Skip to main content

GLAM State

Each GLAM vault, whether tokenized or non-tokenized, has a unique state account that stores metadata, states, configurations, and policies.

Vault

A Vault is a system account with a PDA derived from the GLAM Protocol program:
  • It holds all assets (SOL, tokens) and DeFi positions (e.g., Drift user accounts, Kamino vault shares).
  • It provides programmable management of onchain assets with embedded risk controls.
  • Access is strictly gated by access control rules.

Mint

A Mint is a Token-2022 Program account that uniquely identifies a token. Every GLAM tokenized vault has an associated mint:
  • The mint address is a PDA derived from the GLAM Mint program
  • Token-2022 extensions are enabled, including metadata, transfer hook, and default account state
  • Mint tokens represent vault shares—new tokens are issued during subscriptions, and tokens are burned during redemptions

Subscriber

A subscriber is a user who deposits assets into a tokenized vault and receives vault shares in return. Depending on the vault configuration, subscribers may or may not be required to complete KYC verification.

Owner

The terms “owner” and “manager” are used interchangeably, both referring to the owner of a vault.
  • Vault owner has admin access to the vault. They are exempt from delegate access control policies, however, they are still subject to vault policies and timelocks.
  • Vault owner can propose changes if timelock is enforced and transfer ownership to another address.
  • It is recommended to use hardware wallets or multisig for enhanced security, while granting delegate permissions for routine operations.

Delegate

A delegate is a public key that is granted specific vault permissions by the owner.
  • Multiple delegates can be added to a vault, each with a different set of permissions.
  • Only vault owner can grant delegate permissions.

Integration

An integration is a program that bridges GLAM vaults and external DeFi protocols. No integrations are enabled by default, and vault owners should only enable those required for their investment strategy to minimize attack surface and operational risks. For example, if a vault strategy does not require Kamino protocols, the Kamino integration should remain disabled.

Access Control List (ACL)

An ACL is a list of rules that specify which users or entities are granted or denied access and what operations they can perform. GLAM allows vault owners to set up ACLs for both integrations and delegates:
  • Integration ACLs define which integrations are enabled for a vault
  • Delegate ACLs define which delegates are granted specific permissions to access a vault

Policies

GLAM enforces risk management and compliance through configurable policies at various levels.
  • Vault policies control parameters like the asset allowlist, timelock duration, and transfer restrictions.
  • Mint policies include max capacity, min subscription size, lockup period.
  • Policies can be configured for individual integrations. For example, Drift Protocol policy that defines which Drift markets are allowed for a vault.

Automations

Automations are services that streamline and manage onchain operations without manual intervention, handling tasks such as rebalancing and risk management. They can be self-hosted or developed by third parties, enhancing efficiency while respecting defined access controls.
I