AccessManager
AccessManager 合约负责管理 TermMax 协议中各个部分的角色与权限设置。该合约基于 OpenZeppelin 的 AccessControlUpgradeable 和 UUPSUpgradeable 模块构建,具备基于角色的访问控制以及智能合约可升级性功能。
角色与职责
1. DEFAULT_ADMIN_ROLE
持有 DEFAULT_ADMIN_ROLE 的账户拥有最高级别的控制权限,可以执行以下操作::
设置 Gearing Token 的实现合约
function setGtImplement(ITermMaxFactory factory, string memory gtImplementName, address gtImplement) external onlyRole(DEFAULT_ADMIN_ROLE)在工厂合约中更新 Gearing Token 的实现合约引用。
创建市场
function createMarket(ITermMaxFactory factory, bytes32 gtKey, MarketInitialParams calldata deployParams, uint256 salt) external onlyRole(DEFAULT_ADMIN_ROLE)部署一个新的 TermMax 市场合约。
创建市场并加入白名单
function createMarketAndWhitelist( ITermMaxRouter router, ITermMaxFactory factory, bytes32 gtKey, MarketInitialParams calldata deployParams, uint256 salt ) external onlyRole(DEFAULT_ADMIN_ROLE)部署一个新市场并自动将其加入路由器的白名单中。
转移所有权
function transferOwnership(IOwnable entity, address to) external onlyRole(DEFAULT_ADMIN_ROLE)将
IOwnable合约的所有权转移至另一个地址。
接受所有权
function acceptOwnership(IOwnable entity) external onlyRole(DEFAULT_ADMIN_ROLE)将
IOwnable合约的所有权转移至另一个地址。
升级子合约(UUPS 升级机制):
function upgradeSubContract(UUPSUpgradeable proxy, address newImplementation, bytes memory data) external onlyRole(DEFAULT_ADMIN_ROLE)升级一个基于 UUPS 的代理合约至新的实现合约,并可选调用新合约中的函数。
设置市场白名单
function setMarketWhitelist(ITermMaxRouter router, address market, bool isWhitelist) external onlyRole(DEFAULT_ADMIN_ROLE)向路由器添加或移除某个市场的白名单资格。
设置适配器白名单
function setAdapterWhitelist(ITermMaxRouter router, address adapter, bool isWhitelist) external onlyRole(DEFAULT_ADMIN_ROLE)管理路由器中适配器的白名单状态。
设置预言机
function setOracle(IOracle aggregator, address asset, IOracle.Oracle memory oracle) external onlyRole(DEFAULT_ADMIN_ROLE)将某一资产与特定的预言机数据源进行关联。
移除预言机
function removeOracle(IOracle aggregator, address asset) external onlyRole(DEFAULT_ADMIN_ROLE)移除某一资产已存在的预言机映射。
备注:DEFAULT_ADMIN_ROLE 同时也是其他角色的管理员角色,具备授予或撤销以下角色的权限:
DEFAULT_ADMIN_ROLE, PAUSER_ROLE, VAULT_ROLE
2. CONFIGURATOR_ROLE
The CONFIGURATOR_ROLE is responsible for adjusting protocol parameters:
Update Market Config
Adjusts key market parameters such as collateral factors, interest rates, etc.
Update Gearing Token Config
Modifies configuration data specific to Gearing Tokens in a particular market.
Set Order Fee Rate
Adjusts fee parameters for specific orders or order types.
3. PAUSER_ROLE
The PAUSER_ROLE allows pausing and unpausing of contracts that implement the IPausable interface:
Set Switch (Pause / Unpause)
If
state == true, callsunpause()on the target; otherwise, callspause().
Pausing functionality is crucial in DeFi for handling emergencies or severe market disruptions.
4. VAULT_ROLE
The VAULT_ROLE handles vault-specific administrative functions via the ITermMaxVault interface:
Submit Vault Guardian
Proposes a new guardian for the vault.
Revoke Vault Pending Guardian
Cancels any pending guardian assignments.
Revoke Vault Pending Timelock
Cancels any pending timelock changes in the vault.
Revoke Vault Pending Market
Prevents a newly proposed market from being finalized for use within the vault.
Set Curator for Vault
Assigns or updates the vault’s curator (user/contract with certain oversight powers).
Set Allocator for Vault
Grants or revokes allocation rights within the vault.
Summary
Each TermMax role comes with specific privileges essential for the secure and efficient functioning of the protocol:
DEFAULT_ADMIN_ROLE→ Master permissions: market creation, proxy upgrades, whitelisting, and system-wide ownership.CONFIGURATOR_ROLE→ Parameter tuning: market and order configurations, Gearing Token updates.PAUSER_ROLE→ Emergency on/off switch for paused contracts.VAULT_ROLE→ Specialized vault governance: guardian, curator, timelocks, and market management within the vault.
By segregating capabilities in this manner, the protocol upholds the principle of least privilege and fosters a more secure, decentralized environment.
Last updated