Skip to main content

Smart Accounts

Smart accounts are the orchestration layer of the Yield Router. They are user-owned contracts that hold funds and execute transactions on behalf of the user.

Why Smart Accounts

Traditional DeFi interactions require users to sign every transaction: deposits, withdrawals, rebalances. Automated routing would require either:
  • Custodial control (user gives funds to a third party)
  • Constant user interaction (defeating the purpose of automation)
Smart accounts solve this. The user retains ownership while granting limited, revocable permissions for specific actions.

Architecture

Each user has two addresses per chain:
AccountDescription
Main Wallet (EOA)The user’s externally owned account, holds keys
Sub-Account (Smart Account)A contract controlled by the main wallet, holds routed funds
The smart account is deployed when a user first connects to Rosetta. It is owned by the user’s main wallet and can only be controlled by it. On multi-chain setups, a separate sub-account exists on each supported chain.

Permissions

The smart account grants Rosetta permission to:
  • Deposit into whitelisted Morpho vaults
  • Supply to enabled Aave markets
  • Withdraw from vaults and markets
  • Rebalance between vaults and across protocols
The smart account does not grant Rosetta permission to:
  • Withdraw to any address other than the user’s main wallet
  • Access vaults, markets, or protocols not explicitly enabled in policies
  • Modify policies without user signature

Withdrawal Constraint

All withdrawals from the smart account can only be sent to the user’s main wallet. This is enforced at the contract level. This eliminates an entire class of attack vectors. Even if Rosetta’s systems were compromised, funds could only be sent back to the rightful owner.

Policies

Policies are on-chain rules that define what the Yield Router is permitted to do with a user’s funds. They are the user’s control mechanism over automated execution.

What Policies Control

PermissionDescription
Enabled AssetsWhich assets the Router can allocate (e.g., USDT0, USDC)
Enabled VaultsWhich Morpho vaults the Router can deposit into
Enabled ProtocolsWhich protocols are active (Morpho, Aave)
Withdrawal DestinationFixed to user’s main wallet (cannot be changed)

Enabling and Disabling

When a user disables a vault or protocol:
  1. Policy state updates on-chain
  2. Router can no longer deposit into that vault or market
  3. Existing positions in that vault are withdrawn
  4. Router will reallocate funds on the next block
When a user enables a vault or protocol:
  1. Policy state updates on-chain
  2. Router can now include that vault or market in allocation decisions
  3. If the newly enabled option has a better sustainable APY, Router reallocates to it

Policy Upgrades

When Rosetta adds support for new assets, protocols, or chains, users must upgrade their policy to access them. This requires explicit user consent via signature. For example, when Rosetta added Base chain support:
  1. Rosetta deployed new policy version with Base chain capability
  2. User sees “Upgrade available” in interface
  3. User reviews and signs the upgrade transaction
  4. Base chain vaults become available in user’s policy configuration
Users are never auto-enrolled in new assets, protocols, or chains.

Risk Intelligence

Rosetta’s risk intelligence layer, Circular, provides analytical tools for evaluating vault and market risk profiles before configuring policies.