Security Setups

The PXL contracts' roles and permissions are highly configurable. Below describes the default setup for typical vault deployments. If there are unique requests around the security setup such as creating new roles with a different set of privileges, it can also be done via a custom deployment.

Concepts

Ownership

The owner of the vault has the following privileges.

  • Grant, or revoke roles from specified addresses.

  • Add or remove supported assets on the vault.

  • Perform upgrades on the vault's modules.

Roles

Roles
Privileges

OWNER

The owner can perform all privileged actions by default.

STRATEGIST

Able to perform an automated action on behalf of the vault.

EXCHANGE RATE

Able to update the on-chain NAV of the vault.

PAUSER

Able to pause deposits and withdraws on the vault in an incident response scenario.

Setup

The PXL Vault architecture allows for flexible roles permissions. However, it is critical to a safe operation that the roles are defined and delegated rigorously from the very beginning. The most important step is deciding the ownership model.

Method 1: PXL Multisig Ownership

  1. The ownership can be delegated fully to the PXL team's custodial multi-signature operations.

Method 2: Client Joint Multisig

  1. The ownership can be delegated to a joint multi-sig involving trusted parties' cold wallet with representation from multiple teams.

Method 3: Hybrid Model

  • The ownership of the vault can be held by a joint multi-sig or a client multisig.

  • The privileges required for the weekly operations can be delegated to a PXL multisig until the ownership is ready to be transferred back.

At any point, the ownership models can be changed, as long as it is initiated by the owner.

PreviousBridgeNextPhilosophy

Last updated