Risk Framework
Governance Controls (20%)
Governance reaction-window scoring (20%) based on immutability, timelocks, and depositor exit conditions.
Governance measures the depositor's reaction window: if protocol parameters change adversely, how much time exists to exit?
This vector is weighted at 20% because governance risk is partially depositor-mitigable (timelocks create response time), unlike core asset/platform risk.
Scoring Bands
| Configuration | Score |
|---|---|
| Immutable contracts | 10 |
| Timelock >= 7 days | 9 |
| Timelock >= 3 days | 8 |
| Timelock >= 48 hours | 7 |
| Timelock >= 24 hours | 6 |
| Timelock >= 6 hours | 4 |
| Timelock < 6 hours | 2 |
| No timelock / EOA admin | 1 |
| Unknown (data unavailable) | 5 |
How To Interpret
The score reflects the depositor's ability to react to adverse parameter changes:
- Immutable (10): No parameters can change. The code is the final word.
- Long timelock (8-9): Changes are announced days in advance. Depositors can monitor and exit.
- Short timelock (4-7): Some reaction time, but requires active monitoring.
- No timelock (1-2): Admin can change parameters instantly. Depositors have no warning.
v4.1 Context
- Governance remains an active 20% component of the composite score.
- Governance strength does not bypass asset-level hard caps, review caps, or fail-safe constraints.
- If fail-safe mode is
fail_closed, risk output is withheld regardless of governance score.
Current Limitations
This vector does not yet fully differentiate:
- signer quality nuances (for example, high-quality multisig vs weak multisig)
- DAO quorum/liveness guarantees
- governance token concentration dynamics
- emergency controls quality beyond basic pausability signals
Thresholds
Key governance-related constants used in scoring:
| Threshold | Value |
|---|---|
| Safe timelock | >= 7 days (604,800 seconds) |
| Moderate timelock | >= 2 days (172,800 seconds) |