This repository has been archived by the owner on May 26, 2023. It is now read-only.
-
Notifications
You must be signed in to change notification settings - Fork 0
/
ContractWhitelist.sol
49 lines (40 loc) · 1.9 KB
/
ContractWhitelist.sol
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
// SPDX-License-Identifier: MIT
pragma solidity ^0.8.6;
import "@openzeppelin/contracts-upgradeable/access/AccessControlUpgradeable.sol";
import "./interfaces/IContractWhitelist.sol";
/**
@dev A simple allowlist registry maintained by a trusted party to keep
a list of trusted addresses, upon which a 'call' method or other interactions
could take place.
Should be maintained by security admins and have restricted access (at least though
multi-sig).
*/
contract ContractWhitelist is AccessControlUpgradeable, IContractWhitelist {
mapping(address => bool) whitelist;
// events to track adding or removing items (should be monitored by security backend)
event AddedToWhitelist(address indexed targetAddress);
event RemovedFromWhitelist(address indexed targetAddress);
// this contract uses role-based access, so init the default admin role to the
// contract creator. this is high-privileged role and should be protected
function initialize() public initializer {
_setupRole(DEFAULT_ADMIN_ROLE, _msgSender());
}
function add(address _targetAddress) public {
require(hasRole(DEFAULT_ADMIN_ROLE, msg.sender), "admin only");
whitelist[_targetAddress] = true;
emit AddedToWhitelist(_targetAddress);
}
function remove(address _targetAddress) public {
require(hasRole(DEFAULT_ADMIN_ROLE, msg.sender), "admin only");
whitelist[_targetAddress] = false;
emit RemovedFromWhitelist(_targetAddress);
}
/**
@dev used by main contracts (topup proxy, exchange proxy) to determine, whether
a call to some external 3rd party contract is allowed by this whitelist.
No external call/delegatecall should be done without this additional check.
*/
function isWhitelisted(address _targetAddress) public view override returns(bool) {
return whitelist[_targetAddress];
}
}