Omniscia Pirex Audit

ERC1155PresetMinterSupply Manual Review Findings

ERC1155PresetMinterSupply Manual Review Findings

ERP-01M: Misleading Contract Documentation

Description:

The linked documentation of the contract is misleading as it states that the deployer of the contract will acquire the pauser role, a role that does not exist in the system.

Example:

contracts/ERC1155PresetMinterSupply.sol
12/**
13 * @dev {ERC1155} token, including:
14 *
15 *  - ability to check the total supply for a token id
16 *  - ability for holders to burn (destroy) their tokens
17 *  - a minter role that allows for token minting (creation)
18 *
19 * This contract uses {AccessControl} to lock permissioned functions using the
20 * different roles - head to its documentation for details.
21 *
22 * The account that deploys the contract will be granted the minter and pauser
23 * roles, as well as the default admin role, which will let it grant both minter
24 * and pauser roles to other accounts.
25 *
26 * _Deprecated in favor of https://wizard.openzeppelin.com/[Contracts Wizard]._
27 */
28contract ERC1155PresetMinterSupply is
29    Context,
30    AccessControlEnumerable,
31    ERC1155Supply,
32    ERC1155Burnable
33{
34    bytes32 public constant MINTER_ROLE = keccak256("MINTER_ROLE");
35

36    /**
37     * @dev Grants `DEFAULT_ADMIN_ROLE`, `MINTER_ROLE`, and `PAUSER_ROLE` to the account that
38     * deploys the contract.
39     */
40    constructor(string memory uri) ERC1155(uri) {
41        _setupRole(DEFAULT_ADMIN_ROLE, _msgSender());
42

43        _setupRole(MINTER_ROLE, _msgSender());
44    }

Recommendation:

We advise the documentation to be corrected as it is currently misleading.

Alleviation:

The code was updated to no longer reference the PAUSER_ROLE in the general contract and constructor in-line documentation.

Prev

PirexFees.sol (PFS-S)

Next

ERC20SnapshotSolmate.sol (ERS-M)

On this page