Access Control List Manager is the main registry of system roles and permissions. ACLManager allows a Role Admin to manage roles. Role Admin is itself a role that is managed by the DEFAULT_ADMIN_ROLE.
DEFAULT_ADMIN_ROLE is held by the*ACLAdmin,*which is initialized in PoolAddressesProvider .
On Ethereum chain PoolAddressesProvider , is owned by Aave Governance. In networks other than Ethereum, either theCrosschain Governance BridgesorCommunity Multisigsare used to manage the PoolAddressesProvider .
Below we outline the powers/responsibilities of the roles and the specific methods that are only accessible to the holders of these roles.
FLASH_BORROWER
Flash loan premium is waived for the holders of this role. â›” Does not include flashLoanSimple
flashLoan
BRIDGE
Can leverage the Portal feature
mintUnbacked backUnbacked
ASSET_LISTING_ADMIN
Can update
asset oracle sources
fallback oracle
add new assets to the Aave market
setAssetSources
setFallbackOracle
initReserves
RISK_ADMIN
Can update
grace period of Oracle Sentinels
reserve params
unbacked mint cap
liquidation protocol fee
existing eMode categories and create new. (not category 0)
add/remove asset in silo mode
setGracePeriod
setReserveBorrowing
configureReserveAsCollateral
setReserveStableRateBorrowing
setReserveFreeze
setBorrowableInIsolation
setReserveFactor
setDebtCeiling
setBorrowCap
setSupplyCap
setLiquidationProtocolFee
setEModeCategory
setAssetEModeCategory
setUnbackedMintCap
setReserveInterestRateStrategyAddress
setSiloedBorrowing
ACL_ADMIN
Manage the role admins in the ACLManager
setRoleAdmin
addPoolAdmin
removePoolAdmin
addEmergencyAdmin
removeEmergencyAdmin
addRiskAdmin
removeRiskAdmin
addFlashBorrower
removeFlashBorrower
addBridge
removeBridge
addAssetListingAdmin
removeAssetListingAdmin
EMERGENCY_ADMIN
Can pause/unpause the pool or individual reserve
setPoolPause
POOL_ADMIN
Can
update token implementations
drop reserves
pause/unpause reserves
activate/deactivate reserves
update premiums
do all the things available to RISK_ADMIN & ASSET_LISTING_ADMIN
all methods available to RISK_ADMIN
all methods available to ASSET_LISTING_ADMIN
dropReserve
updateAToken
updateStableDebtToken
updateVariableDebtToken
setReserveActive
updateBridgeProtocolFee
updateFlashloanPremiumTotal
updateFlashloanPremiumToProtocol
Returns true if the address has POOL_ADMIN role.
Returns true if the address has EMERGENCY_ADMIN role.
Returns true if the address has RISK_ADMIN role.
Returns true if the address has FLASH_BORROWER role.
Returns true if the address has BRIDGE role.
Returns true if the address has ASSET_LISTING_ADMIN role.
setRoleAdmin(bytes32 role, bytes32 adminRole)
Setup admin to manage Roles.
This method can only be called by address with DEFAULT_ADMIN_ROLE .
role
bytes32
keccak256 hash of one of the following:
POOL_ADMIN
EMERGENCY_ADMIN
RISK_ADMIN
FLASH_BORROWER
BRIDGE
ASSET_LISTING_ADMIN
adminRole
bytes32
adminRole responsible for role. 0x00 is reserved for DEFAULT_ADMIN_ROLE
Add address to the list of members in POOL_ADMIN role. Holders of this role can update token implementations, drop, (un) pause and (de)activate reserves, update premiums and do everything the ASSET_LISTING_ADMIN and RISK_ADMIN can do.
Can be called only byRole Admin, specified byAave Governance, responsible for managing POOL_ADMIN role.
admin
address
address which will be granted POOL_ADMIN role.
Remove given address from the list of members in POOL_ADMIN role.
Can be called only byRole Admin, specified byAave Governance, responsible for managing POOL_ADMIN role.
admin
address
address for which POOL_ADMIN role permissions must be revoked.
Add address to the list of members in EMERGENCY_ADMIN role. Holders of this role can pause and unpause the pool or an individual reserve.
Can be called only byRole Admin, specified byAave Governance, responsible for managing EMERGENCY_ADMIN role.
admin
address
address which will be granted EMERGENCY_ADMIN role.
Remove given address from the list of members in EMERGENCY_ADMIN role.
Can be called only byRole Admin, specified byAave Governance, responsible for managing EMERGENCY_ADMIN role.
admin
address
address for which EMERGENCY_ADMIN role permissions must be revoked.
Add address to the list of members in RISK_ADMIN role. Holders of this role can update grace period of Oracle Sentinels, reserve params, unbacked mint cap,liquidation fee and eMode categories.
admin
address
address which will be granted RISK_ADMIN role.
Remove given address from the list of members in RISK_ADMIN role.
admin
address
address for which RISK_ADMIN role permissions must be revoked.
Add address to the list of members in FLASH_BORROWER role. Holders of this role do not pay premium for flash loan (Does not apply to flashLonaSimple).
Remove given address from the list of members in FLASH_BORROWER role.
admin
address
address for which FLASH_BORROWER role permissions must be revoked.
Add contract address to the list ofbridges. Holders of this role can leverage the Portal feature to seamlessly move supplied assets across Aave V3 markets on different networks.
Can be called only byRole Admin, specified byAave Governance, responsible for managing BRIDGE role.
bridge
address
address which will be granted BRIDGE role.
Remove contract address from the list of bridges.
Can be called only byRole Admin, specified byAave Governance, responsible for managing BRIDGE role.
bridge
address
address for which BRIDGE role permissions must be revoked.
Add address to the list of member in ASSET_LISTING_ADMIN role. Holder of this role can update oracles & add new asset to the Aave market. ``
admin
address
address which will be granted ASSET_LISTING_ADMIN role.
Remove address from the list of members in ASSET_LISTING_ADMIN role.
admin
address
address for which ASSET_LISTING_ADMIN role permissions must be revoked.