Convex Finance's assessment for RD-F-182 — scored green on the v1.7.0 rubric. The evidence below is the curator's reasoning for this score.

Evidence summary #

Batch-24 factor (Cat 6B). T-09 v1.1 candidate signal. Applicable: Yes — Convex's 3-of-5 multisig functions as its de facto Security Council. Signal: threshold reduction, timelock removal, or new-signer addition within 14 days. Current posture: Safe API confirms threshold=3, owner_count=5 for Ethereum multisig (0xa3C5A1e09150B75ff251c1a7815A07182c3de2FB) and Arbitrum multisig (0x6111ABF720051309012FcdBc2910054E41dcFF8c) — both stable at 3-of-5. No threshold reduction detected. BoosterOwner delay (forceShutdown ~30-day) is narrow but has not been modified or removed. No signer addition/removal detected in recent transaction history. Reference pattern (Drift Protocol: 3/5 to 2/5 + timelock removal 6 days before $285M DPRK exploit) has no analog here. Green — signal would not fire today.

Sources #

Internal
Convex Finance data cache — Safe multisig configuration.research/protocols/convex-finance/00-data-cache.json — safe_multisigs[0]: threshold=3, owner_count=5 (Ethereum); safe_multisigs[1]: threshold=3, owner_count=5 (Arbitrum)retrieved 2026-05-16
Etherscan
Convex Finance: Multisig — EtherscanEtherscan multisig 0xa3C5A1e09150B75ff251c1a7815A07182c3de2FB — Safe Mastercopy 1.1.1, no threshold change events detected in recent historyretrieved 2026-05-16

Methodology #

Detect in real-time whether the bridge/protocol Security Council multisig executes a threshold reduction (e.g. 3/5 → 2/5), timelock removal, or new-signer addition within ≤14 days of either of those events.

See the full factor methodology and distribution across all protocols →

rubric_version v1.7.0 protocol convex-finance factor RD-F-182 score green collected_at 2026-05-16 02:41:28