ACLManager
The Access Control List Manager (ACLManager) is the main registry of system roles and permissions.
The Aave Protocol implements an access control list to segregate powers and/or benefits that can be allocated to different entities on the protocol. The ACL_MANAGER contract is managed by the PoolAddressesProvider contract.
ACLManager keeps track of the individual roles and its holders, and allows a Role Admin to manage roles. Role Admin is itself a role that is managed by the DEFAULT_ADMIN_ROLE.
The DEFAULT_ADMIN_ROLE is held by the ACL_ADMIN, and should be initialized in the PoolAddressesProvider beforehand.
The source code is available on GitHub.
Roles
Below we outline the responsibilities/powers of the roles and the specific methods that are only accessible to the holders of these roles.
The FLASH_BORROWER and BRIDGE roles have few direct responsibilities and can primarily access specific features of the protocol, while ADMIN roles have the power and responsibility to handle risk or configuration parameters.
FLASH_BORROWER
Holders of this role will have the premium on flash loans waived (this does not include the simple flash loan).
Methods Accessible:
Pool:
BRIDGE
Holders can leverage the Portals feature.
Methods Accessible:
Pool:
ASSET_LISTING_ADMIN
Holders of this role can:
Update asset oracle sources and the fallback oracle.
Add new assets to the Aave market.
Methods Accessible:
RISK_ADMIN
Holders of this role can:
Update the grace period of Oracle Sentinels.
Update reserve parameters such as reserve factor, caps, E-Mode category, borrowing enabled, freeze/unfreeze, LTV, liquidation threshold, liquidation bonus (cannot pause/unpause or activate/deactivate a reserve).
Create new and update existing E-Mode categories (not category 0).
Update unbacked mint cap and liquidation protocol fee.
Methods Accessible:
setGracePeriod()
ACL_ADMIN
Holders of this role manage the role admins in the ACLManager. The DEFAULT_ADMIN_ROLE is held by the ACL_ADMIN, and should be initialized in the PoolAddressesProvider beforehand.
Methods Accessible:
EMERGENCY_ADMIN
Holders of this role can pause and unpause the pool or an individual reserve.
Methods Accessible:
POOL_ADMIN
Holders of this role can update token implementations, drop, (un)pause and (de)activate reserves, update premiums along with everything the ASSET_LISTING_ADMIN and RISK_ADMIN can do.
All deployers have resigned their POOL_ADMIN roles. All instances of the POOL_ADMIN role, across all V3 networks, are now governed by the [Guardians multisig] or by the Governance Bridge executors.
Methods Accessible:
All methods accessible to ASSET_LISTING_ADMIN.
All methods accessible to RISK_ADMIN.
Pool:
Write Methods
setRoleAdmin
function setRoleAdmin(bytes32 role, bytes32 adminRole) external override onlyRole(DEFAULT_ADMIN_ROLE)
Sets the role as admin of a specific role. By default, the adminRole for all roles is DEFAULT_ADMIN_ROLE.
This method can only be called by an address with DEFAULT_ADMIN_ROLE.
Input Parameters:
Name | Type | Description | |
---|---|---|---|
role | bytes32 | The role to be managed by the admin role - keccak256 hash of one of the following: POOL_ADMIN, EMERGENCY_ADMIN, RISK_ADMIN, FLASH_BORROWER, BRIDGE, ASSET_LISTING_ADMIN | |
adminRole | bytes32 | The admin role. 0x00 is reserved for the DEFAULT_ADMIN_ROLE |
addPoolAdmin
function addPoolAdmin(address admin) external override
Adds a new admin as Pool Admin. The address is added to the list of members with the POOL_ADMIN role. Holders of this role can update token implementations, drop, (un)pause and (de)activate reserves, update premiums and do everything the ASSET_LISTING_ADMIN and RISK_ADMIN can do.
This method can only be called by the Role Admin, specified by Aave Governance, responsible for managing the POOL_ADMIN role.
Input Parameters:
Name | Type | Description | |
---|---|---|---|
admin | address | The address which will be granted the POOL_ADMIN role |
removePoolAdmin
function removePoolAdmin(address admin) external override
Removes an admin as Pool Admin. The given address is removed from the list of members with the POOL_ADMIN role.
This method can only be called by the Role Admin, specified by Aave Governance, responsible for managing the POOL_ADMIN role.
Input Parameters:
Name | Type | Description | |
---|---|---|---|
admin | address | The address for which the POOL_ADMIN role permissions will be removed |
addEmergencyAdmin
function addEmergencyAdmin(address admin) external override
Adds a new admin as an Emergency Admin. The address is added to the list of members with the EMERGENCY_ADMIN role. Holders of this role can pause and unpause the pool or an individual reserve.
This method can only be called by the Role Admin, specified by Aave Governance, responsible for managing the EMERGENCY_ADMIN role.
Input Parameters:
Name | Type | Description | |
---|---|---|---|
admin | address | The address which will be granted the EMERGENCY_ADMIN role |
removeEmergencyAdmin
function removeEmergencyAdmin(address admin) external override
Removes an admin as Emergency Admin. The given address is removed from the list of members with the EMERGENCY_ADMIN role.
This method can only be called by the Role Admin, specified by Aave Governance, responsible for managing the EMERGENCY_ADMIN role.
