Tinyman Docs
  • Tinyman V2 Overview
  • About Tinyman
  • Protocol Specification
    • Pool
      • Pool Creation
      • Adding Liquidity
      • Removing Liquidity
    • Swap
    • Fees
    • Flash Loan
    • Flash Swap
    • Additional Notes
  • FAQ
    • Migration FAQ
  • Fees
  • Permissioned Methods
    • Roles
    • Methods
    • Related Non-Permissioned Methods
  • Formulae
  • Disclaimer
  • Contracts
  • Audits & Security
  • Token and Governance
    • TINY Token Details
    • Governance Details
      • Overview
      • Governance Vault
      • Governance Rewards
      • Governance Process
      • TINY Farming
  • V2 Integration
    • Protocol Methods
      • Bootstrap
      • Add Initial Liquidity
      • Add Subsequent Liquidity
      • Remove Liquidity
      • Swap
      • Flash Loan
      • Flash Swap
    • State Data
    • Oracle Data
    • Calculating Quotes
    • Official SDKs
  • Swap Router
    • Transaction Specification
  • Swap Widget
    • Customization Preferences
    • How to export your Widget
  • Lending Pools
  • Trigger Orders & Recurring Orders
  • Liquid Staking
    • Liquid Staking
  • Tinyman V1
    • Overview
    • Tinyman AMM Basics
      • Creating Pools
      • Slippage & Excess
      • Farming
    • FAQ
    • Fees
    • Design Doc
    • Contracts
    • Tinyman Testnet
    • Disclaimer
    • Audits
    • Security
  • V1 Integration
    • Pool Lookup
    • Transaction Specifications
      • Bootstrap Pool
      • OptIn
      • Swap
      • Mint
      • Burn
      • Redeem
      • Create Validator App
      • Redeem Protocol Fees
    • Official SDKs
    • Community SDKs
  • Tinyman Presentations
  • Known Issues
    • 2021-11-12 - Pool overflow errors
Powered by GitBook
On this page
  • Fee Collector
  • Fee Setter
  • Fee Manager

Was this helpful?

  1. Permissioned Methods

Roles

The fee_manager, fee_setter and fee_collector are distinct roles in the protocol. Each of these are mutable.

Fee Collector

The fee_collector is expected to be a single signature account used by an off-chain system to actively manage the accumulated protocol fees and extras. There is a not insignificant chance that this account could become compromised so in order to protect future earnings of the protocol this account must be replaceable by a higher authority - the fee_manager.

Fee Setter

The fee_setter is expected to initially be a multisig account but over time it may transition to a system account for an automated process or a contract account governed by voting. To facilitate these changes of use and to protect against compromised keys the fee_setter is configurable only by the fee_manager.

Fee Manager

The fee_manager is expected to be a multisig account initially, and potentially a contract account governed by voting in the future. It is assumed that this account is never compromised. The protocol requires that the role can be transferred between accounts.

The fee_manager, fee_setter and fee_collector roles are all initialized to the creator address of the application. This is assumed to be a multisig.

These roles are global - they cannot be defined separately for different pools.

There are no other roles or management capabilities defined in the protocol. There is no capability to pause/lock/close/empty any pool and there is no capability to upgrade the application.

PreviousPermissioned MethodsNextMethods

Last updated 2 years ago

Was this helpful?