PierrickGT
commented
2 years ago Labelled as invalid, this is a safeguard to avoid revoking an address that you may not want to revoke.
Closed code423n4 closed 2 years ago
PierrickGT
commented
2 years ago Labelled as invalid, this is a safeguard to avoid revoking an address that you may not want to revoke.
In AccessControl.renounceRole() you take address as an argument but then you require that the address is == to msg.sender.
Since this function is just for users renouncing their own roles, it doesn't make sense to take the address as an input.
You can just automatically add msg.sender.
Here is the link to it: https://github.com/yieldprotocol/yield-utils-v2/blob/33b4f19bffa871d19e3cef9bfe43b8f5c3eef068/contracts/access/AccessControl.sol#L222