TermMax Roles

This document outlines the various roles defined in the TermMax protocol, their responsibilities, and the specific functions each role controls.

Core Roles for Access Control

1. Default Admin (DEFAULT_ADMIN_ROLE)

Description: The highest administrative role with privileges to manage other roles and system-critical operations.Controlled Functions:

Gearing Token (GT)

  • Set Gearing Token Implementation

    // AccessManager.sol
function setGtImplement(ITermMaxFactory factory, string memory gtImplementName, address gtImplement)
        external
        onlyRole(DEFAULT_ADMIN_ROLE)

    • Updates the Gearing Token implementation reference in the factory.

Market

  • Create and deploy new markets

    // AccessManager.sol
function createMarket(
        ITermMaxFactory factory,
        bytes32 gtKey,
        MarketInitialParams calldata deployParams,
        uint256 salt
    ) external onlyRole(DEFAULT_ADMIN_ROLE) returns (address market)

    • Deploys new markets

Ownership

  • Transfer ownership of an contract

    // AccessManager.sol
function transferOwnership(IOwnable entity, address to) external onlyRole(DEFAULT_ADMIN_ROLE)

    • Transfers ownership of ownable contracts

  • Accept ownership of an contract

    // AccessManager.sol
function acceptOwnership(IOwnable entity) external onlyRole(DEFAULT_ADMIN_ROLE)

    • Accepts ownership of contracts

Upgradability

  • Upgrade contracts

    // AccessManager.sol
function upgradeSubContract(UUPSUpgradeable proxy, address newImplementation, bytes memory data)
        external
        onlyRole(DEFAULT_ADMIN_ROLE)

    • Upgrades proxies using UUPS pattern

Contract Integration

  • Whitelist external adapters for contract integrations

    // AccessManager.sol
function setAdapterWhitelist(ITermMaxRouter router, address adapter, bool isWhitelist)
        external
        onlyRole(DEFAULT_ADMIN_ROLE)

    • Controls which swap adapters are allowed

Oracles

  • Update oracle source for an asset

    // AccessManager.sol
function submitPendingOracle(IOracle aggregator, address asset, IOracle.Oracle memory oracle)
        external
        onlyRole(DEFAULT_ADMIN_ROLE)

    • Submits new oracles

  • Accept new submitted oracle source for an asset

    // AccessManager.sol
function acceptPendingOracle(IOracle aggregator, address asset) external onlyRole(DEFAULT_ADMIN_ROLE)

    • Accepts pending oracles

2. Pauser (PAUSER_ROLE)

Description: Role with permissions to pause/unpause contracts as a safety measure during emergencies.Controlled Functions:

  • Pause or Unpause a pausable contract

    // AccessManager.sol
function setSwitch(IPausable entity, bool state) external onlyRole(PAUSER_ROLE)

    • Pauses or unpauses protocol functionalities

3. Configurator (CONFIGURATOR_ROLE)

Description: Role with permissions to configure aspects of the system such as market parameters and fee settings.Controlled Functions:

  • Update market config including treasury address and fee configs

    // AccessManager.sol
function updateMarketConfig(ITermMaxMarket market, MarketConfig calldata newConfig)
        external
        onlyRole(CONFIGURATOR_ROLE)

    • Updates market configuration

  • Update Gearing Token (GT) config to set collateral capacity

    // AccessManager.sol
function updateGtConfig(ITermMaxMarket market, bytes memory configData) external onlyRole(CONFIGURATOR_ROLE)

    • Updates Gearing Token configuration

  • Update fee rate of an specific order

    // AccessManager.sol
function updateOrderFeeRate(ITermMaxMarket market, ITermMaxOrder order, FeeConfig memory feeConfig)
        external
        onlyRole(CONFIGURATOR_ROLE)

    • Updates fee rates for orders

4. Vault Admin (VAULT_ROLE)

Description: Role with specific permissions to manage vaults.Controlled Functions:

