The yBridge contract is structured with various permissions, each of which grants access to specific contract functions. This hierarchical distribution of permissions ensures security and facilitates controlled access to the contract's functionalities.

• Owner

• Manager

• Staff

• Swapper

• YPool_Worker

• Liquidity_Worker

• Settlement_Worker

The private keys of different addresses are protected separately using the cold wallet and Google Cloud KMS (Cloud Key Management Service) through asymmetric signing.

The HSM architecture of Cloud KMS ensures that the key can't be unwrapped or used outside of an HSM, can't be extracted from the HSM, and exists in its unwrapped state only within specified locations, preventing the risk of private key exposure. For further information on HSM, you can learn more here