Risk Framework
Governance Controls (20%)
Timelock scoring, immutability, and depositor exit windows.
Measures the depositor's exit window: if protocol parameters change adversely, how much time do you have to withdraw?
Weighted at 20% because governance risk is partially depositor-mitigable (timelocks give time to exit), unlike asset and platform risk.
Timelock Scoring
| Configuration | Score |
|---|---|
| Immutable contracts | 10 |
| Timelock >= 7 days | 9 |
| Timelock >= 3 days | 8 |
| Timelock >= 48 hours | 7 |
| Timelock >= 24 hours | 6 |
| Timelock >= 6 hours | 4 |
| Timelock < 6 hours | 2 |
| No timelock / EOA admin | 1 |
| Unknown (data unavailable) | 5 |
How It Works
The score reflects the depositor's ability to react to adverse parameter changes:
- Immutable (10): No parameters can change. The code is the final word.
- Long timelock (8-9): Changes are announced days in advance. Depositors can monitor and exit.
- Short timelock (4-7): Some reaction time, but requires active monitoring.
- No timelock (1-2): Admin can change parameters instantly. Depositors have no warning.
Current Limitations
The model does not yet differentiate:
- Multisig configurations (3/5 vs 1/1)
- DAO quorum thresholds
- Governance token distribution concentration
- Emergency pause mechanisms
These are planned for future framework versions.
Thresholds
Key governance-related constants used in scoring:
| Threshold | Value |
|---|---|
| Safe timelock | >= 7 days (604,800 seconds) |
| Moderate timelock | >= 2 days (172,800 seconds) |