# TermMax Roles

## Core Roles for Access Control

### 1. Default Admin (`DEFAULT_ADMIN_ROLE`)

Description: The highest administrative role with privileges to manage other roles and system-critical operations.Controlled Functions:

#### Gearing Token (GT) 

* **Set Gearing Token Implementation**

  ```solidity
  // AccessManager.sol
  function setGtImplement(ITermMaxFactory factory, string memory gtImplementName, address gtImplement)
          external
          onlyRole(DEFAULT_ADMIN_ROLE)
  ```

  * Updates the Gearing Token implementation reference in the factory.

#### **Market**

* **Create and deploy new markets**

  ```solidity
  // AccessManager.sol
  function createMarket(
          ITermMaxFactory factory,
          bytes32 gtKey,
          MarketInitialParams calldata deployParams,
          uint256 salt
      ) external onlyRole(DEFAULT_ADMIN_ROLE) returns (address market)
  ```

  * Deploys new markets

#### **Ownership**

* **Transfer ownership of an contract**

  ```solidity
  // AccessManager.sol
  function transferOwnership(IOwnable entity, address to) external onlyRole(DEFAULT_ADMIN_ROLE)
  ```

  * Transfers ownership of ownable contracts
* **Accept ownership of an contract**

  ```solidity
  // AccessManager.sol
  function acceptOwnership(IOwnable entity) external onlyRole(DEFAULT_ADMIN_ROLE)
  ```

  * Accepts ownership of contracts

#### **Upgradability**

* **Upgrade contracts**

  ```solidity
  // AccessManager.sol
  function upgradeSubContract(UUPSUpgradeable proxy, address newImplementation, bytes memory data)
          external
          onlyRole(DEFAULT_ADMIN_ROLE)
  ```

  * Upgrades proxies using UUPS pattern

#### **Contract Integration**

* **Whitelist external adapters for contract integrations**

  ```solidity
  // AccessManager.sol
  function setAdapterWhitelist(ITermMaxRouter router, address adapter, bool isWhitelist)
          external
          onlyRole(DEFAULT_ADMIN_ROLE)
  ```

  * Controls which swap adapters are allowed

#### **Oracles**

* **Update oracle source for an asset**

  ```solidity
  // AccessManager.sol
  function submitPendingOracle(IOracle aggregator, address asset, IOracle.Oracle memory oracle)
          external
          onlyRole(DEFAULT_ADMIN_ROLE)
  ```

  * Submits new oracles
* **Accept new submitted oracle source for an asset**

  ```solidity
  // AccessManager.sol
  function acceptPendingOracle(IOracle aggregator, address asset) external onlyRole(DEFAULT_ADMIN_ROLE)
  ```

  * Accepts pending oracles

### 2. Pauser (`PAUSER_ROLE`)

Description: Role with permissions to pause/unpause contracts as a safety measure during emergencies.Controlled Functions:

* **Pause or Unpause a pausable contract**

  ```solidity
  // AccessManager.sol
  function setSwitch(IPausable entity, bool state) external onlyRole(PAUSER_ROLE)
  ```

  * Pauses or unpauses protocol functionalities

### 3. Configurator (`CONFIGURATOR_ROLE`)

Description: Role with permissions to configure aspects of the system such as market parameters and fee settings.Controlled Functions:

* **Update market config including treasury address and fee configs**

  ```solidity
  // AccessManager.sol
  function updateMarketConfig(ITermMaxMarket market, MarketConfig calldata newConfig)
          external
          onlyRole(CONFIGURATOR_ROLE)
  ```

  * Updates market configuration
* **Update Gearing Token (GT) config to set collateral capacity**

  ```solidity
  // AccessManager.sol
  function updateGtConfig(ITermMaxMarket market, bytes memory configData) external onlyRole(CONFIGURATOR_ROLE)
  ```

  * Updates Gearing Token configuration
* **Update fee rate of an specific order**

  ```solidity
  // AccessManager.sol
  function updateOrderFeeRate(ITermMaxMarket market, ITermMaxOrder order, FeeConfig memory feeConfig)
          external
          onlyRole(CONFIGURATOR_ROLE)
  ```

  * Updates fee rates for orders

### 4. Vault Admin (`VAULT_ROLE`)

Description: Role with specific permissions to manage vaults.Controlled Functions:

