Access Control
Last updated
Last updated
Access control information is stored in a single Global Access Control contract on each chain. The GAC contract is ownable and the owner
of the contract is also the global owner for the deployment on each chain.
This globalowner
can perform privileged operations such as updating the list of bridge sender adapters on the source chain for example. On the destination chain, a global owner
can perform operations such as updating the list of bridge receiver adapters in the MultiBridgeMessageReceiver
contract or changing the quorum
threshold.
There are two types of GAC contracts:
MessageSenderGAC: Manages access control information on the source chain
MessageReceiverGAC: Manages access control information on the destination chain
Note: In the case of Uniswap, to ensure that only the Uniswap DAO can control key protocol parameters, the global owner of all components that require privileged control on the source chain will be the . Similarly, the global owner on destination chains would be the corresponding .
Access control for MultiBridgeMessageSender
is managed through a Global Access Control contract, MessageSenderGAC
, which maintains an authorised caller
address and a global owner
address.
Caller
MultiBridgeMessageSender
is intended for one caller. In the case of Uniswap governance, the only caller allowed is the Uniswap timelock contract on Ethereum. Address:
Only the caller
is allowed to call any function within the MultiMessageSender
contract.
Owner
The global owner of the MultiBridgeMessageSender
contract and all adapters on the source chain is the . This ensures that only the Uniswap DAO can control parameters relating to the source deployment.
MultiMessageReceiver has two access control elements:
Owner
Receiver Adapters
Message delivery to the MultiBridgeMessageReceiver
can only be performed by a list of approved bridge receiver adapters. The list is controlled by the global owner
.
The global owner of the MultiBridgeMessageReceiver
is the on the destination chain. This ensures that only the Uniswap DAO can control parameters relating to the remote deployment.