Skip to content

Azuro-protocol/Access

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

53 Commits

contracts

contracts

 
 

scripts

scripts

 
 

test

test

 
 

utils

utils

 
 

.env.mock

.env.mock

 
 

.gitignore

.gitignore

 
 

README.md

README.md

 
 

hardhat.config.js

hardhat.config.js

 
 

package.json

package.json

 
 

yarn.lock

yarn.lock

 
 

Repository files navigation

Access project

This project demonstrates access token approach for control call rights different contract-functions.

General concept

Main goal of the project is to provide easy common call access control over different contracts-functions for one project or many projects for any users.

contract1-{func1, func2 ... funcX} ------->    \
contract2-{func1, func2 ... funcY} ------->     \   --> Access.sol
...                                             / 
contractY-{func1, func2 ... funcZ} ------->    /

Access grant realized by owning ERC721 token. Every token is one access role.

+------+         --------------------
|NFT_01|  -->  / Role of Some Action /
+------+        --------------------

+------+         -----------------------
|NFT_02|  -->  / Role of Another Action /
+------+        -----------------------

User can owns some different token roles at once and get access for role allowed function.

                 +------+
                 |NFT_01|
                 +------+
   O          /       +------+      ---------------         || contrac1.func1 ||
  -|-    -->  -----   |NFT_02| -- / Role of Action /  --->  || contrac1.func2 ||
  / \         \       +------+     ---------------          || contrac2.func1 ||
 Alice           +------+
                 |NFT_03|
                 +------+

Contract-function can be bound with different roles at once.

                               --------------------
                             / Role of Some Action /
                          /   --------------------
|| contrac1.func2 ||  --> 
                          \
                               -----------------------
                             / Role of Another Action /
                              -----------------------

Every role represented by bit in 256 bits (32 bytes) access vector. There are 256 roles at access smart contract. Access is granted by matching user access role bits and bound function role bits

          O            Role Action1 [NFT_01]
         -|-           |                      Role Action2 [NFT_02]
         / \           |                      |
        Alice         [1 0 0 ................ 1]
                       |
                    <match>
                       |
|| contrac1.func2 ||  [1 0 0 ................ 0]
                       |
                         --------------------
                       / Role of Some Action /
                        --------------------

Access common cases and functions

1. Controled contract

import "./interface/IAccess.sol";
...
// access modifier
modifier onlyAccess(bytes4 selector) {
    access.checkAccess(msg.sender, address(this), selector);
    _;
}
...
// use access modifier with function selector parameter
function func1(uint256 someValue)
    external 
    onlyAccess(this.func1.selector) 
{
    //some code
}

2. Owner addes roles to Access.sol

function addRole(string memory roleName)

* roleName string stored as fixed length type bytes32, so use short names to fit 32 characters (UTF-8 strings)

3. Owner bind roles to Access.sol

struct RoleData {
  address target;
  bytes4 selector;
  uint8 roleId;
}

function bindRole(RoleData calldata role) external onlyOwner

or for multiple roles

function bindRoles(RoleData[] calldata RoleDatas) external onlyOwner

4. Owner grants role (mint NFT) to user

function grantRole(address user, uint8 roleId, false)

4.1. Owner grants role (mint NFT) to user with non transferable access token

function grantRole(address user, uint8 roleId, true)

5. User can transfer NFT to other user, except non transferable tokens (see 4.1)

// {IERC721-transferFrom}
function transferFrom(address from, address to, uint256 tokenId)

6. User can call some contract with access provided by owning access token

function burn(uint256 tokenId)

7. User can burn NFT (losing role access)

function burn(uint256 tokenId)

8. Owner can revoke access by burning user's NFT token

function burnToken(uint256 tokenId)

9. Owner can change token's transfer ability

function changeTokenTransferability(uint256 tokenId, bool isNonTransferable)

9.1. Owner can change batch of token's transfer ability

function changeBatchTokenTransferability(TokenTransferability[] calldata tokens)

compile and test tasks:

npx hardhat compile
npx hardhat test

About

No description, website, or topics provided.

Resources

Readme
Activity
Custom properties

Stars

6 stars

Watchers

4 watching

Forks

1 fork
Report repository

Releases

No releases published

Packages

No packages published

Languages