# OpSec

This page explains how Lince's on-chain access control is designed to protect user funds and what each role can and cannot do.

Lince has four roles with different permissions within the program for different purposes, aligned with the protocol's operational needs and security requirements.

| Role         | Upgrade Program | Can add assets to strategies funds? | Can modify strategy? | Can pause?        | Setup                       |
| ------------ | --------------- | ----------------------------------- | -------------------- | ----------------- | --------------------------- |
| Upgrader     | ✅               | ❌                                   | ❌                    | ❌                 | 3/6 multisig + 12h timelock |
| Admin        | ❌               | ✅                                   | ✅                    | Pause and unpause | 3/6 multisig + 12h timelock |
| PoolsManager | ❌               | ❌                                   | ✅                    | ❌                 | 2/5 multisig                |
| Pauser       | ❌               | ❌                                   | ❌                    | Only pause        | 4 cold wallets              |

*\* The Lince manager can ONLY operate with assets within the contract with limitations; it can not move funds out of the program.*

#### Upgrade Multisig

The upgrade multisig can:

* `upgrade-program` — upgrade the smart contract.

Setup:

4/6 multisig with 12h timelock. Cold wallets.

[https://app.squads.so/squads/AQiRFiqsPS6FKbhnEzAF83oX3mDFT9FQNqjMVz3cX1Mx](https://app.squads.so/squads/AQiRFiqsPS6FKbhnEzAF83oX3mDFT9FQNqjMVz3cX1Mx/home)

#### Admin Multisig

The admin multisig can:

* `update-configuration` — set fees and assign roles
* `pause` - `true` or `false` — pause the program and enable it when it's paused. `set-pause` - `true` can also be executed by "Pauser Role", but `set-pause` - `false` is only enabled with this admin multisig.

Setup:

3/5 multisig with 1h timelock. Cold wallets.

[https://app.squads.so/squads/HPP34a4qVEv2EYybFcKDqdes5GYBTFDBxygUixmjPQAv](https://app.squads.so/squads/HPP34a4qVEv2EYybFcKDqdes5GYBTFDBxygUixmjPQAv/home)

#### PoolsManager Multisig

The PoolsManager multisig can:

* `add-asset` — add a new asset to the protocol
* `edit-asset` — modify an asset within the protocol `isActive`, `pythAcc`, etc.

Setup:

3/5 multisig. Cold wallets.

[https://app.squads.so/squads/44qfRTL9vXmKmtaNpYkC5CYkedaDphs6aKq6rdzycGag/](https://app.squads.so/squads/44qfRTL9vXmKmtaNpYkC5CYkedaDphs6aKq6rdzycGag/home)

#### Pauser Role

The Pauser Role can:

* `pause` - `true` (emergency ix) — pause the program in case of an emergency. `set-pause` - `false` can ONLY be executed by "Admin Multisig".

Setup:

4 cold wallets has pauser role.