# Governance

## Vault administration (partner)

Vaults are managed by partners using several key admin roles:

* SYS\_ADMIN: wallet responsible for contract administration and other role attribution
* FEE\_MANAGER: wallet responsible for changing the end user fee and the split between multiple recipients
* FEE\_COLLECTOR: wallet responsible for claiming the commission
* SANCTIONS\_MANAGER: wallet responsible for enabling the OFAC-sanctioned wallet check
* CLAIM\_MANAGER: wallet responsible for claiming additional rewards from the lending protocols
* PAUSER: wallet responsible for pausing all interaction with vault contracts, managed by Kiln as a security fail-safe
* UNPAUSER: wallet responsible for unpausing the contract

It is recommended to have multi-sig wallets for these roles with a strong quorum security. 

**NOTE**:  You can only have 1 wallet assigned as SYS\_ADMIN, but multiple wallets assigned to all other roles.

## Blocklist administration (partner)

Kiln DeFi vaults feature  custom [deposit blocklists](https://docs.kiln.fi/v1/kiln-products/defi/security/compliance-features#blocklists) that partners can opt to use. The blocklist admin role is:

* OPERATOR: wallet responsible for adding and removing addresses to and from the custom blocklist

## Upgradability Structure (Kiln)

<figure><img src="https://1911902555-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2Fnye3yqpuOzdfrtWAlwng%2Fuploads%2FcbVj5bJKocTu0qKRp6dL%2FFrame%20129%20(2).svg?alt=media&#x26;token=45929e44-acb6-4269-a216-8324b0eaa412" alt=""><figcaption><p>Upgradability overview<br>- dashed arrows are atomic actions<br>- orange boxes are smart contract controlled by Kiln and green are controlled by partners</p></figcaption></figure>

#### Kiln DeFi Vaults

Kiln DeFi vaults follow the beacon proxy pattern where all vaults fetch their implementation address from a VaultUpgradeableBeacon smart contract.

This is administered by 4 roles:

* PROXY\_ADMIN: a multisig quorum between Kiln and third parties responsible for attributing the below roles
* PAUSER: a wallet responsible for pausing all interaction with vault contracts, managed by Kiln as a security failsafe
* FREEZER: a multisig quorum between Kiln and third parties responsible for freezing Vault implementation (to make it non-upgradeable)
* IMPLEMENTATION\_MANAGER: a multisig quorum between Kiln and third parties responsible for upgrading Vault implementations

#### Kiln DeFi Connectors

Kiln DeFi Connectors also follow the beacon proxy pattern where each connector implementation address is fetched from a ConnectorRegistry contract.

This is administered by 4 roles:

* ADMIN: a multisig quorum between Kiln and third parties responsible for attributing the below roles
* PAUSER: a wallet responsible for pausing all interaction with connector contracts, managed by Kiln as a security failsafe
* FREEZER: a multisig quorum between Kiln and third parties responsible for freezing connector implementations (to make some of them non-upgradeable)
* CONNECTOR\_MANAGER: a multisig quorum between Kiln and third parties responsible for upgrading connectors implementation