# Roles and Permissions
The following are the roles and functions the roles can call in Level v2:
| Role | Users | Permissions |
| --------------------- | ---------------------------------------------------------------------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- |
| ADMIN\_MULTISIG\_ROLE | - Admin multisig only | StrictRolesAuthority.removeUserRole()
LevelMintingV2.removeMintableAsset()
LevelMintingV2.removeRedeemableAsset()
LevelMintingV2.removeOracle()
|
| VAULT\_MINTER\_ROLE | - LevelMintingV2 contract only | `BoringVault.enter()` |
| VAULT\_REDEEMER\_ROLE | - LevelMintingV2 contract
- RewardManager contract
| `BoringVault.exit()` |
| PAUSER\_ROLE | - Admin multisig
- Operator multisig
- Hexagate gatekeepers
| PauserGuard.pauseSelector()
PauseGuard.pauseGroup()
|
| UNPAUSER\_ROLE | - Admin multisig only | PauserGuard.unpauseSelector()
PauserGuard.unpauseGroup()
|
| VAULT\_MANAGER\_ROLE | - LevelMintingV2 contract
- RewardManager contract
| BoringVault.manage()
BoringVault.increaseAllowance()
|
| GATEKEEPER\_ROLE | - Admin multisig
- Operator multisig
- Hexagate gatekeepers
| `LevelMintingV2.disableMintRedeem()` |
| REWARDER\_ROLE | - Treasury multisig only | `RewardsManager.reward()` |
| STRATEGIST\_ROLE | - Operator multisig
- LevelMintingV2 contract
- RewardsManager contract
| VaultManager.deposit()
VaultManager.depositDefault()
VaultManager.withdraw()
VaultManager.withdrawDefault()
|
| MINTER\_ROLE | N | `LevelMintingV2.mint()` (if not public. note that on launch, `mint()` will be public) |
| REDEEMER\_ROLE | N (KYC-ed external redeemers) | `LevelMintingV2.initiateRedeem()` (if not public. note that on launch, `initiateRedeem` will not be public) |
#### Trusted Addresses:
* *Admin Multisig*
* 5/8 Gnosis Safe
* All signers are cold wallets
* 4 keys held by internal team members, 4 keys held externally
* Team cannot sign transactions unilaterally
* External signers are trusted members of the security community (ie Spearbit)
* Internal team members have separate signing devices
* At least two signers must validate that the transaction hashes being signed on the UI match what the wallet sees
* Used to:
* Upgrade contract implementations
* Assign and removes roles
* Adjust protocol configuration
* *Operator Multisig*
* 2/5 Gnosis Safe
* 4/5 signers are cold wallets
* All keys held by internal team members
* Used to:
* Manage funds custodied by the BoringVault using the VaultManager smart contract
* Send excess yield to the Treasury multisig
* *Treasury Multisig*
* 3/4 Gnosis Safe
* All signers are cold wallets
* All keys held by internal team members
* Used to:
* Receive USDC/T yield accrued by the protocol
* Mint lvlUSD using these funds and reward it to slvlUSD
* Claim rewards on behalf of the BoringVault for supplying to lending protocols like Aave and Morpho
* Hexagate Gatekeepers
* EOA stored on AWS
* Automatically run actions based off critical/high monitoring alerts from Hexagate, including:
* If dollar value of lvlUSD reserves returned by LevelReserveLens dips below the dollar value of lvlUSD supply
* If Hexagate detects any suspicious contracts deployed that could be potential attackers
---
# Agent Instructions: Querying This Documentation
If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.
Perform an HTTP GET request on the current page URL with the `ask` query parameter:
```
GET https://level-money.gitbook.io/level-documentation/technical-documentation/roles-and-permissions.md?ask=
```
The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.
Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.