Vaults: Who or what has access to funds?

When we deposit funds into a Vault, who has access to those funds?

I understand they are locked into a smartcontract … but SOMETHING then takes funds OUT of the Vault and starts implementing strategies such as take aLINK to Aave and convert it into stablecoins, the deposit stablecoins into lending / AMM’s.

In other words, SOMETHING has access to the funds. How are we assured that this something or someone can’t just steal the funds?

I feel like Andre has a very good answer to this other than ‘trust me’ – but I don’t know what it is. Does anyone?

Im assuming it would be the logic coded into the smart contract that does these operations?

I think that’s correct – however, since the strategies the Vaults use are malleable and changeable, the ‘locked smart contract’ must lend permission to something changeable. And therein lies a possible surface area of attack – or malicious use. I think.

Oh I see. Would be cool to get some insights into this from someone more knowledable. thx.

Yep. My guess is someone here has insight into this, I would love to know the answer.

Its explained here. The strategy changes are called by the multisig:

https://www.reddit.com/r/yearn_finance/comments/iyqhtj/eli_5_how_vault_controller_vaults_strategy_fit/