defirisk.co
rubric v1.7.0

Admin/upgrade transaction in mempool

Liquid Collective (LsETH)'s assessment for RD-F-102 — scored gray on the v1.7.0 rubric. The evidence below is the curator's reasoning for this score.

Evidence summary #

T-09 phase-2 signal; tier-B. The Proxy Admin Safe (0x8EE3fC0Bcd7B57429203751C5bE5fdf1AB8409f3, 4-of-7) holds upgrade authority over all River proxies. Any upgradeTo/upgradeToAndCall Safe confirmation tx is detectable in the mempool. Critically: no Timelock exists between the Safes and proxy contracts -- all upgrade transactions are executable without a queued governance proposal pre-announcement, making every upgrade tx appear unannounced. This increases signal sensitivity (no suppression possible via RD-F-101 co-signal). No upgrade transactions in mempool at assessment date. GitHub last commit 2026-05-15 indicates active development. v1.3.0 was last tagged release (2025-04-10). Requires mempool listener infrastructure not yet in production.

Sources #

  • Internal
    Liquid Collective data cache - safe_multisigs and governance fields00-data-cache.json safe_multisigs[0] address = 0x8EE3fC0Bcd7B57429203751C5bE5fdf1AB8409f3 role=proxy_admin threshold=4 owner_count=7; governance.timelock_address = nullretrieved 2026-05-17
  • GitHub
    Releases - liquid-collective-protocolliquid-collective-protocol GitHub last commit 2026-05-15; v1.3.0 released 2025-04-10; active development ongoingretrieved 2026-05-17

Methodology #

Detect an admin-role or upgrade transaction appearing in the mempool before confirmation.

See the full factor methodology and distribution across all protocols →

rubric_version v1.7.0 protocol liquid-collective factor RD-F-102 score gray collected_at 2026-05-16 19:46:23