-
Notifications
You must be signed in to change notification settings - Fork 10
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Use OpenZeppelin's AccessControl instead of Distributor and Ownable #100
Comments
After the contract is deployed, OpenZeppelin's AccessControl offers functions to manage the roles, e.g.: Using JavaScript ethers: const BURNER_ROLE = ethers.keccak256(ethers.toUtf8Bytes("BURNER_ROLE"))
await contract.revokeRole(BURNER_ROLE, addressToRevokeRole) await contract.hasRole(BURNER_ROLE, addressToCheck) await contract.grantRole(BURNER_ROLE, addressToGrantRole) |
Note that |
But it still has risks, so I've made a more secure suggestion that removes |
We are not using OZ contacts as they have worse upgradability properties because of using plainly defined storage slots, and using Another point is Hypothetically anyone could still implement their custom token with using |
OpenZeppelin developed AccessControl and I was wondering why you didn't use it. There was no need to have
Distributor
at all.Note also that
transferOwnership(address(tokenManager)
in the sample code is crazy!Please see my code below with bolded parts for emphasis, and update your code at https://remix.ethereum.org/axelarnetwork/axelar-docs/blob/main/public/samples/interchain-token-iinterchaintoken.sol .
The text was updated successfully, but these errors were encountered: