Save (formerly Solend)
  • Introduction to Save
  • Getting Started
    • Start Here (Desktop)
    • Start Here (Mobile)
    • Supply & Borrow APY
    • Liquidations
    • Risks
    • FAQ
    • Debugging FAQ
  • DAO & Token
    • DAO
    • Token
    • IDO
  • Protocol
    • Solend Pools
    • Parameters
    • Fees
    • Liquidity Mining
    • Limits
    • Media
    • Audit
    • Bug Bounty
    • Oracles
  • Permissionless Pools
    • Introduction
    • Risks
    • Pre-Listing Checklist
    • Listing a Pool
    • Post-Listing
    • Managing a Pool
    • Switchboard v2 Guide
    • Pool Ideas
  • Architecture
    • Building Blocks
    • Software Flowchart
    • Access Controls
    • User Instructions
    • Computing Supply & Borrows
    • cTokens
      • cToken Addresses
    • Addresses
      • Mainnet
        • Main Pools
        • Isolated Pools
      • Devnet
  • Integrations
    • Introduction
    • Integration Guide
    • Solend LITE
    • Liquidators
    • Flash Loans
    • Developer Referral Fee
    • Resources and FAQ
Powered by GitBook
On this page

Was this helpful?

  1. Architecture

Access Controls

PreviousSoftware FlowchartNextUser Instructions

Last updated 1 year ago

Was this helpful?

Our smart contracts are all open sourced, located .

Description
Address

Program

So1endDq2YkqhipRh3WViPa8hdiSpxWy6z3Z6tMCpAo

Upgrade authority

2Fwvr3MKhHhqakgjjEWcpWZZabbRCetHjukHi1zfKxjk

Our Solend Program, "So1endDq2YkqhipRh3WViPa8hdiSpxWy6z3Z6tMCpAo", is owned by the BPF Upgradeable Loader program which lets the Upgrade Authority "GDmSxpPzLkfxxr6dHLNRnCoYVGzvgc41tozkrr4pHTjB" upload a new program to make changes/improvements. We hold the keypair of the Upgrade Authority, so we utilize that to push upgrades to mainnet.

For now, there isn't a timelock program, but transitioning to governance in the future will cause upgrades to go through a governance vote as well.

However, minor changes to mainnet program are reviewed internally across multiple members of the team, or by external engineers from the Solana team. We will likely conduct another audit if we perform major changes to the codebase.

Our code is not "Anchor verified" yet, but we will look into doing so soon.

Description
Address

Lending market owner

5pHk2TmnqQzRF9L6egy5FfiyBgS7G9cMZ5RFaJAvghzw

Fee receiver

9RuqAN42PTUi9ya59k9suGATrkqzvb9gk2QABJtQzGP5

This lending market owner contains all the reserves for our main/isolated pools. When updating the configs such as reserve limit or parameters, we pass a tx through the lending market owner such as this to update the configs. This can only change the configs and can't move funds from the user.

An example of configs we can change is setting deposit/borrow limit to 0. We do this when deprecating or delisting certain assets. However, we can't set withdrawal to 0 and lock up user funds.

here
one