Balancer V2 uses an authorization mechanism which allows access control on a function level. At its core, the Authorizercontract manages access to all protected function calls.
Default admin role
The default admin role does not give permission to execute any protected function but allows granting or revoking roles to other entities (or itself).
All entities to which the “default admin role” have been granted, possess the power to grant and revoke execution roles on a function level.
For singleton contracts such as the Vault, all granted roles are bound to its contract address. Should another Vault contract be deployed, roles granted on the 'old' Vault would not apply on the new one.
For contracts deployed through a factory, like Liquidity Pools, roles are bound to all pools created by that same factory address. Therefore, if a role is granted on a Stable Pool created by the StablePoolFactory contract, then that role applies to all other Stable Pools created by this address.
Currently, only the Wavelength Admin Multisig address has been granted roles.
Wavelength uses Balancer V2 contracts verbatim, which have completed several full audits.
Wavelength has completed an audit with Chainsulting, a highly reputable auditor in Web3 cybersecurity.
The contracts are safe for you to interact with, read the audit here.