UUPS _authorizeUpgrade correctly permissioned
Polymarket's assessment for RD-F-021 — scored green on the v1.7.0 rubric. The evidence below is the curator's reasoning for this score.
Evidence summary #
Only pUSD CollateralToken proxy uses UUPS pattern. Implementation _authorizeUpgrade() is gated to onlyOwner (OwnableRoles). CTFExchange V1/V2 are non-upgradeable. No open or missing _authorizeUpgrade found.
Sources #
- EtherscanpUSD CollateralToken implementation — UUPS with owner-gated upgradepUSD implementation 0x6bBCef9f — _authorizeUpgrade restricted to onlyOwnerretrieved 2026-04-29
Methodology #
Determine whether the UUPS implementation defines `_authorizeUpgrade(address)` restricted to owner/admin/timelock (not open to arbitrary callers).
See the full factor methodology and distribution across all protocols →
rubric_version v1.7.0 protocol polymarket factor RD-F-021 score green collected_at 2026-04-29 16:25:39