TermMax Roles
This document outlines the various roles defined in the TermMax protocol, their responsibilities, and the specific functions each role controls.
Core Roles for Access Control
1. Default Admin (DEFAULT_ADMIN_ROLE
)
DEFAULT_ADMIN_ROLE
)Description: The highest administrative role with privileges to manage other roles and system-critical operations.Controlled Functions:
Gearing Token (GT)
Set Gearing Token Implementation
// AccessManager.sol function setGtImplement(ITermMaxFactory factory, string memory gtImplementName, address gtImplement) external onlyRole(DEFAULT_ADMIN_ROLE)
Updates the Gearing Token implementation reference in the factory.
Market
Create and deploy new markets
// AccessManager.sol function createMarket( ITermMaxFactory factory, bytes32 gtKey, MarketInitialParams calldata deployParams, uint256 salt ) external onlyRole(DEFAULT_ADMIN_ROLE) returns (address market)
Deploys new markets
Ownership
Transfer ownership of an contract
// AccessManager.sol function transferOwnership(IOwnable entity, address to) external onlyRole(DEFAULT_ADMIN_ROLE)
Transfers ownership of ownable contracts
Accept ownership of an contract
// AccessManager.sol function acceptOwnership(IOwnable entity) external onlyRole(DEFAULT_ADMIN_ROLE)
Accepts ownership of contracts
Upgradability
Upgrade contracts
// AccessManager.sol function upgradeSubContract(UUPSUpgradeable proxy, address newImplementation, bytes memory data) external onlyRole(DEFAULT_ADMIN_ROLE)
Upgrades proxies using UUPS pattern
Contract Integration
Whitelist external adapters for contract integrations
// AccessManager.sol function setAdapterWhitelist(ITermMaxRouter router, address adapter, bool isWhitelist) external onlyRole(DEFAULT_ADMIN_ROLE)
Controls which swap adapters are allowed
Oracles
Update oracle source for an asset
// AccessManager.sol function submitPendingOracle(IOracle aggregator, address asset, IOracle.Oracle memory oracle) external onlyRole(DEFAULT_ADMIN_ROLE)
Submits new oracles
Accept new submitted oracle source for an asset
// AccessManager.sol function acceptPendingOracle(IOracle aggregator, address asset) external onlyRole(DEFAULT_ADMIN_ROLE)
Accepts pending oracles
2. Pauser (PAUSER_ROLE
)
PAUSER_ROLE
)Description: Role with permissions to pause/unpause contracts as a safety measure during emergencies.Controlled Functions:
Pause or Unpause a pausable contract
// AccessManager.sol function setSwitch(IPausable entity, bool state) external onlyRole(PAUSER_ROLE)
Pauses or unpauses protocol functionalities
3. Configurator (CONFIGURATOR_ROLE
)
CONFIGURATOR_ROLE
)Description: Role with permissions to configure aspects of the system such as market parameters and fee settings.Controlled Functions:
Update market config including treasury address and fee configs
// AccessManager.sol function updateMarketConfig(ITermMaxMarket market, MarketConfig calldata newConfig) external onlyRole(CONFIGURATOR_ROLE)
Updates market configuration
Update Gearing Token (GT) config to set collateral capacity
// AccessManager.sol function updateGtConfig(ITermMaxMarket market, bytes memory configData) external onlyRole(CONFIGURATOR_ROLE)
Updates Gearing Token configuration
Update fee rate of an specific order
// AccessManager.sol function updateOrderFeeRate(ITermMaxMarket market, ITermMaxOrder order, FeeConfig memory feeConfig) external onlyRole(CONFIGURATOR_ROLE)
Updates fee rates for orders
4. Vault Admin (VAULT_ROLE
)
VAULT_ROLE
)Description: Role with specific permissions to manage vaults.Controlled Functions:
Submit a new guaridan to a vault for apending apprvoval
// AccessManager.sol function submitVaultGuardian(ITermMaxVault vault, address newGuardian) external onlyRole(VAULT_ROLE)
Revoke the pending guradian of a vault
// AccessManager.sol function revokeVaultPendingGuardian(ITermMaxVault vault) external onlyRole(VAULT_ROLE)
Revoke the pending timelock settings of a vault
// AccessManager.sol function revokeVaultPendingTimelock(ITermMaxVault vault) external onlyRole(VAULT_ROLE)
Revoke the pending market to be whitelisted of a vault
// AccessManager.sol function revokeVaultPendingMarket(ITermMaxVault vault, address market) external onlyRole(VAULT_ROLE)
Set and update curator to a vault
// AccessManager.sol function setCuratorForVault(ITermMaxVault vault, address newCurator) external onlyRole(VAULT_ROLE)
Set and whitelist allocators of a vault
// AccessManager.sol function setIsAllocatorForVault(ITermMaxVault vault, address allocator, bool isAllocator) external onlyRole(VAULT_ROLE)
Vault-Specific Roles
Curator
Description: Role responsible for managing vault market relationships and parameters.Controlled Functions:
Create an order under the vault
// TermMaxVault.sol function createOrder(ITermMaxMarket market, uint256 maxSupply, uint256 initialReserve, CurveCuts memory curveCuts) external onlyCuratorRole marketIsWhitelisted(address(market)) whenNotPaused returns (ITermMaxOrder order)
Update multiple orders including the rates and supplies
// TermMaxVault.sol function updateOrders( ITermMaxOrder[] memory orders, int256[] memory changes, uint256[] memory maxSupplies, CurveCuts[] memory curveCuts ) external onlyCuratorRole whenNotPaused
Redeem Fixed-Rate Tokens (FT) of the order after maturity
function redeemOrder(ITermMaxOrder order) external onlyCuratorRole
Withdraw the performance fee
// TermMaxVault.sol function withdrawPerformanceFee(address recipient, uint256 amount) external nonReentrant whenNotPaused onlyCuratorRole
Submit a new timelock to be accepted after the original timelock
// TermMaxVault.sol function submitTimelock(uint256 newTimelock) external onlyCuratorRole
Set and update the capacity of the vault
// TermMaxVault.sol function setCapacity(uint256 newCapacity) external onlyCuratorRole
Submit the new performance fee rate to be accepted after timelock
// TermMaxVault.sol function submitPerformanceFeeRate(uint184 newPerformanceFeeRate) external onlyCuratorRole
Submit and whitelist a new market to be accepted after timelock
// TermMaxVault.sol function submitMarket(address market, bool isWhitelisted) external onlyCuratorRole
All allocator functions (acts as a super-allocator)
Guardian
Description: A protective role for vaults with permissions to approve or prevent sensitive operations.Controlled Functions:
Revoke the new submitted timelock
// TermMaxVault.sol function revokePendingTimelock() external onlyGuardianRole
Revoke the new submitted guradian
// TermMaxVault.sol function revokePendingGuardian() external onlyGuardianRole
Revoke the new submitted market to be whitelisted
// TermMaxVault.sol function revokePendingMarket(address market) external onlyGuardianRole
Revoke the new submitted performance fee
// TermMaxVault.sol function revokePendingPerformanceFeeRate() external onlyGuardianRole
Allocator
Description: Role responsible for managing funds allocation within vaults.Controlled Functions:
Update the order of supply queue
// TermMaxVault.sol function updateSupplyQueue(uint256[] memory indexes) external onlyAllocatorRole
Update the order of withdraw queue
// TermMaxVault.sol function updateWithdrawQueue(uint256[] memory indexes) external onlyAllocatorRole
Architecture

Last updated