Philidor Docs
Risk Framework

Governance Controls (20%)

Timelock scoring, immutability, and depositor exit windows.

Measures the depositor's exit window: if protocol parameters change adversely, how much time do you have to withdraw?

Weighted at 20% because governance risk is partially depositor-mitigable (timelocks give time to exit), unlike asset and platform risk.

Timelock Scoring

ConfigurationScore
Immutable contracts10
Timelock >= 7 days9
Timelock >= 3 days8
Timelock >= 48 hours7
Timelock >= 24 hours6
Timelock >= 6 hours4
Timelock < 6 hours2
No timelock / EOA admin1
Unknown (data unavailable)5

How It Works

The score reflects the depositor's ability to react to adverse parameter changes:

  • Immutable (10): No parameters can change. The code is the final word.
  • Long timelock (8-9): Changes are announced days in advance. Depositors can monitor and exit.
  • Short timelock (4-7): Some reaction time, but requires active monitoring.
  • No timelock (1-2): Admin can change parameters instantly. Depositors have no warning.

Current Limitations

The model does not yet differentiate:

  • Multisig configurations (3/5 vs 1/1)
  • DAO quorum thresholds
  • Governance token distribution concentration
  • Emergency pause mechanisms

These are planned for future framework versions.

Thresholds

Key governance-related constants used in scoring:

ThresholdValue
Safe timelock>= 7 days (604,800 seconds)
Moderate timelock>= 2 days (172,800 seconds)

On this page

Raw