Access Control Roles

Required Access Control Roles


This role can grant and revoke wallets and contract addresses for any role including the default admin but cannot perform any other functionality.
Upon successful contract deployment, Legitimate will assign our Gnosis Safe with this role and revoke all other wallets from the admin role.


The API_DELEGATE_USER role is the only core role that is necessary to operate the Legitimate Phygital NFT protocol. This role grants a contract address or wallet address the ability to modify the locked state of individual NFTs, as well as call the claim function to transfer NFTs that are owned by the API_DELEGATE_USER address to other addresses without toggling the locked state.
In the case of Legitimate's hosted services, Legitimate will use this permission to allow users to claim an NFT associated with each LGT Tag through the claim() function. We will also use this permission to unlock NFTs as well using setTokenLock(uint256 tokenId, false).
When using Legitimate's web3 native services, a separate contract can be granted this permission to perform unlocks according to conditions set on that contract including verifying LGT Tag checksum on-chain.
A third-party customer support wallet can also be given this permission to manually unlock or process NFT claims if there are issues.

Legitimate's Serviced Contracts – Additional Roles


The NFT manager role allows Legitimate to grant third parties such as agencies or creators the ability to change the base_url of the NFT to update the NFT metadata and mint tokens without giving away the DEFAULT_ADMIN_role.


This role enables a wallet to set the service status of all phygital NFTs associated on the contract and can be used to unlock all NFTs permanently when the given product's activation period is over.


In physical retail, brands and creators may want to process returns or reset ownership of the NFTs after a secondary resale. This role can be assigned to third party customer service representatives or used by Legitimate's hosted services to process returns and reset the digital experience.
Legitimate can also reset the ownership of the NFTs in the case of secondary resales so that the new owners of the physical goods can obtain the NFTs as well. Specific mechanics of the reset is configurable depending on the creator or brand's needs.
For web3 native clients and projects, this role may not be necessary and should be disabled prior to contract deployment.