AUT_TokenGated_Roles_v1.sol
Inherits: IAUT_TokenGated_Roles_v1, AUT_Roles_v1
Author: Inverter Network
Extends the Inverter's role-based access control to include token gating, enabling roles to be conditionally assigned based on token ownership. This mechanism allows for dynamic permissioning tied to specific token holdings.
Builds on {AUT_Roles_v1} by integrating token-based access checks before role assignment. Utilizes checks on token balances to gate access, supporting both {ERC20} and {ERC721} tokens as qualifiers for role eligibility.
State Variables
isTokenGated
Stores if a role is token gated.
thresholdMap
Stores the threshold amount for each token in a role.
__gap
Storage gap for future upgrades.
Functions
supportsInterface
See {IERC165-supportsInterface}.
onlyEmptyRole
Modifier to guarantee function is only callable when the role is empty.
Parameters
roleId
bytes32
The ID of the role to be checked.
onlyTokenGated
Modifier to guarantee function is only callable when the role is token-gated.
Parameters
roleId
bytes32
The ID of the role to be checked.
validThreshold
Modifier to guarantee function is only callable when the threshold is valid.
Parameters
threshold
uint256
The threshold to be checked.
hasTokenRole
Checks if an account qualifies for a token-gated role.
Parameters
role
bytes32
The role to be checked.
who
address
The account to be checked.
Returns
<none>
bool
True if the account qualifies for the role.
getThresholdValue
Returns the threshold balance for a given token necessary to qualify for a specific role. If the value is 0, the supplied token is not part of the. role's token gating.
In case the queried role is not token gated, all calls will return 0.
Parameters
roleId
bytes32
The role to be checked on.
token
address
The token to check the threshold for.
Returns
<none>
uint256
The threshold amount necessary to qualify for a given token role.
makeRoleTokenGatedFromModule
Sets up a token-gated empty role.
This function is only callable by an active Module for itself. Admin should use setTokenGated().
Parameters
role
bytes32
The role to be made token-gated.
grantTokenRoleFromModule
One-step setup for Modules to create a token-gated role and set its threshold. Please be aware that using tokens that are transferable and have active markets could make the token-gated authorization vulnerable to flash loans, potentially bypassing. the authorization mechanism.
Parameters
role
bytes32
The role to be made token-gated.
token
address
The token for which the threshold will be set.
threshold
uint256
The minimum balance of the token required to qualify for the role.
setThresholdFromModule
Allows a Module to set the threshold of one of it's roles.
Parameters
role
bytes32
The token-gated role.
token
address
The token for which the threshold will be set.
threshold
uint256
The new minimum balance of the token required to qualify for the role.
setTokenGated
Sets if a role is token-gated or not.
Admin access for rescue purposes. If the role has active members, they need to be reovked first.
Parameters
role
bytes32
The ID of the role to be modified.
to
bool
The new value to be set.
setThreshold
Sets the minimum threshold for a token-gated role.
This function does not validate the threshold. It is technically possible to set a threshold above the total supply of the token.
Parameters
roleId
bytes32
The ID of the role to be modified.
token
address
The token for which to the threshold.
threshold
uint256
The user will need to have at least this number to qualify for the role.
_grantRole
Grants a role to an address.
Overrides _grantRole from {AUT_ROLES_v1} to enforce interface implementation and threshold existence when role is token-gated.
Please note: current check for validating a valid token is not conclusive and could be circumvented through a callback() function.
Parameters
role
bytes32
The role to grant.
who
address
The address to grant the role to.
Returns
<none>
bool
bool Returns true if the role has been granted succesfully.
_revokeRole
Overrides _revokeRole to clean up threshold data on revoking.
Parameters
role
bytes32
The id number of the role.
who
address
The user we want to check on.
Returns
<none>
bool
bool Returns if revoke has been succesful.
_setThreshold
Sets the minimum threshold for a token-gated role.
This function does not validate the threshold. It is technically possible to set a threshold above the total supply of the token.
Parameters
roleId
bytes32
The ID of the role to be modified.
token
address
The token for which to the threshold.
threshold
uint256
The user will need to have at least this number to qualify for the role.
_hasTokenRole
Internal function that checks if an account qualifies for a token-gated role.
Parameters
role
bytes32
The role to be checked.
who
address
The account to be checked.
checkForRole
In case the role is token gated, it will check if {who} holds a balance above the threshold for at least one of the required tokens.
The calling contract needs to generate the right role ID using its own address and the role identifier. In modules, this function should be used instead of hasRole, as there are Authorizer-specific checks that need to be performed.
Parameters
role
bytes32
The identifier of the role we want to check
who
address
The address on which to perform the check.
Returns
<none>
bool
bool Returns if the address holds the role
Last updated