Themis V2 developer docs
Home
Launch App

ACLManager

ACLManager

Access Control List Manager is the main registry of system roles and permissions. ACLManager allows a Role Admin to manage roles. Role Admin is itself a role that is managed by the DEFAULT_ADMIN_ROLE.

DEFAULT_ADMIN_ROLE is held by the*ACLAdmin,*which is initialized in PoolAddressesProvider .

On Ethereum chain PoolAddressesProvider , is owned by Aave Governance. In networks other than Ethereum, either theCrosschain Governance BridgesorCommunity Multisigsare used to manage the PoolAddressesProvider .

Roles

Below we outline the powers/responsibilities of the roles and the specific methods that are only accessible to the holders of these roles.

RoleResponsibilities / PowersMethods Accessible

FLASH_BORROWER

Flash loan premium is waived for the holders of this role. ⛔ Does not include flashLoanSimple

flashLoan

BRIDGE

Can leverage the Portal feature

mintUnbacked backUnbacked

ASSET_LISTING_ADMIN

Can update

  • asset oracle sources

  • fallback oracle

  • add new assets to the Aave market

  • setAssetSources

  • setFallbackOracle

  • initReserves

RISK_ADMIN

Can update

  • grace period of Oracle Sentinels

  • reserve params

  • unbacked mint cap

  • liquidation protocol fee

  • existing eMode categories and create new. (not category 0)

  • add/remove asset in silo mode

  • setGracePeriod

  • setReserveBorrowing

  • configureReserveAsCollateral

  • setReserveStableRateBorrowing

  • setReserveFreeze

  • setBorrowableInIsolation

  • setReserveFactor

  • setDebtCeiling

  • setBorrowCap

  • setSupplyCap

  • setLiquidationProtocolFee

  • setEModeCategory

  • setAssetEModeCategory

  • setUnbackedMintCap

  • setReserveInterestRateStrategyAddress

  • setSiloedBorrowing

ACL_ADMIN

Manage the role admins in the ACLManager

  • setRoleAdmin

  • addPoolAdmin

  • removePoolAdmin

  • addEmergencyAdmin

  • removeEmergencyAdmin

  • addRiskAdmin

  • removeRiskAdmin

  • addFlashBorrower

  • removeFlashBorrower

  • addBridge

  • removeBridge

  • addAssetListingAdmin

  • removeAssetListingAdmin

EMERGENCY_ADMIN

Can pause/unpause the pool or individual reserve

setPoolPause

POOL_ADMIN

Can

  • update token implementations

  • drop reserves

  • pause/unpause reserves

  • activate/deactivate reserves

  • update premiums

  • do all the things available to RISK_ADMIN & ASSET_LISTING_ADMIN

  • all methods available to RISK_ADMIN

  • all methods available to ASSET_LISTING_ADMIN

  • dropReserve

  • updateAToken

  • updateStableDebtToken

  • updateVariableDebtToken

  • setReserveActive

  • updateBridgeProtocolFee

  • updateFlashloanPremiumTotal

  • updateFlashloanPremiumToProtocol

View Methods

isPoolAdmin

function isPoolAdmin(address admin)o

Returns true if the address has POOL_ADMIN role.

isEmergencyAdmin

function isEmergencyAdmin(address admin)

Returns true if the address has EMERGENCY_ADMIN role.

isRiskAdmin

function isRiskAdmin(address admin)

Returns true if the address has RISK_ADMIN role.

isFlashBorrower

function isFlashBorrower(address borrower)

Returns true if the address has FLASH_BORROWER role.

isBridge

function isBridge(address bridge)

Returns true if the address has BRIDGE role.

isAssetListingAdmin

function isAssetListingAdmin(address admin)

Returns true if the address has ASSET_LISTING_ADMIN role.

Write Methods

setRoleAdmin

setRoleAdmin(bytes32 role, bytes32 adminRole)

setRoleAdmin(bytes32 role, bytes32 adminRole)

Setup admin to manage Roles.

This method can only be called by address with DEFAULT_ADMIN_ROLE .