Input Parameters:
Name | Type | Description | |
---|---|---|---|
admin | address | The address for which the EMERGENCY_ADMIN role permissions will be removed |
addRiskAdmin
function addRiskAdmin(address admin) external override
Adds a new admin as a Risk Admin. The address is added to the list of members with the RISK_ADMIN role. Holders of this role can update grace period of Oracle Sentinels, reserve params, unbacked mint cap, liquidation fee and eMode categories.
Input Parameters:
Name | Type | Description | |
---|---|---|---|
admin | address | The address which will be granted the RISK_ADMIN role |
removeRiskAdmin
function removeRiskAdmin(address admin) external override
Removes an admin as Risk Admin. The given address is removed from the list of members with the RISK_ADMIN role.
Input Parameters:
Name | Type | Description | |
---|---|---|---|
admin | address | The address for which the RISK_ADMIN role permissions will be removed |
addFlashBorrower
function addFlashBorrower(address borrower) external override
Adds a new borrower address as Flash Borrower. The address is added to the list of members with the FLASH_BORROWER role. Holders of this role do not pay premium for flash loan (does not apply to flashLoanSimple).
Input Parameters:
Name | Type | Description | |
---|---|---|---|
borrower | address | The address which will be granted the FLASH_BORROWER role |
removeFlashBorrower
function removeFlashBorrower(address borrower) external override
Removes an admin as Flash Borrower. The given borrower address is removed from the list of members with the FLASH_BORROWER role.
Input Parameters:
Name | Type | Description | |
---|---|---|---|
borrower | address | The address for which the FLASH_BORROWER role permissions will be removed |
addBridge
function addBridge(address bridge) external override
Adds a new address as BRIDGE. The contract address is added to the list of bridges. Holders of this role can leverage the Portals feature to seamlessly move supplied assets across Aave V3 markets on different networks.
This method can only be called by the Role Admin, specified by Aave Governance, responsible for managing the BRIDGE role.
Input Parameters:
Name | Type | Description | |
---|---|---|---|
bridge | address | The address which will be granted BRIDGE role |
removeBridge
function removeBridge(address bridge) external override
Removes an address as BRIDGE. The given contract address is removed from the list of bridges.
This method can only be called by the Role Admin, specified by Aave Governance, responsible for managing BRIDGE role.
Input Parameters:
Name | Type | Description | |
---|---|---|---|
bridge | address | The address for which BRIDGE role permissions will be removed |
addAssetListingAdmin
function addAssetListingAdmin(address admin) external override
Adds a new admin as Asset Listing Admin. The address is added to the list of members with the ASSET_LISTING_ADMIN role. Holder of this role can update oracles and add new assets to the Aave market.
Input Parameters:
Name | Type | Description | |
---|---|---|---|
admin | address | The address which will be granted ASSET_LISTING_ADMIN role |
removeAssetListingAdmin
function removeAssetListingAdmin(address admin) external override
Removes an admin as Asset Listing Admin. The given address is removed from the list of members with the ASSET_LISTING_ADMIN role.
Input Parameters:
Name | Type | Description | |
---|---|---|---|
admin | address | The address for which ASSET_LISTING_ADMIN role permissions will be removed |
View Methods
isPoolAdmin
function isPoolAdmin(address admin) external view override returns (bool)
Returns true if the address has the POOL_ADMIN role, false otherwise.
Input Parameters:
Name | Type | Description | |
---|---|---|---|
admin | address | The address to check |
Return Values:
Type | Description | |
---|---|---|
bool | true if the given address is POOL_ADMIN, false otherwise |
isEmergencyAdmin
function isEmergencyAdmin(address admin) external view override returns (bool)
Returns true if the address has the EMERGENCY_ADMIN role, false otherwise.
Input Parameters:
Name | Type | Description | |
---|---|---|---|
admin | address | The address to check |
Return Values:
Type | Description | |
---|---|---|
bool | true if the given address is EMERGENCY_ADMIN, false otherwise |
isRiskAdmin
function isRiskAdmin(address admin) external view override returns (bool)
Returns true if the address has the RISK_ADMIN role, false otherwise.
Input Parameters:
Name | Type | Description | |
---|---|---|---|
admin | address | The address to check |
Return Values:
Type | Description | |
---|---|---|
bool | true if the given address is RISK_ADMIN, false otherwise |
isFlashBorrower
function isFlashBorrower(address borrower) external view override returns (bool)
Returns true if the address has the FLASH_BORROWER role, false otherwise.
Input Parameters:
Name | Type | Description | |
---|---|---|---|
borrower | address | The address to check |
Return Values:
Type | Description | |
---|---|---|
bool | true if the given address is FLASH_BORROWER, false otherwise |
isBridge
function isBridge(address bridge) external view override returns (bool)
Returns true if the address has BRIDGE role, false otherwise.
Input Parameters:
Name | Type | Description | |
---|---|---|---|
bridge | address | The address to check |
Return Values:
Type | Description | |
---|---|---|
bool | true if the given address is BRIDGE, false otherwise |
isAssetListingAdmin
function isAssetListingAdmin(address admin) external view override returns (bool)
Returns true if the address has the ASSET_LISTING_ADMIN role, false otherwise.
Input Parameters:
Name | Type | Description | |
---|---|---|---|
admin | address | The address to check |
Return Values:
Type | Description | |
---|---|---|
bool | true if the given address is ASSET_LISTING_ADMIN, false otherwise |