Vault Roles

Before deploying a vault, you’ll need to establish the following roles (each tied to an address):

• Vault Manager

  • Primary owner of the vault

  • Controls vault settings, role assignments, and upgrades (if enabled)

  • Recommendation: Use a multisig wallet

• Rebalance Manager

  • Allocates funds across strategies

  • Optimizes distribution for performance

  • Recommendation: Implement as an automated bot

• Fee Receiver

  • Collects strategy performance fees

  • Recommendation: Use a secure, dedicated wallet

• Emergency Manager

  • Handles emergency fund recovery

  • Can pause/unwind risky strategies

  • Recommendation: Automate for faster response

Roles

Roles are unique identifiers that assign specific responsibilities within the vault and are the only entities with privileges to perform critical actions. Each role is associated with an Address that represents the entity responsible for that function.

• Manager:

  • Responsible for managing the vault's strategies and operations.

  • Can change the Emergency Manager and Fee Receiver.

  • Can execute all the methods of the other roles.

  • Can upgrade the vault WASM code if the upgrade option was enabled on deploy.

• Emergency Manager:

  • Responsible for making critical decisions in emergency situations.

  • Can rescue funds in case of an emergency.

  • Can pause or unpause strategies.

• Rebalance Manager:

  • Responsible for making adjustments to asset allocation within the vault.

  • Can rebalance between strategies to optimize performance and minimize risk.

• Fee Receiver:

  • Receives fees generated by the vault.

  • Can distribute fees from the vault.

[!NOTE] In order to reduce risks and ensure the security of the vault, it is recommended to set a multisig address as the Manager role. This way, multiple parties must approve critical actions, enhancing security and accountability.

If you need more information about the roles, you can check the Roles section at the "getting started" page.