Admin/upgrade transaction in mempool

Raydium's assessment for RD-F-102 — scored green on the v1.7.0 rubric. The evidence below is the curator's reasoning for this score.

Evidence summary #

Cat 6B exploit-in-progress signal [T-09 v1 phase 2]. Raydium's Solana equivalent: monitoring Squads V4 transaction queue at FytDrVzDybM1TwFQPGb8qaxZR7dBCzNeqT3vtQsceZQK for pending upgrade proposals. Post-Dec 2022 migration, all admin and program upgrade authority is held by Squads V4 multisig with 24-hr timelock. No pending unauthorized upgrade transactions observable as of 2026-04-29. Most recent authorized program activity: Sec3 Q2 2026 CLMM audit-covered changes (within normal development cycle). The 24-hr timelock provides an alert window — any pending malicious upgrade transaction would be visible in the Squads transaction queue for at least 24 hours before execution. Threshold: admin/upgrade tx in pending queue without matching authorized proposal. Current posture: no anomalous pending transactions. Score green; requires Solana/Squads monitoring integration for production wiring.

Sources #

Docs
Raydium Protocol Security DocumentationSquads V4 Program Upgrade Multisig: FytDrVzDybM1TwFQPGb8qaxZR7dBCzNeqT3vtQsceZQK; 3/4 threshold; 24-hour timelock; all core programs (AMM v4, CLMM, CPMM, LaunchLab) use this upgrade authorityretrieved 2026-04-29
URL
Managing Program Upgrades with Multisig — Squads BlogSquads blog: program upgrade management with multisig; Raydium uses Squads for upgrade authority with 24-hr timelockretrieved 2026-04-29

Methodology #

Detect an admin-role or upgrade transaction appearing in the mempool before confirmation.

See the full factor methodology and distribution across all protocols →

rubric_version v1.7.0 protocol raydium factor RD-F-102 score green collected_at 2026-04-29 12:31:55