Security management policy

Developers > Best Yield > Security management policy

Best Yield vaults
IdleTokenV4, the factory contract for the Best Yield strategy is an upgradable contract that uses OpenZeppelin upgradability pattern. Its upgradability is owned by the Timelock contract, which is controlled by IDLE token holders (as described in the governance process section).
Each Best Yield strategy consists of a proxy that points to a shared implementation of IdleTokenV4 contracts. The implementation for each strategy can be upgraded through a shared Proxy Admin which is 0x7740792812A00510b50022D84e5c4AC390e01417.
The owner of the Proxy Admin and of Best Yield strategy's proxy is the Timelock contract which is owned by the GovernorBravo, controlled by IDLE holders.
There are a few administrative privileges that the Timelock have besides the ability to upgrade IdleTokenV4 implementation logic:
It can change Idle wrappers (IdleCompound, IdleAave, ...) and associated assets supported for lending protocols;
It can add and or remove governance tokens supported for distribution;
fee and feeAddresscan be updated. 
The fee is capped and can be at most 10% of the interest earned currently;
It can set maxUnlentPerc, i.e. a percentage of unlent funds used for cheap redemption (currently 1% of all deposited assets).
Additional functions
As part of the Security Management policy, there are 2 more functions with different privileges on the IdleToken contract
Pause Guardian
Rebalancer
mintIdleToken and rebalance can be paused during emergency situations, while redeemIdleToken and redeemInterestBearingTokens will always be available.
Product
Guardian
Senior BY vaults
​Idle Labs multisig and Hypernative pauser multisig
Junior BY vaults
​Treasury League multisig, Development League multisig and Hypernative pauser multisig
where 
Idle Labs multisig has a 2/4 threshold 0xaDa343Cb6820F4f5001749892f6CAA9920129F2A​
Treasury League multisig has a 3/6 threshold
0xFb3bD022D5DAcF95eE28a6B07825D4Ff9C5b3814​
Development League multisig has a 3/6 threshold
0xe8eA8bAE250028a8709A3841E0Ae1a44820d677b​
Hypernative pauser multisig has a 2/5 threshold
0xBaeCba470C229984b75BC860EFe8e97AE082Bb9f​
The guardian can be changed at any time by the governance with a proposal.
The address designated to submit new allocations is currently set to 0xB3C8e5534F0063545CBbb7Ce86854Bf42dB8872B. 
The Rebalancer can be changed at any time by the governance with a proposal.
For the Best Yield vaults, there is also the openRebalance available that allows anyone to submit new allocations, currently disabled for security reasons.

Product	Guardian
Senior BY vaults	Idle Labs multisig and Hypernative pauser multisig
Junior BY vaults	Treasury League multisig, Development League multisig and Hypernative pauser multisig

Edge cases

Get integrated as yield source

Last modified 29d ago