# Protocol Token Authority

## 1. Summary <a href="#id-1-introduction-summary" id="id-1-introduction-summary"></a>

The `ProtocolTokenAuthority` allows governance to specify which addresses are allowed to `mint` or `burn` protocol tokens. This is done by either setting an address as the `root` of the contract, the `owner` of the contract or by whitelisting an address in the `authorizedAccounts` mapping.

## 2. Contract Variables & Functions <a href="#id-2-contract-details" id="id-2-contract-details"></a>

**Variables**

* `root` - contract's root controlling address.
* `owner` - the second most powerful address controlling the contract. It cannot set the `root` but it can set another `owner`.
* `authorizedAccounts[account: address]` - mapping of addresses that are allowed to print protocol tokens.

**Modifiers**

* `isRootCalling` - modifier checking if the `msg.sender` is the `root`
* `isRootOrOwnerCalling` - modifier checking if the `msg.sender` is the `root` or the `owner`

**Functions**

* `setRoot(usr: address)` - sets a new root
* `setOwner(usr: address)` - sets a new owner
* `addAuthorization(usr: address)` - authorize a new address to print tokens
* `removeAuthorization(usr: address)` - de-authorize an address from printing tokens
* `canCall(src: address, address, sig: bytes4)` - checks whether an address can call `mint`, `burn` or `burnFrom` inside the protocol token

## 3. Walkthrough <a href="#id-2-contract-details" id="id-2-contract-details"></a>

`auth`ed accounts, `owner` and `root` are the ones who pass the `canCall` check and thus, are able `mint`, `burn` and `burnFrom`. `root` and `owner` can add or remove authorized addresses. `owner` cannot set a new `root` but can only change the `owner`. `root` has complete power and can change both the `root` and the `owner`.&#x20;


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://docs.reflexer.finance/system-contracts/token-module/protocol-token-authority.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.