Update README

0xsequence · Nov 16, 2023 · b886a05 · b886a05
1 parent aa5ae17
commit b886a05
Show file tree

Hide file tree

Showing 4 changed files with 52 additions and 9 deletions.
diff --git a/src/proxies/README.md b/src/proxies/README.md
@@ -1,6 +1,6 @@
 # Proxies
 
-This subsection of the repository contains the implementation of proxy contracts. 
+This subsection of the repository contains the implementation of proxy contracts.
 These proxies delegate calls to an implementation contract, which allows the logic of the contract to be upgraded without changing the address of the contract.
 
 ## Features
@@ -11,6 +11,10 @@ This proxy follows the [Transparent Upgradeable Proxy](https://docs.openzeppelin
 
 This allows multiple proxies to be upgraded simultaneously, while also allowing individual upgrades to contracts.
 
+**Note**: This implementation does NOT prevent the owner of the proxy from accessing the underlying implementation.
+This means that the owner may be succeptible to proxy selector attack.
+See this article about [proxy selector clashing](https://medium.com/nomic-labs-blog/malicious-backdoors-in-ethereum-proxies-62629adf3357) for more information.
+
 ### Sequence Proxy Factory
 
 A factory for deploying Transparent Upgradeable Beacon Proxies.
@@ -28,7 +32,7 @@ contract MyContractFactory is SequenceProxyFactory {
         MyImplementation impl = new MyImplementation();
         SequenceProxyFactory._initialize(address(impl), factoryOwner);
     }
-    
+
     function deploy(address proxyOwner, bytes32 salt) external returns (address) {
         return _createProxy(salt, proxyOwner, "");
     }

diff --git a/src/tokens/ERC1155/README.md b/src/tokens/ERC1155/README.md
@@ -22,7 +22,7 @@ The `ERC1155TokenMinter` contract is a preset that configures the `ERC1155Token`
 
 The `ERC1155TokenSale` contract is a preset that configures the `ERC1155Token` contract to allow for the sale of tokens. It adds a `mint(address to, , uint256[] memory tokenIds, uint256[] memory amounts, bytes memory data, bytes32[] calldata proof)` function allows for the minting of tokens under various conditions.
 
-Conditions may be set by the contract owner using either the `setTokenSaleDetails(uint256 tokenId, uint256 cost, uint256 supplyCap, uint64 startTime, uint64 endTime, bytes32 merkleRoot)` function for single token settings or the `setGlobalSaleDetails(uint256 cost, uint256 supplyCap, address paymentTokenAddr, uint64 startTime, uint64 endTime, bytes32 merkleRoot)` function for global settings. These functions can only be called by accounts with the `MINT_ADMIN_ROLE`. 
+Conditions may be set by the contract owner using either the `setTokenSaleDetails(uint256 tokenId, uint256 cost, uint256 supplyCap, uint64 startTime, uint64 endTime, bytes32 merkleRoot)` function for single token settings or the `setGlobalSaleDetails(uint256 cost, uint256 supplyCap, address paymentTokenAddr, uint64 startTime, uint64 endTime, bytes32 merkleRoot)` function for global settings. These functions can only be called by accounts with the `MINT_ADMIN_ROLE`.
 
 For information about the function parameters, please refer to the function specification in `presets/sale/IERC1155Sale.sol`.
 
@@ -37,3 +37,17 @@ This section of this repo utilitizes a factory pattern that deploys proxies cont
 ## Dependencies
 
 This repository relies on the ERC1155, ERC1155MintBurn, ERC1155Meta, ERC1155Metadata contracts from 0xSequence for core ERC-1155 functionality, AccessControl from OpenZeppelin for role base permissions and the ERC2981Controlled contract for handling of royalties.
+
+## Access Controls
+
+The contracts use the `AccessControl` contract from OpenZeppelin to provide role based access control.
+Role keys are defined as the `keccak256` value of the role name.
+The following roles are defined:
+
+| Role                  | Description                        | Key                                                                  |
+| --------------------- | ---------------------------------- | -------------------------------------------------------------------- |
+| `DEFAULT_ADMIN_ROLE`  | Can updates roles.                 | `0x0`                                                                |
+| `METADATA_ADMIN_ROLE` | Can update metadata.               | `0xe02a0315b383857ac496e9d2b2546a699afaeb4e5e83a1fdef64376d0b74e5a5` |
+| `MINTER_ROLE`         | Can mint tokens.                   | `0x9f2df0fed2c77648de5860a4cc508cd0818c85b8b8a1ab4ceeef8d981c8956a6` |
+| `MINT_ADMIN_ROLE`     | Can set minting logic.             | `0x4c02318d8c3aadc98ccf18aebbf3126f651e0c3f6a1de5ff8edcf6724a2ad5c2` |
+| `WITHDRAW_ROLE`       | Withdraw tokens from the contract. | `0x5d8e12c39142ff96d79d04d15d1ba1269e4fe57bb9d26f43523628b34ba108ec` |
diff --git a/src/tokens/ERC20/README.md b/src/tokens/ERC20/README.md
@@ -25,3 +25,14 @@ This section of this repo utilitizes a factory pattern that deploys proxies cont
 ## Dependencies
 
