Spool Docs
Search…
Spool Docs
Welcome to Spool
What is Spool?
Fundamentals
Understanding a Yield Generator
Understanding a Spool
Key Features
Why Spool?
Middleware
Spool Fees
Economies of Scale
Guides
Depositing into a Spool
Choosing the right Spool
Withdrawing from a Spool
Staking SPOOL
Creating a Spool
Setting a Risk Appetite
Voting on SPOOL Emissions
Use Cases
For Yield Seekers
For Capital Aggregators
For Advanced DeFi Users
For DAOs
For SPOOL Holders
For Developers
For Yield Generators
For Business & Finance
For Analysts & Researchers
For DeFi Protocols
Technical Reference
Understanding the Protocol
Technical Documentation
Supported Yield Generators
Risk Score to Allocation
Supported Chains
Contract Addresses
Flow of Funds
Integration via the SDK
GitHub Repositories
Audits
SPOOL Token
Understanding the SPOOL Token
Token Utility
SPOOL Token Metrics
Economic Sustainabillity
Economic Benefits
Release Schedule
Acquiring SPOOL
SPOOL Emissions
Roadmap
Roadmap
Governance
Understanding the Spool DAO
Spool DAO Treasury
Participating in the DAO
SIPs
Creating a Proposal
Voting on a Proposal
Spool's Inception
First Contributors
Access Controls
voSPOOL
Understanding voSPOOL
voSPOOL Utility
voSPOOL Mechanics
Why voSPOOL?
voSPOOL Directed Emissions
Acquiring voSPOOL
voSPOOL Epochs
Spool Labs
Understanding Spool Labs
Genesis
Genesis Spools
Genesis Risk Model
FAQ
Frequently Asked Questions
Glossary
General Glossary
Spool Glossary
Learn More
Learn more
Links
Link to Spool.fi
Link to Discord
Link to Telegram
Link to Twitter
Link to Medium
Link Tree
Powered By GitBook
Access Controls

Spool Ownership

The Master Spool Owner (The Spool DAO) can change the Spool's owner, the Spool owner themselves can also transfer ownership.
The Master Spool owner is the Spool DAO, by design it can transfer Spool ownership to another address. There are multiple reasons for this. Most importantly to remove a bad actor as a Spool owner (e.g. a Spool owner could add vault incentive rewards that reverted, effectively bricking the Spool).

Code Access Controls

In order for the Spool Ecosystem to work there's a subset of roles and owners that can alter state and hold certain privileges. A list of these access controls is compiled below:

Role: spoolOwner (Spool DAO)

Who controls this role?
The Spool DAO Multisignature Wallet, which acts exclusively on the conclusion of Snapshot Votes.
Spool DAO Multisignature Wallet: 0x4e736b96920a0f305022CBaAea493Ce7e49Eee6C​
  • The on-chain execution of Snapshot votes will be implemented.
  • This is the most powerful role in the Spool Ecosystem and as such should be the most protected.
  • These actions are not called often.
  • spoolOwnerinherits permissions of vaultOwner.
Which actions can this role take?
  • Controller.sol
    • addStrategy: Add (new) Strategies (addresses) to the Spool Ecosystem
    • setEmergencyWithdrawer: Set the address(es) that can call the emergency withdraw function
    • setEmergencyRecipient: Set the address to which funds are sent to if emergencyWithdraw is called. If this is not set, it defaults to the emergencyWithdrawer
    • pause: Emergency pause of Spool
    • unPause: Unpause Spool after emergency pause
  • FeeHandler.sol
    • setEcosystemFee: Set the Ecosystem Fee charged on profits generated once a user withdraws funds from a Spool, this Ecosystem Fee is limited to 20%, hard coded
    • setTreasuryFee: Set the Treasury Fee charged on profits generated once a user withdraws funds from a Spool, this Treasury Fee is limited to 10%, hard coded
    • setEcosystemCollector: Set the address Ecosystem fees will be attributed to
    • setTreasuryCollector: Set the address Treasury Fees will be attributed to
  • RiskProviderRegistry.sol
    • addProvider: Add a Risk Model Provider (address) to the Risk Provider Registry that users can choose from when creating a Spool
    • removeProvider: Remove a Risk Provider(address) from the Risk Provider Registry
  • SpoolBase.sol (Part of Spool.sol)
    • setAllocationProvider: Set the address that can set the allocation of funds in relation to an individual Spool's chosen Risk Provider Scores and Risk Appetite scores
    • setDoHardWorker: Add a HardWorker(address) to the HardWorker whitelist
    • setForceOneTxDoHardWork: Set flag to force DoHardWork to be executed in a single transaction instead of multiple
    • setLogReallocationProportions: Exists solely for debugging purposes. When spool reallocates, a server will first simulate this call while setting this to true to get data to support underlying spool infrastructure.
    • setAwaitingEmergencyWithdraw: Failsafe function to assist with emergency withdraw functions
  • RewardDrip.sol (Part of Vault.sol)
    • updatePeriodFinish: Sets the ending time for incentive tokens
    • claimFinishedRewards: Send unclaimed reward tokens, when the incentive period has finished send unclaimed reward tokens to Spool DAO (address)
    • forceRemoveReward: Forcibly remove a reward in the case of a malicious reward token and add to blacklist
    • addToken: Add an incentive token to an existing Spool
    • notifyRewardAmount: Sets or increases reward token amount and duration
  • VaultBase.sol (Part of Vault.sol)
    • updateName: Update the user-given name of a user-created Spool (e.g. for profanity)
    • transferVaultOwner: Transfers ownership from the current user (address) of a user-created Spool to a new user (address). We are of the opinion this should never be used. However, it is a requirement for certain real world entities to participate in the Spool Ecosystem

