ACL Manager
The ACLManager contract is the central registry of roles and permissions within the Soul Protocol. Inspired by Aave v3’s implementation and based on OpenZeppelin's AccessControl framework, it provides a modular, flexible permission system across the entire protocol.
The ACLManager ensures only authorized addresses can perform privileged actions such as pausing the protocol, modifying configurations, or adjusting risk parameters. It supports dynamic role assignment, granular permissions, and upgradeability logic.
All protocol components (e.g. Router, Controller, PriceOracle, etc.) check against this ACLManager to validate access before executing sensitive actions.
Role System Overview
Each role in the system has an associated adminRole, which controls who can assign or revoke that role. By default, every role is administered by DEFAULT_ADMIN_ROLE, which is initially held by the contract’s owner.
The owner has full authority over all roles, including changing role admins. Only the owner can upgrade or initialize the contract.
Roles and Responsibilities
CONFIG_ADMIN_ROLE
- Can configure protocol parameters across chains.
- Responsible for:
- Supporting new chains
- Listing money markets
- Managing default and fallback messaging providers
RISK_ADMIN_ROLE
- Manages all risk-related protocol parameters:
- Collateral factors
- Liquidation thresholds and incentives
- Market caps
- Can also interact with messaging provider-specific risk mechanisms (e.g., vetoing cross-chain messages).
EMERGENCY_ADMIN_ROLE
- Handles pausing logic via a two-tier system:
SOFT_PAUSED: disables supply, add collateral, and borrowHARD_PAUSED: disables all actions except liquidation finalization
- Can pause the entire protocol, individual money markets, or specific messaging providers