  • Submit a new guaridan to a vault for apending apprvoval 

    // AccessManager.sol
function submitVaultGuardian(ITermMaxVault vault, address newGuardian) external onlyRole(VAULT_ROLE)

  • Revoke the pending guradian of a vault

    // AccessManager.sol
function revokeVaultPendingGuardian(ITermMaxVault vault) external onlyRole(VAULT_ROLE)

  • Revoke the pending timelock settings of a vault

    // AccessManager.sol
function revokeVaultPendingTimelock(ITermMaxVault vault) external onlyRole(VAULT_ROLE)

  • Revoke the pending market to be whitelisted of a vault

    // AccessManager.sol
function revokeVaultPendingMarket(ITermMaxVault vault, address market) external onlyRole(VAULT_ROLE)

  • Set and update curator to a vault

    // AccessManager.sol
function setCuratorForVault(ITermMaxVault vault, address newCurator) external onlyRole(VAULT_ROLE)

  • Set and whitelist allocators of a vault

    // AccessManager.sol
function setIsAllocatorForVault(ITermMaxVault vault, address allocator, bool isAllocator)
        external
        onlyRole(VAULT_ROLE)

Vault-Specific Roles

Curator

Description: Role responsible for managing vault market relationships and parameters.Controlled Functions:

  • Create an order under the vault

    // TermMaxVault.sol
function createOrder(ITermMaxMarket market, uint256 maxSupply, uint256 initialReserve, CurveCuts memory curveCuts)
        external
        onlyCuratorRole
        marketIsWhitelisted(address(market))
        whenNotPaused
        returns (ITermMaxOrder order)

  • Update multiple orders including the rates and supplies

    // TermMaxVault.sol
function updateOrders(
        ITermMaxOrder[] memory orders,
        int256[] memory changes,
        uint256[] memory maxSupplies,
        CurveCuts[] memory curveCuts
    ) external onlyCuratorRole whenNotPaused

  • Redeem Fixed-Rate Tokens (FT) of the order after maturity

    function redeemOrder(ITermMaxOrder order) external onlyCuratorRole

  • Withdraw the performance fee

    // TermMaxVault.sol
function withdrawPerformanceFee(address recipient, uint256 amount)
        external
        nonReentrant
        whenNotPaused
        onlyCuratorRole

  • Submit a new timelock to be accepted after the original timelock

    // TermMaxVault.sol
function submitTimelock(uint256 newTimelock) external onlyCuratorRole

  • Set and update the capacity of the vault

    // TermMaxVault.sol
function setCapacity(uint256 newCapacity) external onlyCuratorRole

  • Submit the new performance fee rate to be accepted after timelock

    // TermMaxVault.sol
function submitPerformanceFeeRate(uint184 newPerformanceFeeRate) external onlyCuratorRole

  • Submit and whitelist a new market to be accepted after timelock

    // TermMaxVault.sol
function submitMarket(address market, bool isWhitelisted) external onlyCuratorRole

  • All allocator functions (acts as a super-allocator)

Guardian

Description: A protective role for vaults with permissions to approve or prevent sensitive operations.Controlled Functions:

  • Revoke the new submitted timelock

    // TermMaxVault.sol
function revokePendingTimelock() external onlyGuardianRole

  • Revoke the new submitted guradian

    // TermMaxVault.sol
function revokePendingGuardian() external onlyGuardianRole

  • Revoke the new submitted market to be whitelisted

    // TermMaxVault.sol
function revokePendingMarket(address market) external onlyGuardianRole

  • Revoke the new submitted performance fee

    // TermMaxVault.sol
function revokePendingPerformanceFeeRate() external onlyGuardianRole

Allocator

Description: Role responsible for managing funds allocation within vaults.Controlled Functions:

  • Update the order of supply queue

    // TermMaxVault.sol
function updateSupplyQueue(uint256[] memory indexes) external onlyAllocatorRole

  • Update the order of withdraw queue

    // TermMaxVault.sol
function updateWithdrawQueue(uint256[] memory indexes) external onlyAllocatorRole

Architecture

PreviousContractNextContract Upgrade

Last updated