# Settings & Access Control

Settings and Access Control define how RAX is configured, secured, and governed at the user level.

***

#### Mandate Configuration <a href="#id-47a886d7-24c1-4e3f-81a5-16df43418416" id="id-47a886d7-24c1-4e3f-81a5-16df43418416"></a>

The mandate defines all rules governing vault operation. Configurable parameters include:

* Risk tolerance profile (defensive, balanced, aggressive)
* Maximum risk score (default: 50)
* Maximum protocol exposure per position (default: 40%)
* Maximum chain exposure (default: 100%)
* Minimum liquidity threshold (default: 10%)
* Maximum capital per rebalance (default: 25%)
* Rebalance threshold — deviation percentage (default: 5%)
* Minimum rebalance interval (default: 1 hour)
* Maximum drawdown before emergency stop
* Protocol allowlist
* Asset allowlist
* Auto-execute toggle (off by default)
* Approval threshold for large capital movements

Changes take effect on the next decision cycle. All changes are versioned — each decision record references the mandate version that was active, providing a clear audit trail.

***

#### Access Tiers <a href="#cb72fbb1-a9ec-4db3-844f-3fe8d3a40f99" id="cb72fbb1-a9ec-4db3-844f-3fe8d3a40f99"></a>

RAX uses two complementary access systems:

**Wallet-based progression:**

* Free — no wallet required, basic analytics
* Wallet Connected — personalized exposure and alerts
* Capital Deposited — allocation engine and mandate configuration
* Autonomous Mode — keeper-driven auto-execution

**Token-based tiers (determined by $RAX balance on Base):**

| Tier   | Minimum $RAX | Key Features                                            |
| ------ | ------------ | ------------------------------------------------------- |
| Free   | 0            | Risk Overview, basic exposure                           |
| Holder | 1            | Full vault rankings, advanced filters, alerts           |
| Pro    | 1,000        | Simulations, allocation presets, full exposure analysis |
| Power  | 10,000       | Decision export, full settings, RaxBot access           |

Founder wallets receive full Power tier access regardless of token balance.

***

#### Security Practices <a href="#id-4a45a992-4428-4c81-8158-06b073cbb725" id="id-4a45a992-4428-4c81-8158-06b073cbb725"></a>

The vault contract uses Ownable2Step (two-step ownership transfer preventing accidental transfers), ReentrancyGuard, and Pausable patterns from OpenZeppelin. Only the authorized keeper address can execute rebalances. Emergency pause can be triggered by the owner at any time.

Settings should be reviewed periodically, especially after changes in market conditions or strategy.


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://docs.raxprotocol.xyz/product-guides/settings-and-access-control.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.