* **Submit a new guaridan to a vault for apending apprvoval** 

  ```solidity
  // AccessManager.sol
  function submitVaultGuardian(ITermMaxVault vault, address newGuardian) external onlyRole(VAULT_ROLE)
  ```
* **Revoke the pending guradian of a vault**

  ```solidity
  // AccessManager.sol
  function revokeVaultPendingGuardian(ITermMaxVault vault) external onlyRole(VAULT_ROLE)
  ```
* **Revoke the pending timelock settings of a vault**

  ```solidity
  // AccessManager.sol
  function revokeVaultPendingTimelock(ITermMaxVault vault) external onlyRole(VAULT_ROLE)
  ```
* **Revoke the pending market to be whitelisted of a vault**

  ```solidity
  // AccessManager.sol
  function revokeVaultPendingMarket(ITermMaxVault vault, address market) external onlyRole(VAULT_ROLE)
  ```
* **Set and update curator to a vault**

  ```solidity
  // AccessManager.sol
  function setCuratorForVault(ITermMaxVault vault, address newCurator) external onlyRole(VAULT_ROLE)
  ```
* **Set and whitelist allocators of a vault**

  ```solidity
  // AccessManager.sol
  function setIsAllocatorForVault(ITermMaxVault vault, address allocator, bool isAllocator)
          external
          onlyRole(VAULT_ROLE)
  ```

## Vault-Specific Roles

### Curator

Description: Role responsible for managing vault market relationships and parameters.Controlled Functions:

* **Create an order under the vault**

  ```solidity
  // TermMaxVault.sol
  function createOrder(ITermMaxMarket market, uint256 maxSupply, uint256 initialReserve, CurveCuts memory curveCuts)
          external
          onlyCuratorRole
          marketIsWhitelisted(address(market))
          whenNotPaused
          returns (ITermMaxOrder order)
  ```
* **Update multiple orders including the rates and supplies**

  ```solidity
  // TermMaxVault.sol
  function updateOrders(
          ITermMaxOrder[] memory orders,
          int256[] memory changes,
          uint256[] memory maxSupplies,
          CurveCuts[] memory curveCuts
      ) external onlyCuratorRole whenNotPaused
  ```
* **Redeem Fixed-Rate Tokens (FT) of the order after maturity**

  ```solidity
  function redeemOrder(ITermMaxOrder order) external onlyCuratorRole
  ```
* **Withdraw the performance fee**

  ```solidity
  // TermMaxVault.sol
  function withdrawPerformanceFee(address recipient, uint256 amount)
          external
          nonReentrant
          whenNotPaused
          onlyCuratorRole
  ```
* **Submit a new timelock to be accepted after the original timelock**

  ```solidity
  // TermMaxVault.sol
  function submitTimelock(uint256 newTimelock) external onlyCuratorRole
  ```
* **Set and update the capacity of the vault**

  ```solidity
  // TermMaxVault.sol
  function setCapacity(uint256 newCapacity) external onlyCuratorRole
  ```
* **Submit the new performance fee rate to be accepted after timelock**

  ```solidity
  // TermMaxVault.sol
  function submitPerformanceFeeRate(uint184 newPerformanceFeeRate) external onlyCuratorRole
  ```
* **Submit and whitelist a new market to be accepted after timelock**

  ```solidity
  // TermMaxVault.sol
  function submitMarket(address market, bool isWhitelisted) external onlyCuratorRole
  ```
* All allocator functions (acts as a super-allocator)

### Guardian

Description: A protective role for vaults with permissions to approve or prevent sensitive operations.Controlled Functions:

* **Revoke the new submitted timelock**

  ```solidity
  // TermMaxVault.sol
  function revokePendingTimelock() external onlyGuardianRole
  ```
* **Revoke the new submitted guradian**

  ```solidity
  // TermMaxVault.sol
  function revokePendingGuardian() external onlyGuardianRole
  ```
* **Revoke the new submitted market to be whitelisted**

  ```solidity
  // TermMaxVault.sol
  function revokePendingMarket(address market) external onlyGuardianRole
  ```
* **Revoke the new submitted performance fee**

  ```solidity
  // TermMaxVault.sol
  function revokePendingPerformanceFeeRate() external onlyGuardianRole
  ```

### Allocator

Description: Role responsible for managing funds allocation within vaults.Controlled Functions:

* **Update the order of supply queue**

  ```solidity
  // TermMaxVault.sol
  function updateSupplyQueue(uint256[] memory indexes) external onlyAllocatorRole
  ```
* **Update the order of withdraw queue**

  ```solidity
  // TermMaxVault.sol
  function updateWithdrawQueue(uint256[] memory indexes) external onlyAllocatorRole
  ```

## Architecture

<figure><img src="/files/fAaKqxLmMmo5nqHtEj4o" alt=""><figcaption></figcaption></figure>


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://docs.ts.finance/technical-details/contract/termmax-roles.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.