Access control
Volt Protocol has a role based access control, where each role grants a specific permission over a specific part of the protocol. The roles are assigned to three categories: Major
, Admin
and Minor
. They are documented in TribeRoles.
Major
roles are the most powerful across the protocol, Admin
have management capability over critical functionality and Minor
are operational roles.
Major roles
There are 6 major roles:
GOVERNOR
: Ultimate control over the Volt Protocol. Able to create new roles and access all protocol functionality.GUARDIAN
: Emergency safety role that is used to protect the protocol. Able to pause contracts and veto malicious proposals. Currently only the PCV Guardian smart contract has this role.PCV_CONTROLLER
: Allows the movement of PCV of any size from any contract to any address.MINTER
: Can mint Volt. Currently, not granted to any address.PCV_GUARD
: Can move PCV from all yield venues whitelisted in the PCV Guardian to the multisig. This functionality is only for use in maintenance operations or emergency situations.PCV_GUARD_ADMIN
: The PCVGuardAdmin contract gets the PCV_GUARD_ADMIN role, this allows both GOVERNOR and GUARDIAN to be able to call into the contract to revoke PCV_GUARD roles, when necessary.
How they work
Role creation is limited to the GOVERNOR
role. Created roles are stored in the storage of Core.sol
, and each created role is assigned an admin
over that role.
The admin
of a role is then able to grant and revoke that role from individual addresses. The API for creating, granting and revoking roles looks like:
core.createRole(keccak256("DUMMY_ROLE"), keccak256("GOVERN_ROLE"));
core.grantRole(keccak256("DUMMY_ROLE"), dummyAddress);
core.revokeRole(keccak256("DUMMY_ROLE"), dummyAddress);
This pattern is implemented using the AccessControlEnumerable.sol contract pattern from OpenZeppelin.