Roles & Permissions

Every Sommelier Cellar is a distributed effort, and multiple parties are needed to develop, deploy, and grow a successful cellar.


Users can use Cellars to earn yield on their deposits - the functionality available to all users follows the ERC4626 interface. Users of Cellars may:
  • Deposit funds into a Cellar to earn yield, via the deposit and mint functions
  • Withdraw deposits from Cellars, via the withdraw and redeem functions
  • Transfer cellar shares to another address, via transfer and transferFrom functions
See the ERC4626 standard for the differences between deposit/withdraw and mint/redeem.


Strategists are the managers of a Cellar, who develop and execute the strategies that earn users yield. Strategists functionality is limited to the supported adaptors for each Cellar (see "Adaptors").
Each strategist can perform actions through their adaptors via the callOnAdaptor function. Strategists must craft their target adaptor calls, with associated calldata, and submit them via the Sommelier chain. The Gravity Bridge then forwards the strategist's provided payload to the callOnAdaptor function.
For a more comprehensive description of all the ways strategists can use adaptors to create and execute on-chain strategies, see the "Adaptors" section.
In addition to adaptor calls, strategists can manage the ordering of their cellar's positions. This ordering informs withdrawal priority for a given Cellar - the first positions will be withdrawn from first. Positions can be managed using the following calls:
  • setHoldingPosition
  • addPosition
  • removePosition
  • swapPositions


Sommelier's governance body, governed by stakers of native $SOMM on the Sommelier Chain, is responsible for the security and configuration of both individual Cellars, as well as the entire Cellar infrastructure.
Within the context of a single cellar, governance has the following abilities:
  • Configure fees and fee distribution via setPlatformFees, setStrategistPlatformCut, and setStrategistPayoutAddress. Note that Cellars also set upper bounds on fee values in order to mitigate malicious governance updates.
  • Initiate and lift shutdowns of the Cellar in emergency scenarios, via initiateShutdown and liftShutdown.
  • Set the amount of time cellar deposits are initially locked, via setShareLockingPeriods (see "Share Locking Periods" for more information).
  • Set the allowed rebalance deviation for a cellar during a batch of adaptor calls, via setRebalanceDeviation (see "Adaptors" for more information).
  • Set up new adaptors for a given cellar to enable new functionality, via setupAdaptor.
In addition to control operations on individual cellars, governance can update shared Cellar Infrastructure by:
  • Adding new assets to the Price Router via addAsset (see "Price Router" for more information).
  • Change automation settings on the Price Router, via setAutomationRegistry, setGasFeed, setGasConstant, and setMinDelta.
  • Adding new slots to the Registry via register, or updating existing stored addresses (see "Registry" for more information).
  • Setting the address of the fee distribution mechanism on the Sommelier Chain, via setFeesDistributor.
  • Enabling cellars to use a newly deployed adaptor given certain risk parameters, via trustAdaptor.
  • Enabling cellars to use positions that interact with trusted adaptors given certain risk parameters, via trustPosition.


Some functions required for cellar operation are permissionless, and can be called by either any of the parties above, or automation services such as Keepers. Anybody can perform the following operations:
  • Calling sendFees on an individual cellar, which takes any accrued strategist/platform fees and bridges them to the Sommelier Chain for distribution.
  • Calling performUpkeep on the Price Router, which will check if virtual price bounds are out of sync with current market prices and need to be updated.

Use of `onlyOwner`

Those reading the contracts will notice that within Solidity code, both Strategist and Governance functions are protected with onlyOwner and no further modification. All Cellar and Cellar infrastructure deployments are owned by the Gravity Bridge. Therefore, both strategists and governance cannot interact with the contract directly via the EVM - they must submit their updates to the Sommelier chain itself, which will forward them to the Gravity Bridge for execution on Ethereum mainnet. This forwarding process is where the delineation between "strategist permissions" and "governance permissions" takes place.