Dimension 5: Governance & Upgradeability
Admin key concentration, timelock coverage, upgrade mechanisms, and Maximum Extractable Value by Admin (MEVA).
What We Measure
We assess who can change the protocol and how. Governance encompasses the entire lifecycle of protocol changes: from proposal to execution, including emergency powers. We analyze admin key concentration and multisig requirements, timelock coverage on parameter changes and upgrades, upgrade mechanisms (proxy patterns, diamond standard, immutable deployment), emergency powers and their activation conditions, Maximum Extractable Value by Admin (MEVA) — the theoretical maximum damage an insider could inflict, and the practical decentralization of governance power versus its nominal structure.
What Raises This Score
Immutable core contracts with no upgrade path (strongest guarantee)
Multi-day timelocks on all governance actions
Multisig requirements with geographically distributed signers
Capped admin capabilities (can only adjust parameters within bounds)
Emergency shutdown mechanisms that protect users, not admins
Active community governance with high participation rates
Transparent governance process with public proposal history
What Lowers This Score
Single entity controlling all admin functions without timelock
Proxy patterns that allow arbitrary logic replacement
No governance delay — changes execute immediately
Emergency powers that can drain user funds
Admin keys held by unknown or unaccountable parties
Governance theater — nominal decentralization with effective centralization
Upgrade functions that bypass normal governance flow
Why This Weight
At 10%, Governance reflects that while rug pulls and admin-key compromises are devastating, they are less frequent than technical exploits in battle-tested protocols. However, for newer or more centralized protocols, this dimension often becomes the binding constraint. The weight balances between the rarity of governance attacks on mature protocols and their catastrophic impact when they occur.