> ## Documentation Index > Fetch the complete documentation index at: https://docs.cove.finance/llms.txt > Use this file to discover all available pages before exploring further. # Access Controls > Access controls for Cove ## Entity–relationship model with roles Entity-relationship model ## Contracts The [community multisig](ecosystem/token/governance#community-multisig) controls `DEFAULT_ADMIN_ROLE` and `_TIMELOCK_ROLE` (via the [OpenZeppelin TimelockController contract](https://etherscan.io/address/0x705F82BB431fAdA1a0F11D7b77B3f0586c545CBc)). Other roles will be controlled by an ops multisig, EOAs for OpenZeppelin Defender keepers, and external strategists. ### BasketManager **Roles** | Role | Description | Privileges | Controlled By | | -------------------------- | --------------------------------------------------- | ------------------------------------------------------- | -------------------- | | `_MANAGER_ROLE` | Managers can create new baskets. | `createNewBasket`, `collectSwapFee` | `DEFAULT_ADMIN_ROLE` | | `_PAUSER_ROLE` | Can pause the contract. | `pause` | `DEFAULT_ADMIN_ROLE` | | `_REBALANCE_PROPOSER_ROLE` | Can propose a new rebalance. | `proposeRebalance` | `DEFAULT_ADMIN_ROLE` | | `_TOKENSWAP_PROPOSER_ROLE` | Can propose a new token swap. | `proposeTokenSwap` | `DEFAULT_ADMIN_ROLE` | | `_TOKENSWAP_EXECUTOR_ROLE` | Can execute a token swap. | `executeTokenSwap` | `DEFAULT_ADMIN_ROLE` | | `_TIMELOCK_ROLE` | Can set critical parameters like fees and adapters. | `setManagementFee`, `setSwapFee`, `setTokenSwapAdapter` | `_TIMELOCK_ROLE` | | `_BASKET_TOKEN_ROLE` | Role given to basket token contracts when created. | `proRataRedeem` | `DEFAULT_ADMIN_ROLE` | **Functions** | Function Name | Required Roles | Description | | --------------------- | -------------------------------------- | ---------------------------------------------------------------------------- | | `createNewBasket` | `_MANAGER_ROLE` | Creates a new basket token with the given parameters. | | `proposeRebalance` | `_REBALANCE_PROPOSER_ROLE` | Proposes a rebalance for the given baskets. | | `proposeTokenSwap` | `_TOKENSWAP_PROPOSER_ROLE` | Proposes internal and external trades for rebalancing baskets. | | `executeTokenSwap` | `_TOKENSWAP_EXECUTOR_ROLE` | Executes token swaps proposed in `proposeTokenSwap`. | | `setManagementFee` | `_TIMELOCK_ROLE` | Sets the management fee for a basket. | | `setSwapFee` | `_TIMELOCK_ROLE` | Sets the swap fee for the protocol. | | `setTokenSwapAdapter` | `_TIMELOCK_ROLE` | Sets the address of the TokenSwapAdapter contract. | | `pause` | `_PAUSER_ROLE` or `DEFAULT_ADMIN_ROLE` | Pauses the contract. | | `unpause` | `DEFAULT_ADMIN_ROLE` | Unpauses the contract. | | `collectSwapFee` | `_MANAGER_ROLE` | Claims the swap fee for a given asset and sends it to the protocol treasury. | **Notes** * The `_TIMELOCK_ROLE` is critical for setting parameters that affect the protocol's operation, such as fees and adapters. * `_BASKET_TOKEN_ROLE` is dynamically assigned to basket tokens during their creation, allowing them to call specific functions like `proRataRedeem`. ### BasketToken **Roles** | Role | Description | Privileges | Controlled By | | ----------------- | ------------------------------------------- | --------------------------------------------------------------------------------- | ------------- | | `_BASKET_MANAGER` | Role given to the associated BasketManager. | `fulfillDeposit`, `fulfillRedeem`, `fallbackRedeemTrigger`, `prepareForRebalance` | N/A | **Functions** | Function Name | Required Roles | Description | | ----------------------- | ----------------- | ---------------------------------------------------------- | | `fulfillDeposit` | `_BASKET_MANAGER` | Fulfills all pending deposit requests. | | `fulfillRedeem` | `_BASKET_MANAGER` | Fulfills all pending redeem requests. | | `fallbackRedeemTrigger` | `_BASKET_MANAGER` | Triggers fallback logic for failed redemption fulfillment. | | `prepareForRebalance` | `_BASKET_MANAGER` | Prepares the basket for rebalance by advancing the epoch. | **Notes** * The `_BASKET_MANAGER` role is only given to the BasketManager contract at the BasketToken creation, ensuring only the BasketManager contract can call critical functions during the rebalance cycle. * The contract uses a fallback mechanism for failed redemptions, which