Timelock on sensitive actions

Liquid Collective (LsETH)'s assessment for RD-F-033 — scored red on the v1.7.0 rubric. The evidence below is the curator's reasoning for this score.

Evidence summary #

No timelock on any sensitive action. River.1.sol: setAllowlist(), setKeeper(), setGlobalFee(), setCollector(), setELFeeRecipient(), setCoverageFund(), setMetadataURI() — all onlyAdmin with no delay. TUPProxy: pause()/unpause() admin-callable without delay. Oracle: addMember/removeMember/setQuorum — onlyAdmin with no delay. OperatorsRegistry: addOperator/setOperatorStatus/setOperatorLimits — onlyAdmin with no delay. All sensitive actions execute immediately through the Governor Safe (4-of-7, no TL) or Proxy Admin Safe (4-of-7, no TL).

Sources #

GitHub
River.1.sol — all admin functions without timelockliquid-collective/liquid-collective-protocol/blob/main/contracts/src/River.1.sol — onlyAdmin functionsretrieved 2026-05-17
GitHub
TUPProxy.sol — pause/unpause admin-callable without delayliquid-collective/liquid-collective-protocol/blob/main/contracts/src/TUPProxy.sol — pause/unpause onlyAdminretrieved 2026-05-17

Methodology #

For each sensitive action category (mint / pause / rescue / setOracle / upgrade), determine whether execution requires going through the declared timelock.

See the full factor methodology and distribution across all protocols →

rubric_version v1.7.0 protocol liquid-collective factor RD-F-033 score red collected_at 2026-05-16 19:46:23