# Overview Tapio implements a sophisticated multi-layered governance system designed for institutional-grade protocol management. The governance architecture separates concerns across specialized roles, each with specific permissions and constraints, ensuring secure parameter management while enabling efficient day-to-day operations. The following diagram illustrates the governance structure ![Tapio governance layer (1).png](/files/kr3OpBCWiqMjkJv5M7Zd) ### **Governance Roles** Tapio's governance system consists of five distinct roles, each designed for specific operational responsibilities: #### **Protocol Owner** The Protocol Owner maintains upgrade authority over all protocol contracts through Beacon proxy patterns. This cold storage multisig is used exclusively for protocol-wide upgrades and emergency pause overrides, typically activated only during major version updates or critical security responses. **Key Permissions:** * Upgrade all contracts via Beacon implementations * Emergency pause override across all SPAs * Transfer upgrade authority #### **Governor** The Governor manages business logic and economic parameters through timelock-controlled actions. This role sets parameter boundaries and manages fee structures while operating within Protocol Owner oversight. **Key Permissions:** * Set parameter boundaries in ParameterRegistry (absolute caps and relative ranges) * Adjust all fee types (swap, mint, redeem, off-peg multipliers) * Configure decay periods and volatility settings * Grant and revoke operational roles (Curator, Guardian) #### **Curator** The Curator handles day-to-day parameter optimization, specifically focused on amplification coefficient management. This role operates without timelock delays for responsive market management. **Key Permissions:** * Initiate A coefficient ramping within Governor-approved bounds * Adjust A values based on market conditions * Monitor and respond to exchange rate provider data **Constraints:** * Cannot exceed absolute caps set in ParameterRegistry * Limited to relative change ranges defined by Governor * All actions must pass Keeper bounds checking #### **Guardian** The Guardian provides emergency response capabilities with immediate effect but limited scope. This role can be automated for rapid incident response. **Key Permissions:** * Pause individual SPAs immediately * Cancel ongoing A coefficient ramping * Monitor protocol health and trigger emergency procedures **Constraints:** * Cannot unpause SPAs (requires Protocol Owner approval) * No parameter adjustment capabilities * Limited to emergency response functions only --- # Agent Instructions: Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter: ``` GET https://docs.tapio.finance/governance/overview.md?ask= ``` The question should be specific, self-contained, and written in natural language. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.