★ Single admin EOA

Superstate's assessment for RD-F-027 — scored red on the v1.7.0 rubric. The evidence below is the curator's reasoning for this score.

Evidence summary #

[STAR CRITICAL] Two separate EOAs hold all upgrade authority: 0xad309BB6... (USTB ProxyAdmin owner) and 0x8abC89D9... (USCC ProxyAdmin owner). Both funded by same unverified parent contract 0x8C7Db8A9... approximately Dec 2024. Neither is a Gnosis Safe (Safe API 404 for both). Docs describe single 'Superstate Admin Address'. Turnkey claimed as key management but provides no on-chain multisig property. At $1.11B TVS, a single compromised key enables full proxy takeover in one transaction with no timelock. Hot-wallet usage pattern (hundreds of daily mint txs from same addresses).

Sources #

Etherscan
USCC Upgrade Transaction showing EOA as callerUSCC upgrade tx from=0x8abC89D9b56dFD90dA18e8E18CFaC9111100bDd1 calling upgrade() on 0x2Bb7B8B4retrieved 2026-05-16
Docs
Superstate Documentation - Admin Address ArchitectureSuperstate admin key facilitated by Turnkey; single admin address architecture confirmedretrieved 2026-05-16
URL
Safe API 404 for Parent Admin ContractSafe API 404 for 0x8C7Db8A9... confirming parent is not a Gnosis Saferetrieved 2026-05-16
Etherscan
USTB Upgrade Transaction showing EOA as callerUSTB upgrade tx 0x3396a...: from=0xad309BB6, calling upgrade() on ProxyAdmin 0xb9d285DC; USCC upgrade tx 0x33257...: from=0x8abC89D9retrieved 2026-05-16

Methodology #

Determine whether the effective upgrade/owner/rescue role is held by a single EOA (not a multisig) with no timelock on sensitive operations.

See the full factor methodology and distribution across all protocols →

rubric_version v1.7.0 protocol superstate factor RD-F-027 score red collected_at 2026-05-16 00:06:37