Access Control
Comprehensive guide to the protocol's access control mechanisms and role-based permissions
The protocol implements a multi-layered access control system combining proxy ownership patterns with role-based access control.
Overview
BAE Lending Protocol uses a dual access control approach:
Proxy Ownership (Ownable Pattern) - Single owner control over all upgradeable proxy contracts
Role-Based Access Control (RBAC) - Granular permissions within individual contracts
Ownable Pattern - Single owner control contract
Global Proxy Control
Ownable Pattern for ProxyAdmin for All Upgradeable Contracts
Owner Responsibilities:
Contract upgrades and implementation changes
Transfer of ownership to new addresses or multi-signature wallets
Affected Contracts:
FeeDiscountManagerUpgradeableLiquidationDistributorUpgradeableAuctionWithBuyoutLoanLiquidatorUpgradeableAuctionLoanLiquidatorUpgradeableLoanManagerRegistryUpgradeableLoanManagerParameterSetterUpgradeableAddressManagerUpgradeable
Diamond Proxy Access Control
MultiSourceLoan (Diamond)
The main Diamond proxy contract implements the standard Diamond access control pattern through LibDiamond:
Owner Controls:
Adding, replacing, and removing facets
Diamond initialization and configuration
Emergency functions and protocol-wide settings
Access Pattern:
Single owner address controls all Diamond operations
Facet-specific access control managed within individual facets
Upgrade operations secured through Diamond standard mechanisms
Contract-Specific Access Control
MultiSourceLoan/ControlFacet
Access Control Type: Role-Based Access Control
Roles:
DEFAULT_ADMIN_ROLE
Description: Primary administrative role for protocol operations
Permissions:
Update liquidation contract address
Set flash action contract
Configure liquidation auction duration (3-7 days)
Set minimum lock period for loans
Manage callback contract whitelist (add/remove)
Update minimum APR improvement requirements
Stage protocol fee updates (with 30-day notice period)
Grant and revoke other roles
FeeDiscountManagerUpgradeable
Access Control Type: Role-Based Access Control (AccessControlUpgradeable)
Roles:
DEFAULT_ADMIN_ROLE
Description: Primary administrative role with full contract control
Assigned To: Contract deployer (initially), can be transferred
Permissions:
Set discount rates for NFT collections via
setCollectionsDiscountRate()Grant and revoke KEEPER_ROLE to other addresses
Manage all role assignments and permissions
Access to all administrative functions
KEEPER_ROLE
Description: Operational role for managing discount signatures and nonces
Role Identifier:
keccak256("KEEPER_ROLE")Permissions:
Sign discount vouchers using EIP-712 signatures
Increment nonce via
increaseNonce()to invalidate old signaturesCreate temporary discount authorizations for users
AuctionWithBuyoutLoanLiquidatorUpgradeable
Access Control Type: Ownable Pattern
Owner Controls:
Auction parameter configuration (duration, minimum bid increments, fee...)
AddressManagerUpgradeable
Access Control Type: Ownable Pattern
Owner Controls:
Management of whitelisted NFT collections
Approval and removal of supported ERC20 currencies
UserVault
Access Control Type: NONE
Without access control, independent functionality
Last updated