Visit WebsiteGet SupportLaunch App

Security & Authentication

Multi-Layer Security Model

User Custody Layer

Safe Smart Accounts provide foundational security:

  • Users maintain full custody via Safe ownership

  • Multi-signature support (though typically 1-of-1)

  • Battle-tested Safe v1.3.0+ infrastructure

  • Optional additional signers for enhanced security

Transaction Validation Layer

BravaGuard enforces protocol boundaries:

  • Validates all transactions before execution

  • Only registered actions can be called

  • Restricts interactions to approved protocols

  • Prevents fund extraction outside Brava ecosystem

Execution Layer

SequenceExecutor provides atomic safety:

  • All actions execute via delegatecall in Safe context

  • All-or-nothing transaction semantics

  • Action validation against AdminVault registry

  • Prevents partial execution failures

Governance Layer

AdminVault manages system configuration:

  • Time-delayed proposals for all changes

  • Role-based access control (RBAC)

  • Mandatory waiting periods before execution

  • Emergency cancellation mechanisms

Role-Based Access Control

AdminVault implements hierarchical RBAC with separation of duties:

Role Hierarchy

OWNER_ROLE (Emergency only)
  └─ ROLE_MANAGER_ROLE (Day-to-day admin)
      ├─ ACTION_PROPOSER → ACTION_EXECUTOR → ACTION_DISPOSER
      ├─ POOL_PROPOSER → POOL_EXECUTOR → POOL_DISPOSER  
      ├─ FEE_PROPOSER → FEE_EXECUTOR → FEE_CANCELER
      └─ TRANSACTION_PROPOSER → TRANSACTION_EXECUTOR → TRANSACTION_DISPOSER

Key Principles:

  • Separation of Duties: Propose, execute, and cancel are separate roles

  • Time Delays: Mandatory waiting period between proposal and execution

  • Emergency Override: OWNER_ROLE can bypass delays (use sparingly)

  • Cancellation : CANCELER roles provide safety valve during delay period

Time-Locked Governance

All system changes follow a proposal-delay-execution pattern:

  1. Propose - Submit action/pool/fee change (PROPOSER role)

  2. Wait - Mandatory delay period (default 24 hours)

  3. Execute - Apply approved change (EXECUTOR role)

  4. Cancel - Abort during delay if needed (CANCELER role)

Cross-Chain Security

EIP712TypedDataSafeModule enables secure multi-chain execution:

  • Single signature authorizes bundle across chains

  • EIP-712 structured data for signature clarity

  • Per-Safe sequence nonces prevent replay

  • Bundle expiry timestamps

  • Chain ID validation

Authentication Methods

Direct Safe Owner Execution

Standard Safe transaction signing for direct sequence execution via SequenceExecutor

EIP-712 Bundle Signatures via Module

User signs typed data bundle once, which is then relayed and executed through the EIP712TypedDataSafeModule authorized on their Safe. This enables:

  • Single signature for multi-chain execution

  • Gasless transactions (relayer pays gas)

  • Cross-chain coordination

Fee System

  • Rate: 0.50% annual fee on deposited funds

  • Calculation: Prorated daily (365-day year)

  • Collection: Triggered by FEE_TAKER_ROLE

  • Tracking: AdminVault records last fee timestamp per pool

  • Prevention: Cannot collect fees twice for same period

  • Precision: Basis points (10000 = 100%)

PreviousTechnical OverviewNextSmart Contract Components

Last updated