Skip to main content

App Permissions

Purpose

Provide role-based access control for app owners, operators, and publishers.

Scope

This contract manages roles only. It does not store app metadata.

Roles

APP_ADMIN: manages roles and app configuration.
APP_OPERATOR: runs app services or indexers.
APP_PUBLISHER: publishes app content or metadata.

Core Flows

App owner is the initial admin.
Admins grant or revoke roles per app ID.

Security Invariants

Only app admins can grant or revoke roles.
Role assignments are evented and auditable.

Integration Notes

App modules SHOULD check roles for sensitive operations.

Purpose
Scope
Roles
Core Flows
Security Invariants
Integration Notes