AUT_TokenGated_Roles_v1.sol

Git Source

Inherits: IAUT_TokenGated_Roles_v1, AUT_Roles_v1

Author: Inverter Network

Extends the Inverter's role-based access control to include token gating, enabling roles to be conditionally assigned based on token ownership. This mechanism allows for dynamic permissioning tied to specific token holdings.

Builds on {AUT_Roles_v1} by integrating token-based access checks before role assignment. Utilizes checks on token balances to gate access, supporting both {ERC20} and {ERC721} tokens as qualifiers for role eligibility.

State Variables

isTokenGated

Stores if a role is token gated.

mapping(bytes32 => bool) public isTokenGated;

thresholdMap

Stores the threshold amount for each token in a role.

mapping(bytes32 => uint) public thresholdMap;

__gap

Storage gap for future upgrades.

uint[50] private __gap;

Functions

supportsInterface

See {IERC165-supportsInterface}.

onlyEmptyRole

Modifier to guarantee function is only callable when the role is empty.

Parameters

onlyTokenGated

Modifier to guarantee function is only callable when the role is token-gated.

Parameters

validThreshold

Modifier to guarantee function is only callable when the threshold is valid.

Parameters

hasTokenRole

Checks if an account qualifies for a token-gated role.

Parameters

Returns

getThresholdValue

Returns the threshold balance for a given token necessary to qualify for a specific role. If the value is 0, the supplied token is not part of the. role's token gating.

In case the queried role is not token gated, all calls will return 0.

Parameters

Returns

makeRoleTokenGatedFromModule

Sets up a token-gated empty role.

This function is only callable by an active Module for itself. Admin should use setTokenGated().

Parameters

grantTokenRoleFromModule

One-step setup for Modules to create a token-gated role and set its threshold. Please be aware that using tokens that are transferable and have active markets could make the token-gated authorization vulnerable to flash loans, potentially bypassing. the authorization mechanism.

Parameters

setThresholdFromModule

Allows a Module to set the threshold of one of it's roles.

Parameters

setTokenGated

Sets if a role is token-gated or not.

Admin access for rescue purposes. If the role has active members, they need to be reovked first.

Parameters

setThreshold

Sets the minimum threshold for a token-gated role.

This function does not validate the threshold. It is technically possible to set a threshold above the total supply of the token.

Parameters

_grantRole

Grants a role to an address.

Overrides _grantRole from {AUT_ROLES_v1} to enforce interface implementation and threshold existence when role is token-gated.

Please note: current check for validating a valid token is not conclusive and could be circumvented through a callback() function.

Parameters

Returns

_revokeRole

Overrides _revokeRole to clean up threshold data on revoking.

Parameters

Returns

_setThreshold

Sets the minimum threshold for a token-gated role.

This function does not validate the threshold. It is technically possible to set a threshold above the total supply of the token.

Parameters

_hasTokenRole

Internal function that checks if an account qualifies for a token-gated role.

Parameters

checkForRole

In case the role is token gated, it will check if {who} holds a balance above the threshold for at least one of the required tokens.

The calling contract needs to generate the right role ID using its own address and the role identifier. In modules, this function should be used instead of hasRole, as there are Authorizer-specific checks that need to be performed.

Parameters

Returns