Role-Specific Administrators

ROLE_ADMIN_ROLE

Each role (except the DEFAULT_ADMIN role) has dedicated role administrator that can assign or revoke that specific role to and from wallet addresses. Role administrators operate independently from the DEFAULT_ADMIN_ROLE, ensuring a distributed permission structure while maintaining control over who can execute specific actions.

For example:

  • The DEPOSITOR_ROLE has an admin that manages which wallets can stake via the vault.
  • The OPERATOR_ROLE admin controls who can manage validator operations.
  • The ORACLE_ROLE admin manages which wallets should post data in the contract.

Role administrators leverage the following functions:

function grantRole(bytes32 role, address account) external;
function revokeRole(bytes32 role, address account) external;
function getRoleAdmin(bytes32 role) external view returns (bytes32);