Role separation: upgrade ≠ fee ≠ oracle

Uniswap (v2 + v3)'s assessment for RD-F-035 — scored green on the v1.7.0 rubric. The evidence below is the curator's reasoning for this score.

Evidence summary #

V2: no roles (immutable). V3: upgrade path = immutable (no upgrader role on core). Fee enablement = Timelock. Oracle config = N/A (V3 does not consume external oracle). V3FeeAdapter.feeSetter = Timelock. Two-of-applicable-three roles are Timelock — acceptable for a DEX with no oracle role. Combined: green.

Detail #

V3Factory: only setOwner() and enableFeeAmount() as privileged functions; both owned by Timelock. No oracle admin role exists (V3 exposes TWAP, does not consume external oracle). V3FeeAdapter: feeSetter=Timelock confirmed via protocol fee deployments docs. GovernorBravo admin = Timelock. Role separation is adequate for the DEX model.

Sources #

Docs
Uniswap protocol fee deploymentsProtocol fee deployments: feeSetter=Timelock for V3FeeAdapterretrieved 2026-04-29
GitHub
UniswapV3Factory sourceUniswapV3Factory: only setOwner + enableFeeAmount as privileged functionsretrieved 2026-04-29

Methodology #

Determine whether the upgrade role, fee-collection role, and oracle-config role are assigned to distinct addresses.

See the full factor methodology and distribution across all protocols →

rubric_version v1.7.0 protocol uniswap factor RD-F-035 score green collected_at 2026-05-12 10:36:11