Closed Schlagonia closed 1 year ago
This would mean ideally you would not want the following role combinations given to have the same address:
ADD_STRATEGY_MANAGER, MAX_DEBT_MANAGER and DEBT_MANAGER ACCOUNTANT_MANAGER and REPORTING_MANAGER REVOKE_STRATEGY_MANAGER and SWEEPER
If done that would mean any malicious actor would have to get control of at least two different addresses in order to be able to steal any funds.
One potential downside to this current setup is that to get a strategy added and funded now require 3 separate Roles instead of two.
This is the riskiest part of vault ownership, so is likely worth the extra steps.
Fixes # (issue)
added to https://github.com/yearn/yearn-vaults-v3/commit/8f1abb2dfb5d3f71cdb561049d5cb68644eff1ba
Schlagonia
commented
1 year ago Schlagonia
commented
1 year ago
Description
This would mean ideally you would not want the following role combinations given to have the same address:
ADD_STRATEGY_MANAGER, MAX_DEBT_MANAGER and DEBT_MANAGER ACCOUNTANT_MANAGER and REPORTING_MANAGER REVOKE_STRATEGY_MANAGER and SWEEPER
If done that would mean any malicious actor would have to get control of at least two different addresses in order to be able to steal any funds.
One potential downside to this current setup is that to get a strategy added and funded now require 3 separate Roles instead of two.
This is the riskiest part of vault ownership, so is likely worth the extra steps.
Fixes # (issue)
Checklist