Access Control Roles

Required Access Control Roles

`DEFAULT_ADMIN_ROLE`

This role can grant and revoke wallets and contract addresses for any role including the default admin but cannot perform any other functionality.

Upon successful contract deployment, Legitimate will assign our Gnosis Safe with this role and revoke all other wallets from the admin role.

`API_DELEGATE_ROLE`

The API_DELEGATE_USER role is the only core role that is necessary to operate the Legitimate protocol. This role grants a contract address or wallet address the ability to modify the locked state of individual tokens, as well as call the claim function to transfer tokens that are owned by the API_DELEGATE_USER address to other addresses without toggling the locked state.

In the case of Legitimate's hosted services, Legitimate will use this permission to allow users to claim a token associated with each LGT Tag through the claim() function. We will also use this permission to unlock tokens as well using setTokenLock(uint256 tokenId, false).

When using Legitimate's web3 native services, a separate contract can be granted this permission to perform unlocks according to conditions set on that contract including verifying LGT Tag checksum on-chain.

A third-party customer support wallet can also be given this permission to manually unlock or process token claims if there are issues.

Legitimate's Serviced Contracts – Additional Roles

`NFT_MANAGER_ROLE`

The NFT manager role allows Legitimate to grant third parties such as agencies or creators the ability to change the base_url of the token to update the token metadata and mint tokens without giving away the DEFAULT_ADMIN_role.

The naming of this role is in the process of being changed to TOKEN_MANAGER_ROLE

`SERVICE_STATUS_ROLE`

This role enables a wallet to set the service status of all tokens associated on the contract and can be used to unlock all tokens permanently when the given product's activation period is over.

`TOKEN_RECOVERY_ROLE`

In physical retail, brands and creators may want to process returns or reset ownership of the tokens after a secondary resale. This role can be assigned to third party customer service representatives or used by Legitimate's hosted services to process returns and reset the digital experience.

Legitimate can also reset the ownership of the tokens in the case of secondary resales so that the new owners of the physical goods can obtain the tokens as well. Specific mechanics of the reset is configurable depending on the creator or brand's needs.

For web3 native clients and projects, this role may not be necessary and should be disabled prior to contract deployment.

PreviousLocked721 NextCustomizing the Locked721 Contracts

Last updated 8 months ago

Was this helpful?

Required Access Control Roles

DEFAULT_ADMIN_ROLE

This role can grant and revoke wallets and contract addresses for any role including the default admin but cannot perform any other functionality.

Upon successful contract deployment, Legitimate will assign our Gnosis Safe with this role and revoke all other wallets from the admin role.

API_DELEGATE_ROLE

A third-party customer support wallet can also be given this permission to manually unlock or process token claims if there are issues.

Legitimate's Serviced Contracts – Additional Roles

NFT_MANAGER_ROLE

The naming of this role is in the process of being changed to TOKEN_MANAGER_ROLE

SERVICE_STATUS_ROLE

This role enables a wallet to set the service status of all tokens associated on the contract and can be used to unlock all tokens permanently when the given product's activation period is over.

TOKEN_RECOVERY_ROLE

For web3 native clients and projects, this role may not be necessary and should be disabled prior to contract deployment.