Euler Foundation Multisig Update

Euler_Foundation · November 6, 2025, 6:10pm

Euler Multisig Update

The Euler Foundation is sharing the following update regarding improvements to the multisig structure used for the Euler treasury and protocol operation and maintenance. The following improvements were recommended by Euler Labs and reviewed by the Euler Foundation. Implementation of these changes has been coordinated between the Foundation and Euler Labs for operational efficiency and to reduce risk ahead of upcoming deployments.

Background

When Euler v2 was deployed, the Treasury multisig on Ethereum mainnet was granted the highest protocol authority, with authority to manage the following:

Executes potential protocol upgrades
Manages the ProtocolConfig and EulerEarn factory contracts
Acts as governor for all DAO-owned vaults
Oversees EUL bridging between networks
Hold the DAO’s on-chain funds

Equivalent multisigs were later deployed across other networks as Euler v2 was deployed across the EVM ecosystem. The structure (number of signers and signing threshold) of the Treasury multisig was replicated across networks, with members of Euler Labs and the Euler Foundation as signers. After over a year in operation, Euler Labs identified several limitations in this design.

Identified Issues

Concentration of Authority and Assets
The Treasury multisig currently combines two critical roles — holding DAO funds and executing protocol management actions. This lack of separation increases operational risk, as an incident affecting one function could impact the other.
Operational Bottlenecks
As the Treasury multisig includes both Foundation and Labs signers, operational transactions (e.g. protocol upgrades, config changes) are sometimes delayed and executed without full technical context. Day-to-day execution benefits from greater control by those closest to protocol development, while maintaining Foundation oversight.

Improvements

To resolve these issues and prepare for future deployments, the Foundation and Euler Labs have agreed on the following structure:

Create a new Treasury Multisig
A new multisig, controlled by the Euler Foundation, has been created to serve as the Treasury address. All assets currently held in the existing Treasury multisig will be transferred to the new address, excluding protocol revenue, which will remain temporarily in place to allow for easier tracking during the transition period.

This ensures the secure custody of DAO-controlled funds.
The new Treasury multisig will be used exclusively for asset management and allocation.
The new Treasury address is 0xC7C5aFDB61e08BE3e2FB09098412b5706EB5c550

Recategorise the current Treasury Multisig to Operational Multisig
The current Treasury multisig will be repurposed as an operational multisig to be used exclusively for protocol management.
- The signer set will be updated to 6 Euler Labs signers and 2 Foundation Directors, with a 4/8 threshold.
- This change allows Labs to execute operational transactions in a timely and well-informed manner while maintaining Foundation oversight.

Implementation Timeline

The following sequence of transactions is being executed:

Deployment of new Foundation Treasury multisig (completed).
Transfer of all existing Treasury assets from the current address to the new Treasury address.
Signer update on the current Treasury multisig to reflect the new 6+2 structure.
Public confirmation post publishing both addresses and the transaction hashes.

All transactions will be verifiable on-chain, and links will be published once complete.

Summary

These changes achieve three goals:

Reduced operational risk through clear separation of fund custody and protocol management.
Improved efficiency for Euler Labs in managing technical deployments and upgrades.
Continued transparency and accountability through Foundation oversight and public disclosure.

The Euler Foundation will publish a follow-up post confirming completion of each transaction, including on-chain references and the new addresses.

RexShinka · November 10, 2025, 3:28pm

The changes discussed are excellent steps. However, for a multisig entrusted with impacts to $1 billion of other people’s money and $21 million of treasury a more comprehensive system might be considered. It will also assist when discussing with new liquidity providers in showing how Euler uses the best security aspects in the industry.

These suggestions are based on DeFiSafety’s activities with Compound Finances multisig and the results of our five years analyzing DeFi protocol process security.

For the treasury, I would recommend splitting it into three addresses. One would act as a treasury hot wallet with it least six months worth of funds, the other two split the bulk of the funds. This dramatically reduces the risk of a treasury address attack by reducing the incentive. Simply put, make the honeypot too small to bother.

For the Operational Multisig, please consider proof of distinct humanity, regular testing, a history document and detailed documentation. These are all steps that have been implemented for Compound Finance.

Proof of distinct humanity is a process DeFiSafety developed specifically to prove to the community that all signers of the multisig are distinct people without jeopardizing their anonymity. This has been implemented for Compound and other protocols such as Term Finance.

Regular testing proves both to the protocol and the community that all signers are active and able to sign quickly if required. For the operational multisig of Compound, we test quarterly. For the treasury multisigs probably once or twice a year would be adequate. The results of the test are documented in the history document.

A history document describes in plain English what each transaction on the operational multisig was for. There are plenty of details in the Safe website, but the reasoning behind each signature is quickly lost to time. The history document supplies a plain English description for both the community and the signers.

Detailed multisig documentation is useful both for the community and the signers. You do not want a urgent Pause signature delayed while signers try to figure out exactly what they are signing. Detailed documentation makes all of this explicitly clear. For Compound we had a public summary document and a private detailed document.

When Euler Finance is talking with new traditional liquidity providers, extensive security and documentation in the multisig and treasury is a simple inexpensive visible proof of the effort Euler takes on security matters.

kasp · November 12, 2025, 2:03pm

This has been executed: Ethereum Transaction Hash: 0xae69ec1b51... | Etherscan

As for other details, please wait for the update from the Foundation @RexShinka

Euler_Foundation · November 13, 2025, 12:31am

Thank you for the comments, we currently have an operational wallet already in place to mitigate risk, wallet address: 0x0e33089449606CDE00Ad767d66C28Cf4cfCF0bF5. We are working on producing the certification of distinct humans and associated documentation and will share these once available.

Topic		Replies	Views
Imrove multisig process and transparency Euler DAO	0	99	June 27, 2025
eIP 57 Euler Foundation Operational Funding Foundation	11	1678	February 1, 2024
[RFC] Improving Protocol Security via Timelocks Protocol	7	2360	February 28, 2023
Euler Foundation Treasury Optimization and Funding Foundation	1	234	March 18, 2025
The Future of Euler Protocol Protocol	13	4681	June 16, 2023