search

axelarnetwork / axelar-gmp-sdk-solidity

Solidity libraries and utilities provided by Axelar.
27 stars 30 forks source link

Roles are granted to wrong address on contract deployment #26

Closed tab00 closed 1 year ago

tab00 commented 1 year ago

I added role based access to a cross chain token contract using OpenZeppelin's grantRole, and used deployUpgradable like in the examples.

DEFAULT_ADMIN_ROLE and MINTER_ROLE are granted on deployment of the contract:

    function _setup(bytes calldata params) internal override {

        _grantRole(DEFAULT_ADMIN_ROLE, msg.sender);
        _grantRole(MINTER_ROLE, msg.sender);
    }

After deployment when I try to execute this function that requires an account having MINTER_ROLE:

    function mint(address to, uint256 amount) public onlyRole(MINTER_ROLE) {
        _mint(to, amount);
    }

an error occurs that says [wallet account] is missing role [hash of MINTER_ROLE] even though [wallet account] is the one that originally initiated the deployment.

When I run getRoleMember I found that msg.sender happened to be constAddressDeployer address when grantRole was called, instead of the [wallet account].

So how can we make sure that grantRole takes [wallet account] that initiated the deployment?

tab00 commented 1 year ago

I found a solution: replace msg.sender with tx.origin.