Admin EOA signing from new geography/device

Morpho V1 (Morpho Blue + MetaMorpho)'s assessment for RD-F-107 — scored gray on the v1.7.0 rubric. The evidence below is the curator's reasoning for this score.

Evidence summary #

May 2025 forum post proposed hardware wallet requirements for multisig signers (no code change). Off-chain signing telemetry not accessible from public sources. Cannot assess geography/device anomalies.

Detail #

Requires MPC/session-key provider data or signing IP telemetry. Not available in public sources. The May 2025 improved-multisig-security proposal suggests prior gaps in hardware wallet usage — no current enforcement confirmed.

Sources #

Governance
https://forum.morpho.org/t/improved-multisig-security-and-transparency/1749retrieved 2026-04-27

Methodology #

Detect whether an admin/upgrader EOA signs from a geography or device fingerprint inconsistent with prior signing history.

See the full factor methodology and distribution across all protocols →

rubric_version v1.7.0 protocol morpho-v1 factor RD-F-107 score gray collected_at 2026-04-30 21:19:13