Skip to content

feat: add explicit admin role separation (#475)#598

Open
Magada06 wants to merge 1 commit into
Vera3289:mainfrom
Magada06:issue-475-admin-role-separation
Open

feat: add explicit admin role separation (#475)#598
Magada06 wants to merge 1 commit into
Vera3289:mainfrom
Magada06:issue-475-admin-role-separation

Conversation

@Magada06

@Magada06 Magada06 commented Jun 26, 2026
edited
Loading

Copy link
Copy Markdown
Contributor

Summary

Closes #475 Enforces clear role boundaries between admin, proposer, and voter across both contracts.
Admin-only functions now reject unauthorized callers, admin ownership transfer follows a safe
two-step pattern, and all role changes emit on-chain events for auditability.

Changes

Governance contract

  • transfer_admin(admin, new_admin) — step 1: current admin nominates a successor
  • accept_admin(new_admin) — step 2: nominee must explicitly accept before the role transfers
  • add_proposer(admin, proposer) / remove_proposer(admin, proposer) — admin-controlled allowlist
  • create_proposal now rejects callers not on the proposer allowlist (NotProposer error)
  • New errors: NoPendingAdmin, NotPendingAdmin, NotProposer
  • New events: adm_init (transfer initiated), adm_done (transfer completed)

Token contract

  • Same two-step transfer_admin / accept_admin pattern with events
  • mint, transfer, burn now emit their respective events (pre-existing gap fixed)

Tests

38 tests passing (23 governance, 15 token), including:

  • test_transfer_admin_two_step — happy path for both contracts
  • test_transfer_admin_non_admin_reverts — non-admin cannot initiate transfer
  • test_accept_admin_wrong_caller_reverts — wrong address cannot steal pending role
  • test_create_proposal_non_proposer_reverts — un-allowlisted address cannot propose
  • test_add_proposer_non_admin_reverts / test_remove_proposer_non_admin_reverts
  • test_remove_proposer_revokes_access — removal is immediate and enforced

Acceptance Criteria

┌───────────┬────────┐
│ Criterion │ Status │
├────────────────────────────────────────────────────┼────────┤
│ Contracts distinguish admin, proposer, voter roles │ ✅ │
├────────────────────────────────────────────────────┼────────┤
│ Admin-only functions reject non-admin callers │ ✅ │
├────────────────────────────────────────────────────┼──────────────────────┤
│ Role transfer flow is safe and auditable │ ✅ two-step + events │
├────────────────────────────────────────────────────┼─────────────────────────┤
│ Tests cover unauthorized access │ ✅ 9 new negative tests │
└────────────────────────────────────────────────────┴─────────────────────────┘

@Magada06
feat: add explicit admin role separation (Vera3289#475)
7951981 
- Governance: two-step transfer_admin/accept_admin with events
- Governance: proposer allowlist (add_proposer, remove_proposer)
- Governance: create_proposal restricted to allowlisted proposers
- Token: two-step transfer_admin/accept_admin with events
- Token: emit mint/transfer/burn events (fixes pre-existing gap)
- Tests: 23 governance + 15 token all passing
- Fix pre-existing broken event comparison tests in token

Closes Vera3289#475
@drips-wave

drips-wave Bot commented Jun 26, 2026

Copy link
Copy Markdown

@Magada06 Great news! 🎉 Based on an automated assessment of this PR, the linked Wave issue(s) no longer count against your application limits.

You can now already apply to more issues while waiting for a review of this PR. Keep up the great work! 🚀

Learn more about application limits

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

Smart Contracts: Add explicit admin role separation

1 participant

@Magada06