Skip to content

Operator Guide

What To Understand First

  1. Daily Operations Checklist
  2. Deposit Checklist
  3. Failed Deposit Troubleshooting
  4. Failed Claims
  5. Monitor Queued Upgrades

What You Are Allowed To Do

Operators execute approved procedures: create admission intents if assigned allowlistAdmin, monitor deposits, triage failed deposits, run receipt/claim workflows, and escalate anomalies. Authority depends on the Safe you operate.

What You Must Never Do

  • Retry failed deposits blindly.
  • Change allowlist or reserve state without a ticket.
  • Treat an allowlist event as proof of custody safety.
  • Continue deposit or claim windows during unresolved governance alerts.
  • Manually classify receipt or risk data without source evidence.

Responsibilities

Keep checklists current, archive evidence, verify post-state after every transaction, and stop on ambiguous failures. Operators are responsible for proving what happened, not only for sending transactions.

Failure Modes To Recognize

Missing intent, consumed intent, wrong authorized depositor, stale reserve proof, unsafe readiness, unexpected queued upgrade, claim executor pause, stale oracle, and slashing evidence.

Escalation

Escalate governance anomalies to guardian and roleAdmin contacts; escalate deposit readiness failures to protocol/risk; escalate oracle or receipt ambiguity to backend/oracle engineering.

Role Operating Guide

What This Person Must Understand First

The Operator must understand runbooks, deposit intents, vault readiness, receipt posting, claim monitoring, escalation channels. The four questions must stay separate: Upgrade governance asks which code is official, Deposit permissioning asks who may deposit, Custody/readiness asks whether the deposit route is safe, and Economic/claim safety asks whether funds can later leave safely.

Allowed To Do

This role may perform approved operational actions when the relevant runbook, permission matrix, and reviewer approval support the action.

Must Never Do

This role must never treat allowlist approval as custody or claim safety proof.

Pages To Read In Order

  1. System Map
  2. Permissioned vs Permissionless Deposits
  3. Permission Matrix
  4. Source Manifest
  5. The runbook for the exact action being performed.

Routine Responsibilities

Keep evidence current, record decisions, reconcile action tickets to onchain events, and raise drift quickly. Do not rely on memory when a source manifest, event log, or contract read can answer the question.

Incident Responsibilities

Stop routine automation for the affected layer, preserve evidence, notify the correct owner, and avoid broad remediation until the failing layer is identified.

Escalation Triggers

Escalate on unknown governance actions, mismatched implementation metadata, unexpected allowlist-admin transfer, stale oracle data, slashing/exit anomalies, failed custody readiness, or any claim that cannot be tied to current source and onchain evidence.