AdminAccessChecker is an abstract utility contract that provides protocol and platform-level access control. It’s used by contracts that need to restrict certain functions to authorized administrators.
Overview
Purpose
- Protocol Admin Access: Restricts functions to protocol administrators
- Platform Admin Access: Restricts functions to platform-specific admins
- Centralized Authorization: Uses GlobalParams for single source of truth
- Gas Efficient: Simple address comparison checks
- Reusable: Can be inherited by any contract needing admin access
State Variables
| Variable | Type | Description |
|---|---|---|
GLOBAL_PARAMS | IGlobalParams | Reference to global parameters contract |
Functions
Initialization
Init Access Checker
globalParams: GlobalParams contract address
- Stores reference to GlobalParams
- Enables access control checks
- Factory contracts (TreasuryFactory, CampaignInfoFactory)
- Any contract needing admin access
Modifiers
Only Protocol Admin
- Restricts function to protocol admin only
- Reverts with
AdminAccessCheckerUnauthorizedif caller is not protocol admin
Only Platform Admin
platformHash: Platform identifier
- Restricts function to specific platform’s admin
- Reverts if caller is not platform admin
Errors
AdminAccessCheckerUnauthorized
- Not protocol admin when
onlyProtocolAdminused - Not platform admin when
onlyPlatformAdminused
Usage Examples
Inheriting the Contract
Protocol Admin Functions
Platform Admin Functions
Integration
With TreasuryFactory
With GlobalParams
Security Considerations
Centralized Admin Management
- All admin addresses stored in GlobalParams
- Single source of truth
- Easy to update admin addresses
- Changes propagate to all contracts
Access Control Hierarchy
- Protocol Admin: Can access all protocol-level functions
- Platform Admin: Can only access their platform’s functions
- Separation: Clear isolation between platforms
Gas Efficiency
- Simple address comparison
- No external calls during modifier execution
- Cached reference to GlobalParams
Best Practices
Multi-Sig for Admins
Regular Admin Updates
- Rotate admin keys regularly
- Document admin changes
- Monitor admin address updates
Error Handling
Next Steps
- CampaignAccessChecker - Campaign-level access control
- GlobalParams - Admin address management
- PausableCancellable - Emergency controls