★ Sudden admin-rescue/ACL change without discussion

Midas's assessment for RD-F-123 — scored yellow on the v1.7.0 rubric. The evidence below is the curator's reasoning for this score.

Evidence summary #

Two post-audit implementation upgrades confirmed on-chain: (1) mTBILL impl 0xD4998Cc1ba435298c521f250b81856b1f25c8455 deployed by 'Midas RWA: Old Deployer' approximately September 2024; (2) Issuance Vault impl updated at block 23990751 approximately December 2025 (155 days before assessment date). No public governance discussion, engineering changelog, or blog post identified for either upgrade. Midas operates as a corporate issuer with no DAO forum. However: corporate RWA issuers (circle-usyc / spiko / superstate precedent per PD-042) routinely upgrade without DAO discussion; no emergency/rescue nature or concealment signal observed. Yellow per corporate RWA norm — not red absent a concealment signal.

Sources #

Etherscan
Midas Issuance Vault (DepositVault) TransparentUpgradeableProxy — EtherscanIssuance Vault proxy — shows block 23990751 implementation upgrade (~155 days ago, approximately December 2025)retrieved 2026-05-16
Etherscan
mTBILL Implementation Contract — EtherscanmTBILL implementation contract — deployed by Midas RWA Old Deployer, approximately September 2024retrieved 2026-05-16

Methodology #

Determine whether any admin-rescue function or ACL change was committed to the repo or executed on-chain without corresponding public discussion in issues, PRs, or governance forum.

See the full factor methodology and distribution across all protocols →

rubric_version v1.7.0 protocol midas factor RD-F-123 score yellow collected_at 2026-05-16 09:34:55