Links
🔑

Access Control Roles

Required Access Control Roles

DEFAULT_ADMIN_ROLE

This role can grant and revoke wallets and contract addresses for any role including the default admin but cannot perform any other functionality.
Upon successful contract deployment, Legitimate will assign our Gnosis Safe with this role and revoke all other wallets from the admin role.

API_DELEGATE_ROLE

The API_DELEGATE_USER role is the only core role that is necessary to operate the Legitimate Phygital NFT protocol. This role grants a contract address or wallet address the ability to modify the locked state of individual NFTs, as well as call the claim function to transfer NFTs that are owned by the API_DELEGATE_USER address to other addresses without toggling the locked state.
In the case of Legitimate's hosted services, Legitimate will use this permission to allow users to claim an NFT associated with each LGT Tag through the claim() function. We will also use this permission to unlock NFTs as well using setTokenLock(uint256 tokenId, false).
When using Legitimate's web3 native services, a separate contract can be granted this permission to perform unlocks according to conditions set on that contract including verifying LGT Tag checksum on-chain.
A third-party customer support wallet can also be given this permission to manually unlock or process NFT claims if there are issues.

Legitimate's Serviced Contracts – Additional Roles

NFT_MANAGER_ROLE

The NFT manager role allows Legitimate to grant third parties such as agencies or creators the ability to change the base_url of the NFT to update the NFT metadata and mint tokens without giving away the DEFAULT_ADMIN_role.

SERVICE_STATUS_ROLE

This role enables a wallet to set the service status of all phygital NFTs associated on the contract and can be used to unlock all NFTs permanently when the given product's activation period is over.

TOKEN_RECOVERY_ROLE

In physical retail, brands and creators may want to process returns or reset ownership of the NFTs after a secondary resale. This role can be assigned to third party customer service representatives or used by Legitimate's hosted services to process returns and reset the digital experience.
Legitimate can also reset the ownership of the NFTs in the case of secondary resales so that the new owners of the physical goods can obtain the NFTs as well. Specific mechanics of the reset is configurable depending on the creator or brand's needs.
For web3 native clients and projects, this role may not be necessary and should be disabled prior to contract deployment.