-
Notifications
You must be signed in to change notification settings - Fork 10
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
[Epic] Access Control and Roles #78
Comments
@daigarocota plz check |
@brozorec , first awesome job on the detailing of the functions and the intended role. Some comments:
|
@iafhurtado @daigarocota fyi this ticket's description got updated with the needed details and an action plan. |
|
Time estimation around 2 days |
@brozorec |
|
The goal of this ticket is to have access controls and roles implemented in a consistent way across the whole system. This is a ticket to track progress.
1. Chief
Owner
is a multisig that create, grants and revokes rolessee commentstore all roles in a mapping:Treasury
,Rebalancer
,Liquidator
,Harvester
,Pauser
? andAdminTimelock
?, see commentcreateRole(role) onlyOwner
hasRole(role, address) returns (bool)
- check if the address has the specified rolegrantRole(role, address) onlyOwner
- give a role to the addressrevokeRole(role, address) onlyOwner
- revoke role of the address2. BorrowingVault and YieldVault
pause()
andunpause()
with allowed callers or an address having the rolePauser
setOracle()
,setMaxLtv()
andsetLiqRatio()
can be called only by an address withAdminTimelock
roleliquidate()
can be called only by an address withLiquidator
rolesetProviders()
can be called only by an address withAdminTimelock
rolesetActiveProvider()
can be called only by an address withRebalancer
role (attention this can break existing tests)harvest()
- will be created after we deal with the topic "HarvestManager"3. FujiOracle
setPriceFeed()
- can be called only by an address withAdminTimelock
role4. AddrMapper - check the comments below
providerName => ( address1 => (address2 => IBT address))
-providerName
has the format Name_Version or Name_Version_Asset (for ex. Aave_V2 but not Aave_v2, BeefyVelodrome_V6_sETHETH)providerName
in a array and add a getter functionAdminTimelock
roleThe text was updated successfully, but these errors were encountered: