delegatecall with user-controlled target

EigenLayer's assessment for RD-F-012 — scored green on the v1.7.0 rubric. The evidence below is the curator's reasoning for this score.

Evidence summary #

EigenLayer uses OZ TransparentUpgradeableProxy delegatecall to implementation address stored in EIP-1967 slot, set only by Proxy Admin (not user-controlled). No published audit finding identifies delegatecall-to-user-supplied-target. Certora and Sigma Prime broad-scope engagements would have surfaced this pattern.

Sources #

Etherscan
DelegationManager Transparent Upgradeable ProxyDelegationManager proxy 0x39053D51B77DC0d36036Fc1fCc8Cb819df8Ef37A — verified TUP sourceretrieved 2026-04-28

Methodology #

Determine whether any contract uses `delegatecall` where the target address is or can be user-supplied without an on-chain allowlist.

See the full factor methodology and distribution across all protocols →

rubric_version v1.7.0 protocol eigenlayer factor RD-F-012 score green collected_at 2026-04-28 13:58:44