Ensuro Docs
  • Introduction
    • General Questions
    • Risk Management
  • Liquidity Providers
    • FAQ - Liquidity Providers
    • Onboarding process
  • Risk Partners
    • FAQ - Risk Partners
    • Onboarding process
    • Flow
  • Deployments
  • Audits
  • Smart Contracts
    • Architecture
    • Roles and permissions
    • Governance
    • Policy Lifecycle
    • Policies
    • Liquidity pools
    • Premiums Accounts
    • Reserves
    • Asset Management
    • Contracts
      • PolicyPool
      • EToken
      • RiskModule
        • TrustfulRiskModule
        • SignedQuoteRiskModule
        • SignedBucketRiskModule
        • FlightDelayRiskModule
        • PriceRiskModule
      • PremiumsAccount
      • AccessManager
      • IAssetManager
        • LiquidityThresholdAssetManager
        • ERC4626AssetManager
        • AAVEv3AssetManager
      • ILPWhitelist
        • LPManualWhitelist
      • Extensions
        • ERC4626CashFlowLender
        • ETokensBundleVault
        • MultiStrategyERC4626
  • Offchain APIs
    • Introduction
    • Callback notifications
    • API Reference
      • Pricing API
      • Offchain API
  • Frontend
    • Security and Monitoring
  • Legal & Compliance
    • Trust & Security in Ensuro's Ecosystem
  • Ensuro Risk Disclosures
  • Fees & Charges
  • Specific Responsibilities and Expectations of Retail Investors
  • Confirmation of Acceptance of Participation Agreement and Token Holder Terms & Conditions
  • Ensuro Terms of Service
  • Restricted Jurisdictions
  • Participation Agreement for Token Holders
  • Ensuro Anti-Money Laundering & Anti-Terrorism Financing Policy Statement
  • Privacy Policy
  • Ensuro Data Protection Policy
  • Cybersecurity Guide for Ensuro Protocol Investors
  • Tax Guide for Ensuro Protocol Investors
Powered by GitBook
On this page
  • Common Roles
  • Component roles
  • Common Operations
  • Upgrade
  • Pause / Unpause
  1. Smart Contracts

Roles and permissions

PreviousArchitectureNextGovernance

Last updated 1 year ago

The protocol uses mechanism. The roles and delegations are managed by the smart contract.

In some operations, both global roles and component roles are accepted. are special roles that are restricted to a specific component (eToken, RiskModule, or PremiumsAccount).

Common Roles

These roles are defined at the protocol level and are used across its components. They form the core of the access control structure.

Role
Description
Methods accessible

LEVEL1_ROLE

High impact changes like upgrades or other critical operations.

LEVEL2_ROLE

Mid-impact changes like changing some parameters.

-

LEVEL3_ROLE

Low-impact changes like changing some parameters up to given percentage (tweaks).

-

GUARDIAN_ROLE

For emergency operations oriented to protect the protocol in case of attacks or hacking.

DEFAULT_ADMIN_ROLE

  • grantRole: Grants a role to an account.

  • revokeRole: Revokes a role to an account.

  • grantComponentRole: Assigns the specified role to the specified account within the component identified by the address component.

  • setComponentRoleAdmin: Sets the component-role admin for a specific component or for any component within the contract.

Component roles

Besides the general use roles described above, each contract can have its own defined roles for specific operations. For components of the protocol these roles are called and a detailed description of each can be found in each contract's documentation:

Common Operations

Upgrade

Only users with the roles LEVEL1_ROLE or GUARDIAN_ROLE can execute upgrades. For global contracts such as PolicyPool and AccessManager, the role granted has to be global. For other components it can be a component role.

Pause / Unpause

Also, most of the contracts support pause() and unpause() operations. The behavior changes from one contract to the other, but in general, most of the critical operations are rejected when the contract is paused. Check the source code for more details.

Only users with the role GUARDIAN_ROLE can pause contracts. To resume (unpause) a contract, the transaction needs to be executed by a user with either GUARDIAN_ROLE or LEVEL1_ROLE.

: Pauses the smart contract.

: Upgrade to the smart contract implementation.

: Pauses the smart contract.

: Unpause the smart contract.

: Upgrade the smart contract implementation.

By default, it is the admin role for all roles, which means that only accounts with this role will be able to grant or revoke other roles. See for additional details.

Ensuro contracts are upgradeable, following the pattern and implemented based on .

UUPS
OpenZeppelin implementation
OpenZeppelin's documentation
unpause
upgrade
pause
unpause
upgrade
OpenZeppelin's AccessControl
AccesManager
SignedQuoteRiskModule
Component roles
Component Roles
AccessManager
EToken
PriceRiskModule
SignedBucketRiskModule
LPManualWhiteList
PremiumsAccount
TrustFullRiskModule
RiskModule