Lybra V2 Technical Whitepaper
  • Overview
    • The Lybra V2 Smart Contracts
  • Core
    • eUSD
    • peUSD Token
    • LybraConfigurator
    • Pool
      • Overview
      • Base
        • LybraEUSDVaultBase
        • LybraPeUSDVaultBase
      • Derived Contracts
        • LybraStETHDepositVault
        • LybraWstETHVault
        • LybraWBETHVault
        • LybraRETHVault
  • Governance
    • Overview
    • Token
    • Timelock
    • Access
    • Process
      • Propose
      • Vote
      • Queue
      • Execute
      • Cancel
    • Example
    • API
    • Glossary
    • Miner
      • EUSDMiningIncentives
      • esLBRBoost
      • ProtocolRewardsPool
      • StakingRewardsV2
Powered by GitBook
On this page
  1. Governance

Access

PreviousTimelockNextProcess

Last updated 1 year ago

This directory provides ways to restrict who can access the functions of a contract or when they can do it.

Access Control

provides a general role based access control mechanism. Multiple hierarchical roles can be created and assigned each to multiple accounts.

Roles can be granted and revoked dynamically via the and functions. Each role has an associated admin role, and only accounts that have a role’s admin role can call and .

By default, the admin role for all roles is DEFAULT_ADMIN_ROLE, which means that only accounts with this role will be able to grant or revoke other roles. More complex role relationships can be created by using .

The DEFAULT_ADMIN_ROLE is also its own admin: it has permission to grant and revoke this role. Extra precautions should be taken to secure accounts that have been granted it. We recommend using to enforce additional security measures for this role.

OpenZeppelin Contracts provides for implementing role-based access control. Its usage is straightforward: for each role that you want to define, you will create a new role identifier that is used to grant, revoke, and check if an account has that role.

By default, the address that deployed the gets administration privileges over the timelock. This role grants the right to assign proposers, executors, and other administrators.

The first step in configuring the is to assign at least one proposer and one executor. These can be assigned during construction or later by anyone with the administrator role. These roles are not exclusive, meaning an account can have both roles.

Roles are managed using the interface and the bytes32 values for each role are accessible through the ADMIN_ROLE, PROPOSER_ROLE and EXECUTOR_ROLE constants.

There is an additional feature built on top of AccessControl: giving the executor role to address(0) opens access to anyone to execute a proposal once the timelock has expired. This feature, while useful, should be used with caution.

At this point, with both a proposer and an executor assigned, the timelock can perform operations.

An optional next step is for the deployer to renounce its administrative privileges and leave the timelock self-administered. If the deployer decides to do so, all further maintenance, including assigning new proposers/schedulers or changing the timelock duration will have to follow the timelock workflow. This links the governance of the timelock to the governance of contracts attached to the timelock, and enforce a delay on timelock maintenance operations.

grantRole
revokeRole
grantRole
revokeRole
_setRoleAdmin
AccessControlDefaultAdminRules
AccessControl
TimelockController
TimelockController
AccessControl