★ Low-threshold multisig vs TVL

Hyperlane's assessment for RD-F-028 — scored yellow on the v1.7.0 rubric. The evidence below is the curator's reasoning for this score.

Evidence summary #

ProxyAdmin v1 owner Safe is 3-of-6 (U18 resolved). Operations Safe is 4-of-9. Core Governance Safe is 6-of-10. Peer norm for bridge protocols with $100M+ TVL is 5-of-8 or higher. The controlling Safe for the live Mailbox upgrade path (3-of-6) is below peer norm. 4-of-9 ops Safe is also below norm. Only the 6-of-10 governance Safe meets peer norm but it is the Timelock proposer, not the direct ProxyAdmin controller.

Sources #

URL
Safe API ProxyAdmin v1 owner Safe — U18Safe API: ProxyAdmin v1 owner Safe 0x12C5AB61 threshold=3, owners=6retrieved 2026-05-17
URL
Safe API Operations SafeSafe API: Operations Safe 0x3965AC3D threshold=4, owners=9retrieved 2026-05-17
URL
DefiLlama Hyperlane TVLTVL $132M from DefiLlama; peer norm for bridge $100M+ is 5-of-8 or higherretrieved 2026-05-17

Methodology #

Determine whether the multisig threshold is abnormally low relative to TVL peer cohort (e.g., 2-of-3 for a protocol with >$100M TVL where peer norm is 5-of-8).

See the full factor methodology and distribution across all protocols →

rubric_version v1.7.0 protocol hyperlane factor RD-F-028 score yellow collected_at 2026-05-16 23:03:56