Any function on the vault is either not exposed externally or has a modifier that restricts the addresses that can invoke it. The main modifier is the onlyOwnerOrVaultItself that is defined by the following logic:

/// @dev Checks if the given `account` is the contract's address itself.
/// @dev Reverts with `UnauthorizedAccount` error if neither conditions are met.
/// @param account The account to check.
function _checkOnlyOwnerOrVaultItself(
    address account
) internal view virtual {
    if (account == address(this)) {

    if (account != AccessControlLib.getOwner()) {
        revert UnauthorizedAccount(account);

This enables for execution of any functions allowed by the vault owner.

Last updated