GitBross Home Explore Help
Register Sign In
sol_Bo8des9o
/
openzeppelin-contracts
1
0
Fork 0
Files Issues 0 Pull Requests 0 Wiki
Browse Source

Update docs for Ownable2Step (#4721)

Co-authored-by: Nicolás Venturo <nicolas.venturo@gmail.com>
Ernesto García 1 year ago
parent
94697be8a3
commit
74016c376a
2 changed files with 8 additions and 0 deletions
Split View Show Diff Stats
  1. 6 0
      contracts/access/Ownable2Step.sol
  2. 2 0
      docs/modules/ROOT/pages/access-control.adoc

+ 6 - 0
contracts/access/Ownable2Step.sol
View File 

@@ -10,6 +10,12 @@ import {Ownable} from "./Ownable.sol";
 
  * there is an account (an owner) that can be granted exclusive access to
 
  * specific functions.
 
  *
 
+ * This extension of the {Ownable} contract includes a two-step mechanism to transfer
 
+ * ownership, where the new owner must call {acceptOwnership} in order to replace the
 
+ * old one. This can help prevent common mistakes, such as transfers of ownership to
 
+ * incorrect accounts, or to contracts that are unable to interact with the
 
+ * permission system.
 
+ *
 
  * The initial owner is specified at deployment time in the constructor for `Ownable`. This
 
  * can later be changed with {transferOwnership} and {acceptOwnership}.
 
  *

+ 2 - 0
docs/modules/ROOT/pages/access-control.adoc
View File 

@@ -22,6 +22,8 @@ Ownable also lets you:
 
 
 WARNING: Removing the owner altogether will mean that administrative tasks that are protected by `onlyOwner` will no longer be callable!
 
 
+Ownable is a simple and effective way to implement access control, but you should be mindful of the dangers associated with transferring the ownership to an incorrect account that can't interact with this contract anymore. An alternative to this problem is using xref:api:access.adoc#Ownable2Step[`Ownable2Step`]; a variant of Ownable that requires the new owner to explicitly accept the ownership transfer by calling xref:api:access.adoc#Ownable2Step-acceptOwnership--[`acceptOwnership`].
 
+
 
 Note that *a contract can also be the owner of another one*! This opens the door to using, for example, a https://gnosis-safe.io[Gnosis Safe], an https://aragon.org[Aragon DAO], or a totally custom contract that _you_ create.
 
 
 In this way, you can use _composability_ to add additional layers of access control complexity to your contracts. Instead of having a single regular Ethereum account (Externally Owned Account, or EOA) as the owner, you could use a 2-of-3 multisig run by your project leads, for example. Prominent projects in the space, such as https://makerdao.com[MakerDAO], use systems similar to this one.