★ Admin = deployer EOA after 7 days

Save (formerly Solend)'s assessment for RD-F-043 — scored red on the v1.7.0 rubric. The evidence below is the curator's reasoning for this score.

Evidence summary #

[★ CRITICAL] Protocol launched August 2021 (~57 months ago). Upgrade authority remains a single-key EOA (on-chain: RY93CZYe5g6drtG7W9PmHRPzaBLZ1uwihTzayQTmJfh) — never transferred to a multisig or DAO in 57 months. Factor definition (admin = deployer EOA + no multisig transfer within 7d) is met and sustained for 57 months. The Squads multisigs were created for treasury/LM funds only, not for program upgrade authority.

Sources #

Internal
Save profile — launch date and upgrade authority persistence.research/protocols/save/00-profile.md §2 (live since 2021-08-12, ~57 months) and §11 [GRADE-DECISIVE] (upgrade authority never transferred to multisig/DAO post-launch)retrieved 2026-05-17
URL
Neodyme — Solana Upgrade Authority (Solend hot wallet confirmation)Neodyme blog — confirms Solend uses single hot-wallet upgrade authority with complete controlretrieved 2026-05-17

Methodology #

Determine whether, at t = deploy+7d, the admin address still equals the deployer EOA with no evidence of transfer to a multisig.

See the full factor methodology and distribution across all protocols →

rubric_version v1.7.0 protocol save factor RD-F-043 score red collected_at 2026-05-17 15:20:15