Merge pull request #8 from Synaps3Protocol/role/manager

Role/manager
Synaps3Protocol · Nov 5, 2024 · bc4722d · bc4722d
2 parents 46a1bb6 + 6036370
commit bc4722d
Show file tree

Hide file tree

Showing 53 changed files with 1,373 additions and 467 deletions.
diff --git a/README.md b/README.md
@@ -7,6 +7,8 @@ Welcome! 🎉 Synapse is redefining how creative IP distribution works. Whether
 
 ![image](https://github.com/user-attachments/assets/59610c00-672d-4eec-88dc-71b4fc8add59)
 
+MMC: 0x21173483074a46c302c4252e04c76fA90e6DdA6C
+TOLLGATE: 0x6bfF13FfD2507174174089ca49e584533fEDE18a
 
 ## Join the Fun
 Found a bug? Got a cool idea? Open a pull request or start a discussion on GitHub. We’d love to build this together!

diff --git a/broadcast/01_Deploy_Economics_Treasury.s.sol/80002/run-1730835926.json b/broadcast/01_Deploy_Economics_Treasury.s.sol/80002/run-1730835926.json
diff --git a/broadcast/01_Deploy_Economics_Treasury.s.sol/80002/run-latest.json b/broadcast/01_Deploy_Economics_Treasury.s.sol/80002/run-latest.json
diff --git a/broadcast/02_Deploy_Economics_Tollgate.s.sol/80002/run-1730826985.json b/broadcast/02_Deploy_Economics_Tollgate.s.sol/80002/run-1730826985.json
diff --git a/broadcast/02_Deploy_Economics_Tollgate.s.sol/80002/run-1730835710.json b/broadcast/02_Deploy_Economics_Tollgate.s.sol/80002/run-1730835710.json
diff --git a/broadcast/02_Deploy_Economics_Tollgate.s.sol/80002/run-latest.json b/broadcast/02_Deploy_Economics_Tollgate.s.sol/80002/run-latest.json
diff --git a/contracts/access/AccessManager.sol b/contracts/access/AccessManager.sol
@@ -0,0 +1,93 @@
+// SPDX-License-Identifier: MIT
+pragma solidity 0.8.26;
+
+import { Initializable } from "@openzeppelin/contracts-upgradeable/proxy/utils/Initializable.sol";
+import { UUPSUpgradeable } from "@openzeppelin/contracts-upgradeable/proxy/utils/UUPSUpgradeable.sol";
+import { AccessControlUpgradeable } from "@openzeppelin/contracts-upgradeable/access/AccessControlUpgradeable.sol";
+import { IAccessControl } from "@openzeppelin/contracts/access/IAccessControl.sol";
+import { IAccessManager } from "contracts/interfaces/access/IAccessManager.sol";
+
+import { C } from "contracts/libraries/Constants.sol";
+
+/// @title AccessManager
+/// @dev Manages roles and permissions across the protocol.
+contract AccessManager is Initializable, UUPSUpgradeable, AccessControlUpgradeable, IAccessManager {
+    address private _governor;
+
+    /// @notice Event emitted when a role is granted to an account.
+    /// @param account The address of the account that has been granted the role.
+    /// @param role The role granted to the account.
+    event RoleGranted(address indexed account, bytes32 role);
+
+    /// @notice Event emitted when a role is revoked from an account.
+    /// @param account The address of the account that has had the role revoked.
+    /// @param role The role revoked from the account.
+    event RoleRevoked(address indexed account, bytes32 role);
+
+    /// @dev Modifier that checks if the caller has the DEFAULT_ADMIN_ROLE.
+    modifier onlyAdmin() {
+        _checkRole(C.ADMIN_ROLE);
+        _;
+    }
+
+    /// @dev Modifier that checks if the caller has the GOV_ROLE.
+    modifier onlyGov() {
+        _checkRole(C.GOV_ROLE);
+        _;
+    }
+
+    /// @custom:oz-upgrades-unsafe-allow constructor
+    constructor() {
+        _disableInitializers();
+    }
+
+    /// @notice Initializes the AccessManager contract and assigns the ADMIN_ROLE to the deployer.
+    function initialize() public initializer {
+        __UUPSUpgradeable_init();
+        __AccessControl_init();
+        _grantRole(C.ADMIN_ROLE, msg.sender);
+    }
+
+    /// @notice Returns the current governor address.
+    /// @return The address of the current governor.
+    function getGovernor() external view returns (address) {
+        return _governor;
+    }
+
+    /// @notice Sets the governance address.
+    /// @dev Only callable by an account with DEFAULT_ADMIN_ROLE.
+    /// @param governor The address to set as the new governor.
+    function setGovernor(address governor) external onlyAdmin {
+        _grantRole(C.GOV_ROLE, governor);
+        _governor = governor;
+    }
+
+    /// @notice Grants a specific role to an account.
+    /// @param account The address of the account to grant the role to.
+    /// @param role The role to be granted.
+    /// @dev Only governance is allowed to grant roles.
+    function grantRole(
+        bytes32 role,
+        address account
+    ) public override(IAccessControl, AccessControlUpgradeable) onlyGov {
+        _grantRole(role, account);
+        emit RoleGranted(account, role);
+    }
+
+    /// @notice Revokes a specific role from an account.
+    /// @param account The address of the account to revoke the role from.
+    /// @param role The role to be revoked.
+    /// @dev Only governance is allowed to revoke roles.
+    function revokeRole(
+        bytes32 role,
+        address account
+    ) public override(IAccessControl, AccessControlUpgradeable) onlyGov {
+        _revokeRole(role, account);
+        emit RoleRevoked(account, role);
+    }
+
+    /// @dev Authorizes the upgrade of the contract.
+    /// @notice Only the admin can authorize the upgrade.
+    /// @param newImplementation The address of the new implementation contract.
+    function _authorizeUpgrade(address newImplementation) internal override onlyAdmin {}
+}
diff --git a/contracts/base/Governable.sol b/contracts/base/Governable.sol
diff --git a/contracts/base/Ledger.sol b/contracts/base/Ledger.sol
@@ -8,13 +8,13 @@ import { ILedgerVerifiable } from "contracts/interfaces/ILedgerVerifiable.sol";
 /// @dev This contract defines internal functions to manipulate ledger balances and retrieve account data.
 abstract contract Ledger is ILedgerVerifiable {
     // Mapping to store balances per account and currency.
-    mapping(address => mapping(address => uint256)) private ledger;
+    mapping(address => mapping(address => uint256)) private _ledger;
 
