UUPS _authorizeUpgrade correctly permissioned
Hyperlane's assessment for RD-F-021 — scored not_applicable on the v1.7.0 rubric. The evidence below is the curator's reasoning for this score.
Evidence summary #
Hyperlane uses TransparentUpgradeableProxy pattern (ProxyAdmin-based), not UUPS. The UUPS _authorizeUpgrade() pattern is not present in the Mailbox or core contracts. Factor does not apply.
Sources #
- EtherscanEthereum Mailbox v3 Proxy — TransparentUpgradeableProxyMailbox v3 proxy 0xc005dc82818d67AF737725bD4bf75435d065D239 — type: TransparentUpgradeableProxy per profileretrieved 2026-05-17
Methodology #
Determine whether the UUPS implementation defines `_authorizeUpgrade(address)` restricted to owner/admin/timelock (not open to arbitrary callers).
See the full factor methodology and distribution across all protocols →
rubric_version v1.7.0 protocol hyperlane factor RD-F-021 score not_applicable collected_at 2026-05-16 23:03:56