Any function on the vault is either not exposed externally or has a modifier that restricts the addresses that can invoke it. The main modifier is the onlyOwnerOrVaultItself that is defined by the following logic:
/// @dev Checks if the given `account` is the contract's address itself.
/// @dev Reverts with `UnauthorizedAccount` error if neither conditions are met.
/// @param account The account to check.
function _checkOnlyOwnerOrVaultItself(
address account
) internal view virtual {
if (account == address(this)) {
return;
}
if (account != AccessControlLib.getOwner()) {
revert UnauthorizedAccount(account);
}
}
This enables for execution of any functions allowed by the vault owner.