     /// @notice Retrieves the registered currency balance for the specified account.
     /// @param account The address of the account to retrieve the balance for.
     /// @param currency The address of the currency to retrieve the balance for.
     function getLedgerBalance(address account, address currency) public view returns (uint256) {
-        return ledger[account][currency]; // Return the ledger balance for the account and currency.
+        return _ledger[account][currency]; // Return the ledger balance for the account and currency.
     }
 
     /// @notice Internal function to store the currency fees for an account.
@@ -23,7 +23,7 @@ abstract contract Ledger is ILedgerVerifiable {
     /// @param currency The address of the currency being registered.
     /// @dev This function overwrites any previous balance for the account in the given currency.
     function _setLedgerEntry(address account, uint256 amount, address currency) internal {
-        ledger[account][currency] = amount;
+        _ledger[account][currency] = amount;
     }
 
     /// @notice Internal function to accumulate currency fees for an account.
@@ -32,7 +32,7 @@ abstract contract Ledger is ILedgerVerifiable {
     /// @param currency The address of the currency being added.
     /// @dev This function increases the existing balance of the account for the specified currency.
     function _sumLedgerEntry(address account, uint256 amount, address currency) internal {
-        ledger[account][currency] += amount;
+        _ledger[account][currency] += amount;
     }
 
