This EIP defines an interface for role-based access control for smart contracts. Roles are defined as byte32. The interface specifies how to read, grant, create, and destroy roles. It specifies the meaning of role power in terms of the ability to call a given method
identified by a bytes4 method selector. It also specifies how metadata of roles are represented.
There are many ways to establish access control for privileged actions. One common pattern is "role-based" access control, where one or more users are assigned to one or more "roles," which grant access to privileged actions. This pattern is more secure and flexible than ownership-based access control since it allows for many people to be granted permissions according to the principle of least privilege.
The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", "NOT RECOMMENDED", "MAY", and "OPTIONAL" in this document are to be interpreted as described in RFC 2119 and RFC 8174.
The reference interfaces are described as follows:
IERC_ACL_COREIERC_ACL_GENERAL.IERC_ACL_METADATA.bytes32. It is RECOMMENDED that the value of such a role be computed as a
keccak256 hash of the role name, in this format: bytes32 role = keccak256("<role_name>"), such as bytes32 role = keccak256("MINTER").IERC_ACL_CORE are chosen to allow backward compatibility with OpenZeppelin's implementation.IERC_ACL_GENERAL conform to ERC-5750 to allow extension.renounceRole method was not adopted, and was consolidated into revokeRole to simplify the interface.Needs discussion.
Needs discussion.
Copyright and related rights waived via CC0.