In the Terminus contract we have isApprovedForPool(uint256 poolID, address operator) function, which grants operator burning and minting permission (only pool owner can grant this permissions). There are problems with it:
Approval cannot be taken away. (Huge security problem)
When the pool control transfer is done, old approvals will not be reset (which might be ok), but you will not be able to easily remove approvals for all of the operators
Possible solutions
Add the ability for terminus owner to grant roles (minting, burning, control, etc) by giving terminus pools
Since, solution No 1 can make mess inside the terminus contract, make TerminusManager contract that will handle all the access control. (TerminusManager will be the controller of the pool)
Problem
In the
Terminuscontract we haveisApprovedForPool(uint256 poolID, address operator)function, which grantsoperatorburning and minting permission (only pool owner can grant this permissions). There are problems with it:operatorsPossible solutions
TerminusManagercontract that will handle all the access control. (TerminusManagerwill be the controller of the pool)