Role: emergencyRecipient

Who controls this role?
Address set with setEmergencyRecipient. Can only be set by spoolOwner role.
Which actions can this role take?
  • Receives funds when removeStrategyAndWithdraw is called
  • Receives funds when emergencyWithdraw is called

Role: emergencyWithdrawer

Who controls this role?
Address set with setEmergencyWithdrawer. Can only be set by spoolOwner role. Currently a 3/15 multisignature wallet with signatures spread across various time zones.
Emergency Withdrawer Multisignature Wallet: 0x7f183806982b7875Bb722249Fe98FB79e36110E9​
Which actions can this role take?
  • Controller.sol
    • removeStrategyAndWithdraw: Combines the two below mentioned functions into a single call
    • removeStrategy: Blacklists a strategy from the Spool System
    • emergencyWithdraw: Removes all funds from the specified strategy and sends funds to Spool DAO Multisignature wallet
    • runDisableStrategy: Helper function for emergency withdraw edge cases

Role: AllocationProvider

Who controls this role?
Address set with setAllocationProvider. Can only be set by spoolOwner role. Currently a 3/5 multisignature wallet.
Allocation Provider Multisignature Wallet: 0x45a63Dac48c17A744ab51F583649C295E3641752​
Which actions can this role take?
  • SpoolReallocation.sol
    • reallocateVaults: Set allocation of funds in relation to an individual Spool's chosen Risk Provider Scores and Risk Appetite Setting

Role: VaultOwner

Who controls this role?
The creator/user (address) of one or multiple Spools.
Which actions can this role take?
  • RewardDrip.sol
    • addToken: Adds an incentive token to a user-owned Spool in order to reward users (addresses) that interact with said Spool
    • notifyRewardAmount: Sets or increases reward token amount and duration
    • removeReward: Allows a vault owner (address) to remove a previously added reward token they have added to incentivize users to interact with their Spool. Can only be called after the reward duration has finished
  • VaultBase.sol (Part of Vault.sol)
    • transferVaultOwner: Allows a vault (Spool) owner (address) to transfer ownership of their created vault to another address

Role: DoHardWorker

Who controls this role?
A whitelisted address tasked with executing predefined, expensive actions needed for the Spool Ecosystem to perform efficiently. Currently a 3/5 multisignature wallet.
DoHardWorker Multisignature Wallet: 0x8D650Be8c0c2F9aeB56392f439AB53f87D417cBd​
Which actions can this role take?
  • spoolDoHardWork.sol
    • batchDoHardWork:
      • Deposits pending deposits, after delta calculations, into selected strategies
      • Withdraws pending withdraws, after delta calculations, from selected strategies
      • Claims, swaps, and compounds external protocol/strategy reward tokens
    • batchDoHardWorkReallocation:
      • All of the actions in batchDoHardWork, plus:
        • Reallocates funds across strategies to fall in line with the amalgamated Spool allocations in relation to individual Spool selected Risk scores and Risk Appetite
Governance - Previous
First Contributors
Next - voSPOOL
Understanding voSPOOL
Last modified 19h ago
Copy link
Outline
Spool Ownership
Code Access Controls
Role: spoolOwner (Spool DAO)
Role: emergencyRecipient
Role: emergencyWithdrawer
Role: AllocationProvider
Role: VaultOwner
Role: DoHardWorker