Skip to content

Royco | Ethereum | available #139

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Draft
yvesbou wants to merge 2 commits into
base: main
Choose a base branch
from
Draft

Royco | Ethereum | available #139

Changes from all commits
Commits
Show all changes
2 commits
Select commit Hold shift + click to select a range
a3cee01
initial scope defined
yvesbou Apr 15, 2025
11489b9
update template for royco
yvesbou Jun 3, 2025
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
139 changes: 139 additions & 0 deletions src/content/protocols/royco.md
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,139 @@
---
protocol: "Royco"
website: "https://www.royco.org/"
x: "https://x.com/roycoprotocol"
github: ["https://github.com/roycoprotocol/royco"]
defillama_slug: ["royco-protocol"]
chain: "Ethereum"
stage: 0
reasons: ["remove", "if none"]
risks: ["x", "x", "x", "x", "x"]
author: ["author-1", "author-2"]
submission_date: "1970-01-01"
publish_date: "1970-01-01"
update_date: "1970-01-01"
---

# Summary

Add a summary of the protocols. What is it? What does it do? etc.

# Ratings

## Chain

See http://defiscan.info/learn-more#chain for more guidance.

> Chain score: Low/Medium/High

## Upgradeability

In the upgradability section & risk we address bytecode upgrades and parameter changes that are permissioned.

We wrote a section explaining the Upgradeability Risk in our framework here: See http://defiscan.info/learn-more#upgradability

For some practical guidance follow this steps. It will help you in writing a nice report:

1. Run the [permission scanner](https://github.com/deficollective/permission-scanner)
2. Fill in all the permissioned functions in the table (`## Permissions`)
- Remember: Each function with a permission needs to be considered when determining the risk on Upgradability
3. Get a mechanistic and precise understanding of each permissioned function
4. Assess impact for each function, look out for
- loss/blocking of user funds
- loss of unclaimed yield
- change expected behavior significantly (blacklisting/kyc/fees/...)
5. Write the impact column based on your understanding
- A good tipp when writing the impact column below, think of least 2,3 sentences:
1. First sentence: what it does technically, e.g "It assigns a new address to the owner variable"
2. Second: what is the impact within the system, e.g "The owner is permissioned to raise fees"
3. Third: Imagine faulty or malicious action, e.g "The malicious owner could raise fees to 100%, redirecting all future yield.
6. Summarise and abstract away technical details in this section here (`## Upgradeability`)

> Upgradeability score: Low/Medium/High

## Autonomy

See http://defiscan.info/learn-more#autonomy for more guidance.

> Autonomy score: Low/Medium/High

## Exit Window

See http://defiscan.info/learn-more#exit-window for more guidance.

> Exit Window score: Low/Medium/High

## Accessibility

See http://defiscan.info/learn-more#accessibility for more guidance.

> Accessibility score: Low/Medium/High

## Conclusion

Some text in form of:

The xyz protocol achieves High centralization risk scores for its Upgradeability, Autonomy and Exit Window dimensions. It thus ranks Stage 0.

The protocol could reach Stage 1 by ...

The project additionally could advance to Stage 2 if ...

# Reviewer's Notes

(Here, anything worth mentioning about what critical permissions you excluded from the scope or some elements that xyz protocol does in a unique way. If nothing seems relevant, just say that :)

⚠️ During our analysis, we identified ...

# Protocol Analysis

Here include the diagram(s). Please explain what the main contracts are doing within the diagram.

# Dependencies

Go into more detail of the oracle, bridge, or other dependency the defi protocol is using

# Governance

## Relevant Subsection

Here anything relevant to the governance, in this case it could be what you highlighted in "Upgrade Process"

## Security Council

New table with all the multisigs

| Name | Account | Type | ≥ 7 signers | ≥ 51% threshold | ≥ 50% non-insider | Signers public |
| ------------- | ------------------------------------------- | -------- | ----------- | --------------- | ----------------- | -------------- |
| Team Multisig | [0x123](https://etherscan.io/address/0x123) | Multisig | ✅ | ❌ | ❌ | ✅ |

# Contracts & Permissions

## Contracts

| Contract Name | Address |
| ------------------- | --------------------------------------------------------------------------------------------------------------------- |
| PointsFactory | [0x19112AdBDAfB465ddF0b57eCC07E68110Ad09c50](https://etherscan.io/address/0x19112AdBDAfB465ddF0b57eCC07E68110Ad09c50) |
| WrappedVaultFactory | [0x75e502644284edf34421f9c355d75db79e343bca](https://etherscan.io/address/0x75e502644284edf34421f9c355d75db79e343bca) |
| WrappedVault | [0x3c44c20377e252567d283dc7746d1bea67eb3e66](https://etherscan.io/address/0x3c44c20377e252567d283dc7746d1bea67eb3e66) |
| VaultMarketHub | [0xa97eCc6Bfda40baf2fdd096dD33e88bd8e769280](https://etherscan.io/address/0xa97eCc6Bfda40baf2fdd096dD33e88bd8e769280) |
| WeirollWallet | [0x40a1c08084671E9A799B73853E82308225309Dc0](https://etherscan.io/address/0x40a1c08084671E9A799B73853E82308225309Dc0) |
| RecipeMarketHub | [0x783251f103555068c1E9D755f69458f39eD937c0](https://etherscan.io/address/0x783251f103555068c1E9D755f69458f39eD937c0) |
| WeirollWalletHelper | [0x07899ac8BE7462151d6515FCd4773DD9267c9911](https://etherscan.io/address/0x07899ac8BE7462151d6515FCd4773DD9267c9911) |

## Permission owners

| Name | Account | Type |
| ---- | ------------------------------------------- | ------------ |
| name | [0x...](https://etherscan.io/address/0x...) | Multisig x/y |
| name | [0x...](https://etherscan.io/address/0x...) | Contract |
| name | [0x...](https://etherscan.io/address/0x...) | EOA |

## Permissions

| Contract | Function | Impact | Owner |
| ------------- | ------------ | ------------------------------------------------------------------------------------------------------------------------------------ | ----------------------- |
| contract name | functionname | Description in 3 Sentences. | owner of the permission |
| contract name | functionname | First sentence: what it does technically, e.g "It assigns a new address to the owner variable". | owner of the permission |
| contract name | functionname | Second sentence: what is the impact within the system, e.g "The owner is permissioned to raise fees". | owner of the permission |
| contract name | functionname | Third sentence: Imagine faulty or malicious action, e.g "The malicious owner could raise fees to 100%, redirecting all future yield. | owner of the permission |