TwitterDiscordGitHubMedium

Tetu EOA Protection

Tetu has a central governance contract - Controller under control of MultiSig Wallet with public signers.

However, for reducing EOA effect we implement different levels of access to our contracts.

Level 1 - Strict access

We have 48h time lock for any actions on this layer.

Protection logic implemented in a special contract - Announcer

Announcer contains scheduling for time-locked operations.

For each function announce call twice forbidden.

Function types under time-lock control:

  • Any contract address changes in Controller

  • Any ratio changes (currently Profit Sharing and Fund ratios)

  • Any token movements from contracts to MultiSig Wallet

  • TETU mint operation

  • Proxy contract upgrades

  • Strategy change for a vault

The only controller has access to this type of function and can call it only after the time-lock period.

Level 2 - Governance actions

On this layer, we will not use time-lock for the reason of not critical functionality or urgent actions.

Controller or Governance can call it immediately:

Bookkeeper

  • Remove vaults or strategies from the registered lists

Controller

  • Add/remove Reward Distributor addresses

  • Add/remove HardWorker addresses

  • Add/remove from Whitelist

  • Register Vault/Strategy

FeeRewardForwarder

  • Set conversation path for rewards

Strategy

  • Emergency exit from external project and pause investing

  • Continue investing

  • Move money from strategy to vault

  • Invest money from strategy to external project

MintHelper

Only MintHelper has access to our TETU token contract and this address is unchangeable.

  • Setup Dev Funds addresses and ratios for next mints

SmartVault

  • Change activity status

    Deactivated vault can't do HardWork and accept Deposits. Withdraw allowed.

  • Call DoHardWork

  • Add/Remove reward tokens

  • Rebalance vault (withdraw all from strategy to vault and invest again)

  • Withdraw all from strategy to Vault

LiquidityBalancer

  • Move tokens from LiquidityBalancer to Controller contract

  • Set target Price/TVL

  • Set Router

  • Set Targets' Update ratios

NotifyHelper

  • Disperse weekly emission

  • Move tokens from NotifyHelper to Controller

PayrollClerk

  • Add worker or change the worker wallet address

  • Change any worker settings except worked hours

  • Pay salary

  • Set Price Calculator address

  • Move tokens from PayrollClerk to Controller

PriceCalculator

  • Change any settings

Level 3 - HardWorkers and Reward distributors actions

Any actions allowed for HardWorker/Distributor also allowed for Controller and Governance

Allowed:

  • DoHardWork for HardWorker

  • Call LiquidityBalancer for HardWorker

  • Disperse rewards for vaults for Reward Distributor

PreviousSecurity OverviewNextMulti Sig

Last updated