Privileged Roles Management
The yBridge contract is structured with various permissions, each of which grants access to specific contract functions. This hierarchical distribution of permissions ensures security and facilitates controlled access to the contract's functionalities.
Owner
Manager
Staff
Swapper
YPool_Worker
Liquidity_Worker
Settlement_Worker
The private keys of different addresses are protected separately using the cold wallet and Google Cloud KMS (Cloud Key Management Service) through asymmetric signing.
The HSM architecture of Cloud KMS ensures that the key can't be unwrapped or used outside of an HSM, can't be extracted from the HSM, and exists in its unwrapped state only within specified locations, preventing the risk of private key exposure. For further information on HSM, you can learn more here
Role | Description | Address |
Owner | Manages all permissions and can also add or remove addresses of different roles. |
|
Manager | Configure important parameters within the contract. |
|
Staff | Configure secondary parameters within the contract. |
|
Swapper | Restrict the interaction partners of the contract to only the yBridge contract address. | the contract addresses of yBridge on various chains |
Swap Worker | Execute destination chain swap |
|
Liquidity Worker | Execute deposit/withdrawal on the Y Pool Vault. |
|
Settlement Worker | Synchronize peripheral chain information on the settlement chain and perform vault settlement. |
|
Last updated