Roles & Permissions
Every Sommelier Cellar is a distributed effort, and multiple parties are needed to develop, deploy, and grow a successful cellar.
Users can use Cellars to earn yield on their deposits - the functionality available to all users follows the ERC4626 interface. Users of Cellars may:
- Deposit funds into a Cellar to earn yield, via the
deposit
andmint
functions - Withdraw deposits from Cellars, via the
withdraw
andredeem
functions - Transfer cellar shares to another address, via
transfer
andtransferFrom
functions
See the ERC4626 standard for the differences between
deposit/withdraw
and mint/redeem
.Strategists are the managers of a Cellar, who develop and execute the strategies that earn users yield. Strategists functionality is limited to the supported adaptors for each Cellar (see "Adaptors").
Each strategist can perform actions through their adaptors via the
callOnAdaptor
function. Strategists must craft their target adaptor calls, with associated calldata
, and submit them via the Sommelier chain. The Gravity Bridge then forwards the strategist's provided payload to the callOnAdaptor
function. For a more comprehensive description of all the ways strategists can use adaptors to create and execute on-chain strategies, see the "Adaptors" section.
In addition to adaptor calls, strategists can manage the ordering of their cellar's positions. This ordering informs withdrawal priority for a given Cellar - the first positions will be withdrawn from first. Positions can be managed using the following calls:
setHoldingPosition
addPosition
removePosition
swapPositions
Sommelier's governance body, governed by stakers of native $SOMM on the Sommelier Chain, is responsible for the security and configuration of both individual Cellars, as well as the entire Cellar infrastructure.
Within the context of a single cellar, governance has the following abilities:
- Configure fees and fee distribution via
setPlatformFees
,setStrategistPlatformCut
, andsetStrategistPayoutAddress
. Note that Cellars also set upper bounds on fee values in order to mitigate malicious governance updates. - Initiate and lift shutdowns of the Cellar in emergency scenarios, via
initiateShutdown
andliftShutdown
. - Set the amount of time cellar deposits are initially locked, via
setShareLockingPeriods
(see "Share Locking Periods" for more information). - Set the allowed rebalance deviation for a cellar during a batch of adaptor calls, via
setRebalanceDeviation
(see "Adaptors" for more information). - Set up new adaptors for a given cellar to enable new functionality, via
setupAdaptor
.
In addition to control operations on individual cellars, governance can update shared Cellar Infrastructure by:
- Adding new assets to the Price Router via
addAsset
(see "Price Router" for more information). - Change automation settings on the Price Router, via
setAutomationRegistry
,setGasFeed
,setGasConstant
, andsetMinDelta
. - Adding new slots to the Registry via
register
, or updating existing stored addresses (see "Registry" for more information). - Setting the address of the fee distribution mechanism on the Sommelier Chain, via
setFeesDistributor
. - Enabling cellars to use a newly deployed adaptor given certain risk parameters, via
trustAdaptor
. - Enabling cellars to use positions that interact with trusted adaptors given certain risk parameters, via
trustPosition
.
Some functions required for cellar operation are permissionless, and can be called by either any of the parties above, or automation services such as Keepers. Anybody can perform the following operations:
- Calling
sendFees
on an individual cellar, which takes any accrued strategist/platform fees and bridges them to the Sommelier Chain for distribution. - Calling
performUpkeep
on the Price Router, which will check if virtual price bounds are out of sync with current market prices and need to be updated.
Those reading the contracts will notice that within Solidity code, both Strategist and Governance functions are protected with
onlyOwner
and no further modification. All Cellar and Cellar infrastructure deployments are owned by the Gravity Bridge. Therefore, both strategists and governance cannot interact with the contract directly via the EVM - they must submit their updates to the Sommelier chain itself, which will forward them to the Gravity Bridge for execution on Ethereum mainnet. This forwarding process is where the delineation between "strategist permissions" and "governance permissions" takes place.