defirisk.co
rubric v1.7.0

Admin/upgrade transaction in mempool

Meteora's assessment for RD-F-102 — scored gray on the v1.7.0 rubric. The evidence below is the curator's reasoning for this score.

Evidence summary #

Cat 6B exploit-in-progress signal (T-09 v1 phase-2 signal). Solana/Squads v3 equivalent: monitoring Squads v3 transaction queue for pending upgrade proposals on program upgrade multisig CoEsykatDegLB7pcMJia79JSriDdi71nPnjgeSfw623k. Squads v3 has NO on-chain time_lock; an approved upgrade transaction executes immediately when threshold signers have approved. No publicly observable pending upgrade transactions in Squads queue as of 2026-05-16 (based on Solscan DLMM program history and GitHub commit logs; last authorized commit 2026-05-14). Signal requires Solana/Squads account-state polling pipeline not yet implemented in T-09 v1 spec.

Sources #

  • URL
    Meteora DLMM Program — SolscanSolscan: DLMM program LBUZKhRxPF3XUpBCjp4YzTKgLccjZhTSDM9YuVaPwxo — upgrade authority JADaUV8kvDpDbJr55wxXJHVaBS3VCj8thZZHjfeuCVLd (off-curve PDA); no pending anomalous upgrade transactions observedretrieved 2026-05-16

Methodology #

Detect an admin-role or upgrade transaction appearing in the mempool before confirmation.

See the full factor methodology and distribution across all protocols →

rubric_version v1.7.0 protocol meteora factor RD-F-102 score gray collected_at 2026-05-16 10:03:05