Superform v1
  • Introduction
  • Components
    • Protocol
    • Keepers
    • API
    • App
  • E2E Flows
    • Same-chain Deposit
    • Cross-chain Deposit
    • Same-chain Withdrawal
    • Cross-chain Withdrawal
  • Periphery Contracts
    • SuperformRouter
      • SuperformRouterPlus
      • SuperformRouterPlusAsync
    • PayMaster
    • PaymentHelper
    • EmergencyQueue
    • SuperformFactory
    • Forms
      • ERC4626Form
      • ERC5115Form
      • ERC7540Form
    • SuperPositions
      • ERC1155A
    • RewardsDistributor
  • Core Contracts
    • State Registries
      • CoreStateRegistry
      • AsyncStateRegistry
      • PayloadHelper
    • AMB Implementations
      • LayerzeroImplementation
      • LayerzeroV2Implementation
      • WormholeARImplementation
      • HyperlaneImplementation
      • AxelarImplementation
    • Broadcasting
      • BroadcastRegistry
      • WormholeSRImplementation
    • Bridge Validators
      • LiFiValidator
      • SocketValidator
      • SocketOneInchValidator
      • DebridgeValidator (and forwarder)
      • OneInchValidator
    • DstSwapper
    • Settings
      • SuperRBAC
      • SuperRegistry
  • SuperVaults
    • SuperVaults
  • Resources
    • Deployment Addresses
    • Subgraphs
      • Protocol Level Entities
      • Form Related Entities
      • Deposits and Withdrawals
      • SuperPosition Events
      • External Entities
    • Infrastructure Integrations
    • Security & Audits
    • Protocol License
    • Glossary
    • Protocol Multisig
    • Superform Labs Socials
Powered by GitBook
On this page
  • Introduction
  • Core Concepts
  • Generic Roles
  • Contract Specific Roles
  • Protocol Admin Functionality

Was this helpful?

  1. Core Contracts
  2. Settings

SuperRBAC

Last updated 7 months ago

Was this helpful?

Introduction

SuperRBAC manages role-based access control in the Superform Protocol. It allows for granting and revoking various roles to specific addresses.

Core Concepts

There are multiple roles in the Superform ecosystem that serve to ensure uptime for the protocol and future upgrade capabilities. The responsibilities of these roles will be decentralized over time.

Generic Roles

These roles are multi-sigs given their potential to impact liveliness of the overall protocol.

  • PROTOCOL_ADMIN_ROLE: Role for managing overall protocol administration. More on this here Protocol Admin Functionality

  • EMERGENCY_ADMIN_ROLE: Role for managing emergency administrative actions

Contract Specific Roles

These roles serve specialized functions in individual contracts for added security and improved UX.

  • PAYMENT_ADMIN_ROLE: Role for managing payment-related actions in .

  • BROADCASTER_ROLE: Role for managing broadcasting payloads in .

  • CORE_STATE_REGISTRY_PROCESSOR_ROLE: Role for managing processing operations in .

  • BROADCAST_REGISTRY_PROCESSOR_ROLE : Role for managing processing broadcast payloads in .

  • CORE_STATE_REGISTRY_UPDATER_ROLE: Role for managing updating operations in .

  • DST_SWAPPER_ROLE: Role for managing swapping operations on .

  • CORE_STATE_REGISTRY_RESCUER_ROLE: Role for managing rescue operations in .

  • CORE_STATE_REGISTRY_DISPUTER_ROLE: Role for managing dispute operations in .

  • WORMHOLE_VAA_RELAYER_ROLE: Role that will be reading VAAs for broadcast functionality in .

Protocol Admin Functionality

setSuperRegistry

function setSuperRegistry(
    address superRegistry_
) external override onlyRole(PROTOCOL_ADMIN_ROLE)
name

superRegistry_

address of the SuperRegistry contract

setRoleAdmin

This function allows the existing PROTOCOL_ADMIN to create a new role in the Superform ecosystem with an admin address for it (typically still PROTOCOL_ADMIN)

function setRoleAdmin(
    bytes32 role_,
    bytes32 adminRole_
) external override onlyRole(PROTOCOL_ADMIN_ROLE)
name
description

role_

bytes32 hash of the role_ to set

adminRole_

bytes32 hash of the administrator who is allowed to make changes to that role

revokeRoleSuperBroadcast

function revokeRoleSuperBroadcast(
    bytes32 role_,
    address addressToRevoke_,
    bytes memory extraData_,
    bytes32 superRegistryAddressId_
) external payable override onlyRole(PROTOCOL_ADMIN_ROLE)
name
description

role_

bytes32 hash of the role

extraData_

bytes broadcasting data

superRegistryAddressId_

bytes32 super registry id

Granting and Revoking Roles

Checking Roles

All addresses can be checked if they have a role by calling the appropriate check if an address has a role (i.e. hasProtocolAdminRole), returns a bool, which wrappers

This function sets the contract address.

This function revokes the role from on all chains. Note that neither of the general roles (Protocol Admin or Emergency Admin) may be revoked in this manner.

Inherited from

PayMaster
BroadcastRegistry
CoreStateRegistry
BroadcastRegistry
CoreStateRegistry
DstSwapper
CoreStateRegistry
CoreStateRegistry
WormholeSRImplementation
SuperRegistry
SuperRegistry
https://docs.openzeppelin.com/contracts/3.x/access-control