Governance
The Protocol Admin is an account with exclusive access to specific functions of the protocol. More concretely, the Admin is a collection of multisig wallets currently in control of Sablier Labs, which have the following permissions on each chain where Sablier is deployed:
| Permission | Function | Contract(s) |
|---|---|---|
| Allow to Hook | allowToHook | SablierV2LockupLinear, SablierV2LockupDynamic, SablierV2LockupTranched |
| Set NFT Descriptor | setNFTDescriptor | SablierV2LockupLinear, SablierV2LockupDynamic, SablierV2LockupTranched |
Admins
Here are the addresses that are currently administering the Sablier Protocol. Most of them are Safe multi-signature wallets.
Trustlessness
Despite having an admin, the Sablier Protocol remains trustless. Here are the reasons why:
- The protocol is permissionless, i.e. it can be freely accessed by anyone with an Internet connection.
- The protocol is persistent, i.e. the admin cannot pause it.
- The streaming logic is non-upgradeable, i.e. the admin cannot tamper with the streams created by users.
- There are no escape hatches that allow the admin to claim user funds.
- There is a hard-coded upper limit of 10% to the fees that the admin can charge.
Timelocks
The parameter changes that can be effected are NOT subject to a timelock. This means that the admin can execute any of the functions listed above at any time.
Governance
As a startup, Sablier has to deal with uncertainty regarding:
- Protocol-market fit
- Smart contract security
Attaining success in these areas is no easy feat, and as such, decentralizing the protocol's governance will not be an initial priority.
Nonetheless, we believe that progressive decentralization is the most effective approach to scaling a smart contract protocol. As the protocol matures, we will decentralize its governance incrementally.