Protocols

Governance Exposure Risk

4 protocols with ~$33B+ in governance-controlled assets are vulnerable to quantum attacks on ECDSA multisigs. A quantum attacker compromising governance could potentially drain or manipulate these funds.

Stage Definitions for Protocols

S0
Stage 0
No smart wallet support
S1
Stage 1
Accepts 4337/7702 wallets
S2
Stage 2
Governance PQ or immutable
ProtocolChainStage4337/7702ERC-1271GovernanceGov. TVLRiskNotesLinks
Uniswap V3 Coreethereum
Stage 2
ImmutableImmutable - no admin keys
Uniswap Governanceethereum
Stage 1
ECDSA~$3B+CRITICALDAO governance in ECDSA
Aave V3ethereum
Stage 1
ECDSA~$10B+CRITICALPermissionless + ERC-1271, governance ECDSA
Compound V3ethereum
Stage 1
ECDSA~$2B+HIGHPermissionless, governance ECDSA multisig
MakerDAOethereum
Stage 1
ECDSA~$5B+CRITICALPermissionless, governance ECDSA
Lidoethereum
Stage 1
ECDSA~$15B+CRITICALLargest TVL exposure, ECDSA multisig
Safe Multisigethereum
Stage 0
ECDSASigners must be ECDSA
ENSethereum
Stage 1
ECDSAPermissionless, DAO governance ECDSA
Curve Financeethereum
Stage 1
ECDSA~$2B+HIGHPermissionless, governance ECDSA
CoW Protocolethereum
Stage 1
ECDSAIntent-based, ERC-1271 for smart wallet signatures
1inch Fusionethereum
Stage 1
ECDSAIntent-based swaps, ERC-1271 for smart wallets
UniswapXethereum
Stage 1
ECDSADutch auction protocol, ERC-1271 for permits/orders
Morpho Blueethereum
Stage 2
ImmutableImmutable core - owner can only enable IRMs/LLTVs, no fund access
Morpho Vaultsethereum
Stage 1
Immutable~$3B+HIGHImmutable vaults, but Curator/Allocator roles can manipulate allocations (timelocked)

Stage 1 Requirements

  • No tx.origin == msg.sender checks (4337 blocker)
  • No extcodesize() == 0 checks (7702 blocker — e.g. permit())
  • ERC-1271 support (if signatures required)
  • 4337/7702 wallets can interact

Stage 2 Requirements

  • All Stage 1 requirements
  • Governance uses PQ-secured accounts
  • OR
  • Protocol is fully immutable (no admin keys)

Reminder: A protocol's stage cannot exceed the stage of the chain it is deployed on. Most DeFi protocols are permissionless (Stage 1 by default), but their governance remains ECDSA-vulnerable.