What A Policy Checks
Earn policies are program-interaction policies. That means they restrict which program can be called, which accounts must appear, and which instruction data is allowed. For Earn, those checks include:- The action must target the Earn vault
- The token mint must be USDC
- The route must use approved Kamino lending markets
- The instruction shape must match the allowed Kamino deposit, withdraw, or setup action
- The delegated signer must be one of the approved policy signers
The current route policy is bounded by Kamino market and USDC liquidity mint. It should not be described as a perfect per-reserve whitelist.
The Policies Earn Uses
| Policy | What it allows | What it does not allow |
|---|---|---|
| Earn route policy | Same-mint Kamino withdraw and deposit actions from the Earn vault | Arbitrary token transfers, arbitrary programs, or cross-mint swaps |
| Earn setup policy | Account setup needed for approved Kamino markets | Moving user funds outside the approved Earn path |
| Autodeposit policy | Moving eligible USDC surplus from your wallet token account into the Earn vault | Moving below your floor, changing the mint, or sending funds elsewhere |