     /// @notice Internal function to subtract currency fees for an account.
@@ -41,6 +41,6 @@ abstract contract Ledger is ILedgerVerifiable {
     /// @param currency The address of the currency being subtracted.
     /// @dev This function decreases the existing balance of the account for the specified currency.
     function _subLedgerEntry(address account, uint256 amount, address currency) internal {
-        ledger[account][currency] -= amount;
+        _ledger[account][currency] -= amount;
     }
 }
diff --git a/contracts/base/upgradeable/AccessControlledUpgradeable.sol b/contracts/base/upgradeable/AccessControlledUpgradeable.sol
@@ -0,0 +1,85 @@
+// SPDX-License-Identifier: MIT
+// NatSpec format convention - https://docs.soliditylang.org/en/v0.5.10/natspec-format.html
+pragma solidity 0.8.26;
+
+import { Initializable } from "@openzeppelin/contracts-upgradeable/proxy/utils/Initializable.sol";
+import { IAccessManager } from "contracts/interfaces/access/IAccessManager.sol";
+import { C } from "contracts/libraries/Constants.sol";
+
+/// @title AccessControlledUpgradeable
+/// @dev Abstract contract that provides role-based access control functionality to upgradeable contracts.
+/// This contract requires an AccessManager to manage roles.
+abstract contract AccessControlledUpgradeable is Initializable {
+    /// @custom:storage-location erc7201:accesscontrolledupgradeable
+    struct AccessControlStorage {
+        address _accessManager;
+    }
+
+    /// @dev Storage slot for AccessControlStorage, calculated using a unique namespace to avoid conflicts.
+    /// The `ACCESS_MANAGER_SLOT` constant is used to point to the location of the storage.
+    bytes32 private constant ACCESS_MANAGER_SLOT = 0xb8e950798a2a06a6f5727a94041b193569f4f67d69a0de3cf866d93822e7fa00;
+
+    /// @dev Error thrown when an unauthorized operation is attempted.
+    error InvalidUnauthorizedOperation(string);
+
+    /// @dev Modifier that checks if the caller has a specific role.
+    /// @param role The role to check.
+    modifier onlyRole(bytes32 role) {
+        if (!_hasRole(role, msg.sender)) {
+            revert InvalidUnauthorizedOperation("Caller does not have required role.");
+        }
+        _;
+    }
+
+    /// @dev Modifier that checks if the caller has the GOV_ROLE.
+    modifier onlyGov() {
+        if (!_hasRole(C.GOV_ROLE, msg.sender)) {
+            revert InvalidUnauthorizedOperation("Only governance can perform this action.");
+        }
+        _;
+    }
+
+    /// @dev Modifier that checks if the caller has the MOD_ROLE.
+    modifier onlyMod() {
+        if (!_hasRole(C.MOD_ROLE, msg.sender)) {
+            revert InvalidUnauthorizedOperation("Only moderator can perform this action.");
+        }
+        _;
+    }
+
+    /// @dev Modifier that checks if the caller has the DEFAULT_ADMIN_ROLE.
+    modifier onlyAdmin() {
+        if (!_hasRole(C.ADMIN_ROLE, msg.sender)) {
+            revert InvalidUnauthorizedOperation("Only admin can perform this action.");
+        }
+        _;
+    }
+
+    /// @notice Initializes the contract with a specified AccessManager address.
+    /// @param accessManager The address of the AccessManager contract.
+    function __AccessControlled_init(address accessManager) internal onlyInitializing {
+        __AccessControlled_init_unchained(accessManager);
+    }
+
+    function __AccessControlled_init_unchained(address accessManager) internal onlyInitializing {
+        AccessControlStorage storage $ = _getAccessControlStorage();
+        $._accessManager = accessManager;
+    }
+
+    /// @notice Checks if an account has a specific role.
+    /// @param role The role to check.
+    /// @param account The address of the account.
+    /// @return bool True if the account has the role, false otherwise.
+    function _hasRole(bytes32 role, address account) internal view returns (bool) {
+        AccessControlStorage storage $ = _getAccessControlStorage();
+        IAccessManager manager = IAccessManager($._accessManager);
+        return manager.hasRole(role, account);
+    }
+
+    ///@notice Internal function to access the AccessControlStorage.
+    function _getAccessControlStorage() private pure returns (AccessControlStorage storage $) {
+        assembly {
+            $.slot := ACCESS_MANAGER_SLOT
+        }
+    }
+}
diff --git a/contracts/base/upgradeable/GovernableUpgradeable.sol b/contracts/base/upgradeable/GovernableUpgradeable.sol