MORE
  • Introduction
  • MORE Vaults
    • Vaults Framework
      • Diamond Standard (EIP-2535)
      • Component Interactions
      • Upgrade & Governance Flow
    • Core Protocol Components
      • Factory
      • Core Facets
      • Registries
      • Internal Libraries
      • Accounting
    • Connectors
      • AMMs & DEXes
      • Staking
      • Lending
      • Leverage
      • Oracles
      • External Interfaces
      • Multicall
    • Security & Governance
      • Roles & Access Control
      • Upgrade Flow & Timelock
      • Configuration Guard Rails
      • Registries as Boundaries
      • Error & Event Catalogue
    • Developer Workflows
      • Deploying a New Vault
      • Extend with New Facets
      • Indexer Integration
    • Reference & Glossary
      • Event Index
      • Capabilities
      • Terms & Abbreviations
      • Contracts
  • MORE Markets
    • Markets Framework
      • Liquidity Protocol
      • Supply
      • Borrow
      • Repay
      • Withdraw
      • Liquidations
      • Flash Loans
      • Risks
    • Markets
      • Liquidity Pool
      • Reserve
      • Incentives
      • Oracles
    • Contracts
    • Build
  • Resources
    • Code, Licenses & Audits
    • Brand Assets
    • Incentives
  • Privacy Policy
  • Terms of Use
Powered by GitBook
On this page
  1. MORE Vaults
  2. Security & Governance

Roles & Access Control

MORE Vaults distinguish permissions for allocating assets from last-resort authority through three distinct roles: Owner, Manager and Guardian. Any role can be held by an individual, multisig or DAO.

Role
Scope
On-chain enforcement

Owner

Top-level authority for irreversible actions such as setting a new Guardian or Manager or rotating the DiamondCutFacet.

onlyOwner modifier from AccessControlFacet validates the caller against a single storage slot shared by all facets.

Manager

Day-to-day strategy operations: submit/exe­cute multicalls, adjust TVL caps, set slippage limits.

onlyManager check lives in AccessControlLib; the role can be delegated without touching ownership.

Guardian

Emergency veto of pending multicalls; can pause strategies or remove assets from the whitelist in critical events.

onlyGuardian guard plus a one-shot vetoActions path in MulticallFacet.

All roles are stored once in a fixed storage position; every facet reads the same struct, so permission drift is impossible across upgrades.

PreviousSecurity & GovernanceNextUpgrade Flow & Timelock

Last updated 1 month ago