The Zodiac Roles Modifier is a smart contract system created by Gnosis Guild that constrains asset managers access to funds with strict, customisable permissions. In context, a modifier is a smart contract that extends the functionality of a Safe smart contract wallet.

A key use case for the modifier is to allow organisations with on-chain assets such as DAOs or treasuries to delegate fund management on their Safe to third parties while tightly controlling what those managers can do. Here’s how it works in practice:

Role-Based Access Control

• Custom Roles: You can create a role (a list of whitelisted actions) that only the asset manager has access to , assigning only the permissions needed for executing their strategy. Using Aave v3 lending as a simple example, one could allow a manager to supply() and withdraw() assets for lending. If any other functions are called by the manager on the clients behalf such as borrow() they will simply fail.

• Granular Permissions: Each role can be configured to allow only certain functions when called with select parameter values. For example, you might want to allow a manager to supply only USDC to Aave. This is simply achieved by enforcing that the embedded token address in the supply transaction is equal to USDC’s address.

The largest user of the tech by assets is Karpatkey, who at the time of writing, manage $1.7Bn. We know this as we previously worked with Karpatkey to audit a set of permissions for their ENS DAO Safe:

In summary

Zodiac Roles lets you give asset managers the tools to do their job, move, swap, or invest funds, while enforcing strict boundaries. They can’t access funds inappropriately, and every action is checked against the permissions and quotas you define. This creates a secure, flexible, and auditable framework for sound third party access to funds.