Grant/Revoke Roles

Introduction

There is a common role flow in inverter network, this guide guides you on how to manage granting / revoking and checking different roles throughout our protocol.

Setup Requirements

The guide includes code snippets for Inverter Network's TypeScript SDK. Please refer to the relevant code snippets based on the SDK you are using.

  1. Set up Inverter Network SDK: Refer to the Quick Start guides for detailed instructions. See the React SDK Guide or TypeScript SDK Guide for more information.

  2. Deploy a Workflow: Refer to the Deploy a Workflow guide for detailed instructions. See the React SDK Guide or TypeScript SDK Guide for more information.

  3. Retrieve a deployed Workflow: Refer to the Operate a Workflow guide for detailed instructions. See the React SDK Guide or TypeScript SDK Guide for more information.

  • Optionally if your setup needs a specific contract: Refer to the Deploy a Contract Guide for detailed instructions. See the React SDK Guide or TypeScript SDK Guide for more information.

Retrieve Workflow Args

The chosen modules for the workflows should be specified for type safety.

import type { RequestedModules } from '@inverter-network/sdk'

// Should either be `as const` or be passed dirrectly in the `requestedModules` param
const requestedModules = {
    fundingManager: 'FM_DepositVault_v1',
    paymentProcessor: 'PP_Simple_v1',
    authorizer: 'AUT_Roles_v1',
    optionalModules: [
        'LM_PC_Bounties_v1'
    ]
} as const satisfies RequestedModules

Fetch Role Hexes

To begin with the process we need the role hexes from the authorizer.

const adminRole = await workflow.authorizer.read.getAdminRole.run()

const verifierRole = await workflow.optionalModule.LM_PC_Bounties_v1.read.VERIFIER_ROLE.run()

Admin Role

Check Role

For checking the status of the role we need to use the role hex.

const hasAdminRole = await workflow.authorizer.read.hasRole.run([
    adminRole,
    walletClient.account.address,
])

Grant or Revoke Role

For admin roles we need to use the grantRole or revokeRole function from the authorizer.

const args = [
    adminRole,
    walletClient.account.address,
] as const

// Grant role
const grantTransactionHash = await workflow.authorizer.write.grantRole.run(args)

// Revoke role
const revokeTransactionHash = await workflow.authorizer.write.revokeRole.run(args)

Module Role

For any role which is not a orchestrator admin role we need to generate a role id using the authorizer this generation is necessary to have a unique identifier since every workflow has different modules with different addresses.

Generate Role

Note that this is only to check the status of a module role.

const generatedVerifierRole = await workflow.authorizer.read.generateRoleId.run([
    workflow.optionalModule.LM_PC_Bounties_v1.address,
    verifierRole,
])

Check Role

For checking the status of the role we need to use the generated role.

const hasVerifierRole = await workflow.authorizer.read.hasRole.run([
    generatedVerifierRole,
    walletClient.account.address,
])

Grant or Revoke Role

For module roles we need to use the grantModuleRole or revokeModuleRole function from the module itself not the authorizer function.

For the granting or revoking we are using the non generated role.

const args = [
    verifierRole,
    walletClient.account.address,
] as const

// Grant role
const grantTransactionHash = await workflow.optionalModule.LM_PC_Bounties_v1.write.grantModuleRole.run(args)

// Revoke role
const revokeTransactionHash = await workflow.optionalModule.LM_PC_Bounties_v1.write.revokeModuleRole.run(args)

Last updated