Gearbox architecture is very modular, so it's not just that there is an allowed asset for the entire protocol - there are different pools and can even be multiple pools for the same asset. There can be different Credit Managers with different Allowed List policies, etc. The information below is just an easy-to-grasp understanding for product users. Developers should dive into the tech section in Gearbox Dev docs and understand the intricacies. Namely, the tree goes as follows: