Add AccessControlDefaultAdminRules extension. #1164

ericnordelo · 2024-09-25T11:35:34Z

🧐 Motivation
AccessControl includes a special role, called DEFAULT_ADMIN_ROLE, which acts as the default admin role for all roles. An account with this role will be able to manage any other role, unless _set_role_admin is used to select a new admin role.

Since it is the admin for all roles by default, and in fact it is also its own admin, this role carries significant risk. To mitigate this risk we have in our Solidity library AccessControlDefaultAdminRules, a recommended extension of AccessControl that adds a number of enforced security measures for this role: the admin is restricted to a single account, with a 2-step transfer procedure with a delay in between steps.

The text was updated successfully, but these errors were encountered:

github-project-automation bot added this to Contracts for Cairo Sep 25, 2024

github-project-automation bot moved this to 📋 Backlog in Contracts for Cairo Sep 25, 2024

ericnordelo modified the milestones: 3. after, 2. next Sep 25, 2024

ericnordelo mentioned this issue Sep 25, 2024

Transfer ownership in the RBAC component #1161

Closed

ggonzalez94 modified the milestones: 2. next, 3. after Oct 15, 2024

andrew-fleming modified the milestones: 3. after, 2. next Oct 18, 2024

ggonzalez94 modified the milestones: 2. next, 3. after Nov 5, 2024

ericnordelo modified the milestones: 3. after, 1. current Nov 25, 2024

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Add AccessControlDefaultAdminRules extension. #1164

Add AccessControlDefaultAdminRules extension. #1164

ericnordelo commented Sep 25, 2024

Add AccessControlDefaultAdminRules extension. #1164

Add AccessControlDefaultAdminRules extension. #1164

Comments

ericnordelo commented Sep 25, 2024