is triggered by the BasketManager. ### FeeCollector **Roles** | Role | Description | Privileges | Controlled By | | -------------------- | ----------------------------------------------- | ------------------------------------------------------ | -------------------- | | `DEFAULT_ADMIN_ROLE` | Admin role with full control over the contract. | `setProtocolTreasury`, `setSponsor`, `setSponsorSplit` | `DEFAULT_ADMIN_ROLE` | | `_BASKET_TOKEN_ROLE` | Role given to each BasketToken contract | `notifyHarvestFee` | `DEFAULT_ADMIN_ROLE` | **Functions** | Function Name | Required Roles | Description | | --------------------- | -------------------------------- | ---------------------------------------------------------------- | | `setProtocolTreasury` | `DEFAULT_ADMIN_ROLE` | Sets the protocol treasury address. | | `setSponsor` | `DEFAULT_ADMIN_ROLE` | Sets the sponsor for a given basket token. | | `setSponsorSplit` | `DEFAULT_ADMIN_ROLE` | Sets the sponsor fee split for a given basket token. | | `notifyHarvestFee` | `_BASKET_TOKEN_ROLE` | Notifies the FeeCollector of fees collected from a basket token. | | `claimSponsorFee` | `DEFAULT_ADMIN_ROLE` or Sponsor | Claims the sponsor fee for a given basket token. | | `claimTreasuryFee` | `DEFAULT_ADMIN_ROLE` or Treasury | Claims the treasury fee for a given basket token. | **Notes** * The `_BASKET_TOKEN_ROLE` is dynamically assigned by the BasketManager to basket tokens, allowing them to notify fees. * Only the protocol treasury or admin can claim treasury fees. ### AssetRegistry **Roles** | Role | Description | Privileges | Controlled By | | --------------- | ----------------------------------------------------- | ---------------------------- | -------------------- | | `_MANAGER_ROLE` | Role responsible for managing assets in the registry. | `addAsset`, `setAssetStatus` | `DEFAULT_ADMIN_ROLE` | **Functions** | Function Name | Required Roles | Description | | ---------------- | --------------- | -------------------------------------------- | | `addAsset` | `_MANAGER_ROLE` | Adds a new asset to the registry. | | `setAssetStatus` | `_MANAGER_ROLE` | Sets the status of an asset in the registry. | **Notes** * The `_MANAGER_ROLE` is critical for adding and managing assets in the registry. * The contract uses a bit flag system to represent enabled assets, which is updated dynamically based on asset status. ### StrategyRegistry **Roles** | Role | Description | Privileges | Controlled By | | ----------------------- | ----------------------------------------- | ----------------------------------------------- | -------------------- | | `DEFAULT_ADMIN_ROLE` | Admin role for managing the contract. | Can assign/revoke roles and manage strategies. | `DEFAULT_ADMIN_ROLE` | | `_WEIGHT_STRATEGY_ROLE` | Role given to approved weight strategies. | None (used for validation in `supportsBitFlag`) | `DEFAULT_ADMIN_ROLE` | **Functions** | Function Name | Required Roles | Description | | ----------------- | ---------------------------------------- | --------------------------------------------------------------- | | `supportsBitFlag` | None (validates `_WEIGHT_STRATEGY_ROLE`) | Checks if a given weight strategy supports a specific bit flag. | **Notes** * The `_WEIGHT_STRATEGY_ROLE` is used to validate weight strategies before calling their `supportsBitFlag` function. ### ManagedWeightStrategy **Roles** | Role | Description | Privileges | Controlled By | | -------------------- | ----------------------------------------------------------------------------------------------- | ------------------ | -------------------- | | `DEFAULT_ADMIN_ROLE` | Admin role responsible for assigning and revoking `_MANAGER_ROLE`. | | `DEFAULT_ADMIN_ROLE` | | `_MANAGER_ROLE` | Role responsible for managing assets and setting target weights for the assets in the strategy. | `setTargetWeights` | `DEFAULT_ADMIN_ROLE` | **Functions** | Function Name | Required Roles | Description | | ------------------ | --------------- | ---------------------------------------------------------- | | `setTargetWeights` | `_MANAGER_ROLE` | Sets the target weights for the assets for the next epoch. | **Notes** * The `_MANAGER_ROLE` is critical for setting target weights, which directly affect the strategy's behavior. * The contract uses a mapping to store target weights for each bit flag.