# Tetu EOA Protection

Tetu has a central governance contract - Controller under control of MultiSig Wallet with public signers.

However, for reducing EOA effect we implement different levels of access to our contracts.

### Level 1 - Strict access  <a href="#level-1---strict-access" id="level-1---strict-access"></a>

We have 48h time lock for any actions on this layer.

Protection logic implemented in a special contract - **Announcer**

Announcer contains scheduling for time-locked operations.

For each function announce call twice forbidden.

Function types under time-lock control:

* Any contract address changes in Controller
* Any ratio changes (currently Profit Sharing and Fund ratios)
* Any token movements from contracts to MultiSig Wallet
* TETU mint operation
* Proxy contract upgrades
* Strategy change for a vault

The only controller has access to this type of function and can call it only after the time-lock period.

### Level 2 - Governance actions  <a href="#level-2---governance-actions" id="level-2---governance-actions"></a>

On this layer, we will not use time-lock for the reason of not critical functionality or urgent actions.

Controller or Governance can call it immediately:

#### Bookkeeper  <a href="#bookkeeper" id="bookkeeper"></a>

* Remove vaults or strategies from the registered lists

#### Controller  <a href="#controller" id="controller"></a>

* Add/remove Reward Distributor addresses
* Add/remove HardWorker addresses
* Add/remove from Whitelist
* Register Vault/Strategy

#### FeeRewardForwarder  <a href="#feerewardforwarder" id="feerewardforwarder"></a>

* Set conversation path for rewards

#### Strategy  <a href="#strategy" id="strategy"></a>

* Emergency exit from external project and pause investing
* Continue investing
* Move money from strategy to vault
* Invest money from strategy to external project

#### MintHelper  <a href="#minthelper" id="minthelper"></a>

Only MintHelper has access to our TETU token contract and this address is unchangeable.

* Setup Dev Funds addresses and ratios for next mints

#### SmartVault  <a href="#smartvault" id="smartvault"></a>

* Change activity status

  Deactivated vault can't do HardWork and accept Deposits. Withdraw allowed.
* Call DoHardWork
* Add/Remove reward tokens
* Rebalance vault (withdraw all from strategy to vault and invest again)
* Withdraw all from strategy to Vault

#### LiquidityBalancer  <a href="#liquiditybalancer" id="liquiditybalancer"></a>

* Move tokens from LiquidityBalancer to Controller contract
* Set target Price/TVL
* Set Router
* Set Targets' Update ratios

#### NotifyHelper  <a href="#notifyhelper" id="notifyhelper"></a>

* Disperse weekly emission
* Move tokens from NotifyHelper to Controller

#### PayrollClerk  <a href="#payrollclerk" id="payrollclerk"></a>

* Add worker or change the worker wallet address
* Change any worker settings except worked hours
* Pay salary
* Set Price Calculator address
* Move tokens from PayrollClerk to Controller

#### PriceCalculator  <a href="#pricecalculator" id="pricecalculator"></a>

* Change any settings

### Level 3 - HardWorkers and Reward distributors actions  <a href="#level-3---hardworkers-and-reward-distributors-actions" id="level-3---hardworkers-and-reward-distributors-actions"></a>

Any actions allowed for HardWorker/Distributor also allowed for Controller and Governance

Allowed:

* DoHardWork for HardWorker
* Call LiquidityBalancer for HardWorker
* Disperse rewards for vaults for Reward Distributor


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://docs.tetu.io/tetu-io/technical/security-overview/tetu-eoa-protection.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.