Timelock on sensitive actions

OpenEden's assessment for RD-F-033 — scored red on the v1.7.0 rubric. The evidence below is the curator's reasoning for this score.

Evidence summary #

No timelock on any of the five sensitive action categories: (1) mint — USDO MINTER_ROLE callable directly, no timelock; (2) pause — controller role, no timelock; (3) rescue/offRamp — onlyOperator, no timelock; (4) setOracle — onlyOwner (Safe), no timelock; (5) upgrade — Safe execTransaction, no timelock. All five = un-timelocked.

Sources #

Etherscan
USDO implementation — mint function without timelockUSDO impl 0x87e3Ba92: mint() requires MINTER_ROLE, no TimelockController referencedretrieved 2026-05-16
GitHub
Vault V4Impl source — no timelock on admin functionsOpenEdenVaultV4Impl.sol: offRamp onlyOperator, _authorizeUpgrade onlyOwner — no timelock modifier on eitherretrieved 2026-05-16

Methodology #

For each sensitive action category (mint / pause / rescue / setOracle / upgrade), determine whether execution requires going through the declared timelock.

See the full factor methodology and distribution across all protocols →

rubric_version v1.7.0 protocol openeden factor RD-F-033 score red collected_at 2026-05-16 10:11:45