Security Management Policy
All admin privileges are controlled by $IDLE governance, specifically the owner of all IdleTokens deployed is the Timelock contact.
IdleTokenV4 is an upgradable contract and uses OpenZeppelin upgradability pattern. Each IdleToken consists of a proxy that points to a shared implementation of IdleTokenV4 contract. The implementation for each token can be upgraded through a shared Proxy Admin which is 0x7740792812A00510b50022D84e5c4AC390e01417 . The owner of the Proxy Admin and of all IdleToken proxies is the Timelock contract which is in turn owned by the GovernorAlpha which is controlled by the IDLE holders.
There are a few administrative privileges that the Timelock have besides the ability to upgrade IdleTokenV4 implementation logic:
  • It can change Idle wrappers (IdleCompound, IdleFulcrum, ...) and associated assets supported for lending protocols
  • It can add and or remove governance tokens supported for distribution
  • fee and feeAddresscan be updated. Fee is capped and can be at most 10% of the interest earned currently
  • It can set maxUnlentPerc ie a percentage of unlent funds used to for cheap redeem (currently 1% of all deposited assets)
As part of the Security Management Policy, there are 2 more roles with different privileges over the IdleToken contract:
Pause guardian: mintIdleToken and rebalance can be paused during emergency situations but redeemIdleToken and redeemInterestBearingTokens are always available. The pause guardian is currently the Idle Labs Inc. with a 2-of-4 multisig 0xaDa343Cb6820F4f5001749892f6CAA9920129F2A. The guardian can be changed at any time by the governance with a proposal.
Rebalancer: the address designated to submit new allocations, currently set to 0xB3C8e5534F0063545CBbb7Ce86854Bf42dB8872B. The rebalancer can be changed at any time by the governance with a proposal (For the Best Yield strategy there is also the openRebalance available that allows anyone to submit new allocations).
Last modified 6d ago
Copy link