 These contract relies on the OpenZeppelin Contracts library, particularly the ERC20, IERC20, IERC20Metadata, and AccessControl contracts, which provide core ERC-20 functionality and secure access control mechanisms.
+
+## Access Controls
+
+The contracts use the `AccessControl` contract from OpenZeppelin to provide role based access control.
+Role keys are defined as the `keccak256` value of the role name.
+The following roles are defined:
+
+| Role                 | Description        | Key                                                                  |
+| -------------------- | ------------------ | -------------------------------------------------------------------- |
+| `DEFAULT_ADMIN_ROLE` | Can updates roles. | `0x0`                                                                |
+| `MINTER_ROLE`        | Can mint tokens.   | `0x9f2df0fed2c77648de5860a4cc508cd0818c85b8b8a1ab4ceeef8d981c8956a6` |
diff --git a/src/tokens/ERC721/README.md b/src/tokens/ERC721/README.md
@@ -22,12 +22,12 @@ The `ERC721TokenSale` contract is a preset that configures the `ERC721Token` con
 
 Conditions may be set by the contract owner using the `setSaleDetails(uint256 supplyCap, uint256 cost, address paymentToken, uint64 startTime, uint64 endTime, bytes32 merkleRoot)` function that can only be called by accounts with the `MINT_ADMIN_ROLE`. The variables function as follows:
 
-* supplyCap: The maximum number of tokens that can be minted. 0 indicates unlimited supply.
-* cost: The amount of payment tokens to accept for each token minted.
-* paymentToken: The ERC20 token address to accept payment in. address(0) indicates ETH.
-* startTime: The start time of the sale. Tokens cannot be minted before this time.
-* endTime: The end time of the sale. Tokens cannot be minted after this time.
-* merkleRoot: The merkle root for allowlist minting.
+- supplyCap: The maximum number of tokens that can be minted. 0 indicates unlimited supply.
+- cost: The amount of payment tokens to accept for each token minted.
+- paymentToken: The ERC20 token address to accept payment in. address(0) indicates ETH.
+- startTime: The start time of the sale. Tokens cannot be minted before this time.
+- endTime: The end time of the sale. Tokens cannot be minted after this time.
+- merkleRoot: The merkle root for allowlist minting.
 
 ## Usage
 
@@ -40,3 +40,17 @@ This section of this repo utilitizes a factory pattern that deploys proxies cont
 ## Dependencies
 
 This repo relies on the ERC721A, IERC721A, ERC721AQueryable, and IERC721AQueryable contracts from Azuki for core ERC-721 functionality, AccessControl from OpenZeppelin for role base permissions and the ERC2981Controlled contract for handling of royalties.
+
+## Access Controls
+
+The contracts use the `AccessControl` contract from OpenZeppelin to provide role based access control.
+Role keys are defined as the `keccak256` value of the role name.
+The following roles are defined:
+
+| Role                  | Description                        | Key                                                                  |
+| --------------------- | ---------------------------------- | -------------------------------------------------------------------- |
+| `DEFAULT_ADMIN_ROLE`  | Can updates roles.                 | `0x0`                                                                |
+| `METADATA_ADMIN_ROLE` | Can update metadata.               | `0xe02a0315b383857ac496e9d2b2546a699afaeb4e5e83a1fdef64376d0b74e5a5` |
+| `MINTER_ROLE`         | Can mint tokens.                   | `0x9f2df0fed2c77648de5860a4cc508cd0818c85b8b8a1ab4ceeef8d981c8956a6` |
+| `MINT_ADMIN_ROLE`     | Can set minting logic.             | `0x4c02318d8c3aadc98ccf18aebbf3126f651e0c3f6a1de5ff8edcf6724a2ad5c2` |
+| `WITHDRAW_ROLE`       | Withdraw tokens from the contract. | `0x5d8e12c39142ff96d79d04d15d1ba1269e4fe57bb9d26f43523628b34ba108ec` |