Roles & Access Control

MORE Vaults distinguish permissions for allocating assets from last-resort authority through three distinct roles: Owner, Manager and Guardian. Any role can be held by an individual, multisig or DAO.

Role

Scope

On-chain enforcement

Owner

Top-level authority for irreversible actions such as setting a new Guardian or Manager or rotating the DiamondCutFacet.

onlyOwner modifier from AccessControlFacet validates the caller against a single storage slot shared by all facets.

Manager

Day-to-day strategy operations: submit/execute multicalls, adjust TVL caps, set slippage limits.

onlyManager check lives in AccessControlLib; the role can be delegated without touching ownership.

Guardian

Emergency veto of pending multicalls; can pause strategies or remove assets from the whitelist in critical events.

onlyGuardian guard plus a one-shot vetoActions path in MulticallFacet.

All roles are stored once in a fixed storage position; every facet reads the same struct, so permission drift is impossible across upgrades.

PreviousSecurity & Governance NextUpgrade Flow & Timelock

Last updated 1 month ago