Call Params

NameTypeDescription

role

bytes32

keccak256 hash of one of the following:

  • POOL_ADMIN

  • EMERGENCY_ADMIN

  • RISK_ADMIN

  • FLASH_BORROWER

  • BRIDGE

  • ASSET_LISTING_ADMIN

adminRole

bytes32

adminRole responsible for role. 0x00 is reserved for DEFAULT_ADMIN_ROLE

addPoolAdmin

addPoolAdmin(address admin)

Add address to the list of members in POOL_ADMIN role. Holders of this role can update token implementations, drop, (un) pause and (de)activate reserves, update premiums and do everything the ASSET_LISTING_ADMIN and RISK_ADMIN can do.

Can be called only byRole Admin, specified byAave Governance, responsible for managing POOL_ADMIN role.

Call Params

NameTypeDescription

admin

address

address which will be granted POOL_ADMIN role.

removePoolAdmin

removePoolAdmin(address admin)

Remove given address from the list of members in POOL_ADMIN role.

Can be called only byRole Admin, specified byAave Governance, responsible for managing POOL_ADMIN role.

Call Params

NameTypeDescription

admin

address

address for which POOL_ADMIN role permissions must be revoked.

addEmergencyAdmin

addEmergencyAdmin(address admin)

Add address to the list of members in EMERGENCY_ADMIN role. Holders of this role can pause and unpause the pool or an individual reserve.

Can be called only byRole Admin, specified byAave Governance, responsible for managing EMERGENCY_ADMIN role.

NameTypeDescription

admin

address

address which will be granted EMERGENCY_ADMIN role.

removeEmergencyAdmin

function removeEmergencyAdmin(address admin)

Remove given address from the list of members in EMERGENCY_ADMIN role.

Can be called only byRole Admin, specified byAave Governance, responsible for managing EMERGENCY_ADMIN role.

NameTypeDescription

admin

address

address for which EMERGENCY_ADMIN role permissions must be revoked.

addRiskAdmin

function addRiskAdmin(address admin)

Add address to the list of members in RISK_ADMIN role. Holders of this role can update grace period of Oracle Sentinels, reserve params, unbacked mint cap,liquidation fee and eMode categories.

NameTypeDescription

admin

address

address which will be granted RISK_ADMIN role.

removeRiskAdmin

Remove given address from the list of members in RISK_ADMIN role.

NameTypeDescription

admin

address

address for which RISK_ADMIN role permissions must be revoked.

addFlashBorrower

function addFlashBorrower(address borrower)

Add address to the list of members in FLASH_BORROWER role. Holders of this role do not pay premium for flash loan (Does not apply to flashLonaSimple).

removeFlashBorrower

function removeFlashBorrower(address borrower)

Remove given address from the list of members in FLASH_BORROWER role.

NameTypeDescription

admin

address

address for which FLASH_BORROWER role permissions must be revoked.

addBridge

addBridge(address bridge)

Add contract address to the list ofbridges. Holders of this role can leverage the Portal feature to seamlessly move supplied assets across Aave V3 markets on different networks.

Can be called only byRole Admin, specified byAave Governance, responsible for managing BRIDGE role.

NameTypeDescription

bridge

address

address which will be granted BRIDGE role.

removeBridge

removeBridge(address bridge)

Remove contract address from the list of bridges.

Can be called only byRole Admin, specified byAave Governance, responsible for managing BRIDGE role.

NameTypeDescription

bridge

address

address for which BRIDGE role permissions must be revoked.

addAssetListingAdmin

function addAssetListingAdmin(address admin)

Add address to the list of member in ASSET_LISTING_ADMIN role. Holder of this role can update oracles & add new asset to the Aave market. ``

NameTypeDescription

admin

address

address which will be granted ASSET_LISTING_ADMIN role.

removeAssetListingAdmin

function removeAssetListingAdmin(address admin)

Remove address from the list of members in ASSET_LISTING_ADMIN role.

NameTypeDescription

admin

address

address for which ASSET_LISTING_ADMIN role permissions must be revoked.

PreviousContracts OverviewNextM0ProtocolDataProvider

Last updated