Tetu EOA Protection

Tetu has a central governance contract - Controller under control of MultiSig Wallet with public signers.

However, for reducing EOA effect we implement different levels of access to our contracts.

Level 1 - Strict access

We have 48h time lock for any actions on this layer.

Protection logic implemented in a special contract - Announcer

Announcer contains scheduling for time-locked operations.

For each function announce call twice forbidden.

Function types under time-lock control:

• Any contract address changes in Controller

• Any ratio changes (currently Profit Sharing and Fund ratios)

• Any token movements from contracts to MultiSig Wallet

• TETU mint operation

• Proxy contract upgrades

• Strategy change for a vault

The only controller has access to this type of function and can call it only after the time-lock period.

Level 2 - Governance actions

On this layer, we will not use time-lock for the reason of not critical functionality or urgent actions.

Controller or Governance can call it immediately:

Bookkeeper

• Remove vaults or strategies from the registered lists

Controller

• Add/remove Reward Distributor addresses

• Add/remove HardWorker addresses

• Add/remove from Whitelist

• Register Vault/Strategy

FeeRewardForwarder

• Set conversation path for rewards

Strategy

• Emergency exit from external project and pause investing

• Continue investing

• Move money from strategy to vault

• Invest money from strategy to external project

MintHelper

Only MintHelper has access to our TETU token contract and this address is unchangeable.

• Setup Dev Funds addresses and ratios for next mints

SmartVault

• Change activity status

  Deactivated vault can't do HardWork and accept Deposits. Withdraw allowed.

• Call DoHardWork

• Add/Remove reward tokens

• Rebalance vault (withdraw all from strategy to vault and invest again)

• Withdraw all from strategy to Vault

LiquidityBalancer

• Move tokens from LiquidityBalancer to Controller contract

• Set target Price/TVL

• Set Router

• Set Targets' Update ratios

NotifyHelper

• Disperse weekly emission

• Move tokens from NotifyHelper to Controller

PayrollClerk

• Add worker or change the worker wallet address

• Change any worker settings except worked hours

• Pay salary

• Set Price Calculator address

• Move tokens from PayrollClerk to Controller

PriceCalculator

• Change any settings

Level 3 - HardWorkers and Reward distributors actions

Any actions allowed for HardWorker/Distributor also allowed for Controller and Governance

Allowed:

• DoHardWork for HardWorker

• Call LiquidityBalancer for HardWorker

• Disperse rewards for vaults for Reward Distributor