# Access Controls

Our smart contracts are all open sourced, located [here](https://github.com/solendprotocol). 

<table><thead><tr><th width="243.26486291689724">Description</th><th width="474.29346314325454">Address</th></tr></thead><tbody><tr><td>Program</td><td><code>So1endDq2YkqhipRh3WViPa8hdiSpxWy6z3Z6tMCpAo</code></td></tr><tr><td>Upgrade authority</td><td><code>2Fwvr3MKhHhqakgjjEWcpWZZabbRCetHjukHi1zfKxjk</code></td></tr></tbody></table>

Our Solend Program, "`So1endDq2YkqhipRh3WViPa8hdiSpxWy6z3Z6tMCpAo"`, is owned by the BPF Upgradeable Loader program which lets the Upgrade Authority "`GDmSxpPzLkfxxr6dHLNRnCoYVGzvgc41tozkrr4pHTjB`" upload a new program to make changes/improvements. We hold the keypair of the Upgrade Authority, so we utilize that to push upgrades to mainnet.&#x20;

For now, there isn't a timelock program, but transitioning to governance in the future will cause upgrades to go through a governance vote as well.&#x20;

However, minor changes to mainnet program are reviewed internally across multiple members of the team, or by external engineers from the Solana team. We will likely conduct another audit if we perform major changes to the codebase.

Our code is not "Anchor verified" yet, but we will look into doing so soon.

<table><thead><tr><th width="243.26486291689724">Description</th><th width="474.29346314325454">Address</th></tr></thead><tbody><tr><td>Lending market owner</td><td><code>5pHk2TmnqQzRF9L6egy5FfiyBgS7G9cMZ5RFaJAvghzw</code></td></tr><tr><td>Fee receiver</td><td><code>9RuqAN42PTUi9ya59k9suGATrkqzvb9gk2QABJtQzGP5</code></td></tr></tbody></table>

This lending market owner contains all the reserves for our main/isolated pools. When updating the configs such as reserve limit or parameters, we pass a tx through the lending market owner such as this [one](https://solscan.io/tx/354SRxN9Px3gfgoxa6mA2SpeWsSTz7LQhDKYbCem8RaXXybU5Ni6i9yz8CkADhnAeRzc9HXqdbihep7FPoZeoFmM) to update the configs. This can only change the configs and can't move funds from the user.

An example of configs we can change is setting deposit/borrow limit to 0. We do this when deprecating or delisting certain assets. However, we can't set withdrawal to 0 and lock up user funds.


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://docs.save.finance/architecture/access-controls.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.