# Governance

The hBTC protocol employs a role-based governance model with clearly scoped permissions to separate strategic control, operational execution, and risk oversight.&#x20;

<figure><img src="/files/2mGezBIc8AHXPFBtL4yk" alt=""><figcaption></figcaption></figure>

### Roles

#### Owner

The **Owner** is the highest authority within the protocol and is responsible for assigning and managing all other roles. The Owner has the ability to modify critical protocol settings, subject to timelock constraints as well as day-to-day protocol configuration without timelock.&#x20;

{% hint style="success" %}
The Owner role is secured by a **3-of-6** multi-signature wallet.
{% endhint %}

#### Guardian

A **Guardian** role provides emergency risk controls, enabling protective actions such as pausing protocol functionality.

#### Operator

Operators are specialized operational roles who execute predefined functions within strict boundaries.&#x20;

* **Trader:** Executes strategy-related transactions (e.g., borrow, stake, swap)
* **Manager:** Manages funding of withdrawal claims
* **Rewarder:** Performs reward logging accounting updates
* **Fee Setter**: Can set custom exit fee

{% hint style="success" %}
All role changes are **timelocked**.
{% endhint %}

<details>

<summary>Active Roles</summary>

Owner: [SM1QXYXZG78DCWJZJKY0901KTK3350071W9YYRPMT](https://explorer.hiro.so/address/SM1QXYXZG78DCWJZJKY0901KTK3350071W9YYRPMT?chain=mainnet) (3/6 multi-sig)

Guardian: [SM1QXYXZG78DCWJZJKY0901KTK3350071W9YYRPMT](https://explorer.hiro.so/address/SM1QXYXZG78DCWJZJKY0901KTK3350071W9YYRPMT?chain=mainnet) (3/6 multi-sig)

Trader: [SP20V8SG811G6CT2QMZQNX6XCN20YAX36DYD1BAE0](https://explorer.hiro.so/address/SP20V8SG811G6CT2QMZQNX6XCN20YAX36DYD1BAE0?chain=mainnet)

Rewarder: [SP20V8SG811G6CT2QMZQNX6XCN20YAX36DYD1BAE0](https://explorer.hiro.so/address/SP20V8SG811G6CT2QMZQNX6XCN20YAX36DYD1BAE0?chain=mainnet)

Manager: [SP20V8SG811G6CT2QMZQNX6XCN20YAX36DYD1BAE0](https://explorer.hiro.so/address/SP20V8SG811G6CT2QMZQNX6XCN20YAX36DYD1BAE0?chain=mainnet)

Fee Setter: None

</details>

### Settings

#### Protocol

Defines the set of core protocol smart contracts with the ability to invoke internal contracts, move assets within the system, and execute approved external contract calls.

#### Assets

Specifies the assets that protocol smart contracts are authorized to custody, transfer, and deploy as part of strategy execution.

#### Externals

Defines the external smart contracts that the system is permitted to interact with, including money markets, yield protocols, and swap interfaces.

{% hint style="success" %}
All security-sensitive setting updates are **timelocked**.
{% endhint %}

<details>

<summary>Active Settings</summary>

Protocol

* See [Smart Contracts](https://docs.hermetica.fi/hbtc/how-it-works/smart-contracts#smart-contracts)

Assets

* [sBTC](https://explorer.hiro.so/token/SM3VDXK3WZZSA84XXFKAFAF15NNZX32CTSG82JFQ4.sbtc-token?chain=mainnet)
* [USDh](https://explorer.hiro.so/token/SPN5AKG35QZSK2M8GAMR4AFX45659RJHDW353HSG.usdh-token-v1?chain=mainnet)
* [sUSDh](https://explorer.hiro.so/token/SPN5AKG35QZSK2M8GAMR4AFX45659RJHDW353HSG.susdh-token-v1?chain=mainnet)

Externals

* Zest Protocol
  * [market-v0-3](https://explorer.hiro.so/txid/SP1A27KFY4XERQCCRCARCYD1CC5N7M6688BSYADJ7.v0-3-market?chain=mainnet)
  * [sBTC vault-v0-1](https://explorer.hiro.so/txid/SP1A27KFY4XERQCCRCARCYD1CC5N7M6688BSYADJ7.vault-sbtc?chain=mainnet)
  * [USDh vault-v0-1](https://explorer.hiro.so/txid/SP1A27KFY4XERQCCRCARCYD1CC5N7M6688BSYADJ7.vault-usdh?chain=mainnet)
* Hermetica USDh Protocol
  * [staking-v1-1](https://explorer.hiro.so/txid/SPN5AKG35QZSK2M8GAMR4AFX45659RJHDW353HSG.staking-v1-1?chain=mainnet)
  * [staking-silo-v1-1](https://explorer.hiro.so/txid/SPN5AKG35QZSK2M8GAMR4AFX45659RJHDW353HSG.staking-silo-v1-1?chain=mainnet)
  * [minting-auto-v1-2](https://explorer.hiro.so/txid/SPN5AKG35QZSK2M8GAMR4AFX45659RJHDW353HSG.minting-auto-v1-2?chain=mainnet)

</details>

### Timelock

All critical protocol changes—including role assignments and security-sensitive parameter updates—are subject to a **governance timelock**.&#x20;

The current timelock period is **24 hours.**

### Emergency Control

In case of a owner compromise (worst case scenario) the emergency mechanism freezes the protocol and allows for the safe withdrawal of assets.


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://docs.hermetica.fi/hbtc/how-it-works/governance.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.