Minter Access Control

tokens/contracts/access/MinterAccessControl.sol

@@ -0,0 +1,51 @@
+// SPDX-License-Identifier: MIT
+
+pragma solidity >=0.6.0 <0.8.0;
+
+import "@openzeppelin/contracts-upgradeable/proxy/Initializable.sol";
+import "@openzeppelin/contracts-upgradeable/access/OwnableUpgradeable.sol";
+import "@openzeppelin/contracts-upgradeable/utils/EnumerableSetUpgradeable.sol";
+
+abstract contract MinterAccessControl is Initializable, OwnableUpgradeable {
+    using EnumerableSetUpgradeable for EnumerableSetUpgradeable.AddressSet;
+
+    EnumerableSetUpgradeable.AddressSet private _minters;
+
+    event MinterAdded(address indexed operator, address indexed minter);
+    event MinterRemoved(address indexed operator, address indexed minter);
+
+    function __MinterAccessControl_init() internal initializer {
+        __Ownable_init_unchained();
+        __MinterAccessControl_init_unchained();
+    }
+
+    function __MinterAccessControl_init_unchained() internal initializer {
+    }
+
+    /**
+     * @dev Add `_minter` to the list of allowed minters.
+     */
+    function addMinter(address _minter) external onlyOwner {
+        require(!_minters.contains(_minter), 'MinterAccessControl: Already minter');
+        _minters.add(_minter);
+        emit MinterAdded(_msgSender(), _minter);
+    }
+
+    /**
+     * @dev Revoke `_minter` from the list of allowed minters.
+     */
+    function removeMinter(address _minter) external onlyOwner {
+        require(_minters.contains(_minter), 'MinterAccessControl: Not minter');
+        _minters.remove(_minter);
+        emit MinterRemoved(_msgSender(), _minter);
+    }
+
+    /**
+     * @dev Returns `true` if `account` has been granted to minters.
+     */
+    function isMinter(address account) public view returns (bool) {
+        return _minters.contains(account);
+    }
+
+    uint256[50] private __gap;
+}

tokens/contracts/erc-1155/ERC1155Rarible.sol

@@ -4,8 +4,9 @@ pragma solidity 0.7.6;
 pragma abicoder v2;
 
 import "./ERC1155Base.sol";
+import "../access/MinterAccessControl.sol";
 
-contract ERC1155Rarible is ERC1155Base {
+contract ERC1155Rarible is ERC1155Base, MinterAccessControl {
     /// @dev true if collection is private, false if public
     bool isPrivate;
 
@@ -40,6 +41,7 @@ contract ERC1155Rarible is ERC1155Base {
         __ERC1155Burnable_init_unchained();
         __RoyaltiesV2Upgradeable_init_unchained();
         __ERC1155Base_init_unchained(_name, _symbol);
+        __MinterAccessControl_init_unchained();
         _setBaseURI(baseURI);
 
         //setting default approver for transferProxies
@@ -49,7 +51,7 @@ contract ERC1155Rarible is ERC1155Base {
 
     function mintAndTransfer(LibERC1155LazyMint.Mint1155Data memory data, address to, uint256 _amount) public override {
         if (isPrivate){
-          require(owner() == data.creators[0].account, "minter is not the owner");
+          require(owner() == data.creators[0].account || isMinter(data.creators[0].account), "not owner or minter");
         }
         super.mintAndTransfer(data, to, _amount);
     }

tokens/contracts/erc-721-minimal/ERC721RaribleMinimal.sol

@@ -4,8 +4,9 @@ pragma solidity 0.7.6;
 pragma abicoder v2;
 
 import "./ERC721BaseMinimal.sol";
+import "../access/MinterAccessControl.sol";
 
-contract ERC721RaribleMinimal is ERC721BaseMinimal {
+contract ERC721RaribleMinimal is ERC721BaseMinimal, MinterAccessControl {
     /// @dev true if collection is private, false if public
     bool isPrivate;
 
@@ -39,6 +40,7 @@ contract ERC721RaribleMinimal is ERC721BaseMinimal {
         __Ownable_init_unchained();
         __ERC721Burnable_init_unchained();
         __Mint721Validator_init_unchained();
+        __MinterAccessControl_init_unchained();
         __HasContractURI_init_unchained(contractURI);
         __ERC721_init_unchained(_name, _symbol);
 
@@ -49,7 +51,7 @@ contract ERC721RaribleMinimal is ERC721BaseMinimal {
 
     function mintAndTransfer(LibERC721LazyMint.Mint721Data memory data, address to) public override virtual {
         if (isPrivate){
-            require(owner() == data.creators[0].account, "minter is not the owner");
+            require(owner() == data.creators[0].account || isMinter(data.creators[0].account), "not owner or minter");
         }
         super.mintAndTransfer(data, to);
     }

tokens/test/MinterAccessControl.test.js

@@ -0,0 +1,71 @@
+const TestingV1 = artifacts.require("MinterAccessControlTestV1.sol");
+const TestingV2 = artifacts.require("MinterAccessControlTestV2.sol");
+
+const { expectThrow } = require('@daonomic/tests-common');
+const { deployProxy, upgradeProxy } = require('@openzeppelin/truffle-upgrades');
+const truffleAssert = require('truffle-assertions');
+
+function creators(list) {
+  const value = 10000 / list.length
+  return list.map(account => ({ account, value }))
+}
+
+contract("MinterAccessControl", accounts => {
+  let token;
+  let tokenOwner = accounts[9];
+
+  beforeEach(async () => {
+    token = await deployProxy(TestingV1, [], { initializer: 'initialize' });
+    await token.transferOwnership(tokenOwner);
+  });
+
+  it("conserve minter access control after upgrade", async () => {
+    const minter = accounts[1];
+
+    await token.addMinter(minter, {from: tokenOwner})
+    assert.equal(await token.isMinter(minter), true);
+
+    // upgrade contract
+    const newInstance = await upgradeProxy(token.address, TestingV2);
+    assert.equal(await newInstance.version(), await newInstance.V2());
+
+    assert.equal(await newInstance.isMinter(minter), true);
+  });
+
+  it("should add a minter and emit event", async () => {
+    const minter = accounts[2];
+
+    let operator;
+    let addedMinter;
+    const receipt = await token.addMinter(minter, {from: tokenOwner})
+    truffleAssert.eventEmitted(receipt, 'MinterAdded', (ev) => {
+      operator = ev.operator;
+      addedMinter = ev.minter;
+      return true;
+    });
+
+    assert.equal(operator, tokenOwner);
+    assert.equal(addedMinter, minter);
+    assert.equal(await token.isMinter(minter), true);
+  })
+
+  it("should remove a minter and emit event", async () => {
+    const minter = accounts[2];
+
+    await token.addMinter(minter, {from: tokenOwner})
+    assert.equal(await token.isMinter(minter), true);
+
+    let operator;
+    let removedMinter;
+    const receipt = await token.removeMinter(minter, {from: tokenOwner})
+    truffleAssert.eventEmitted(receipt, 'MinterRemoved', (ev) => {
+      operator = ev.operator;
+      removedMinter = ev.minter;
+      return true;
+    });
+
+    assert.equal(operator, tokenOwner);
+    assert.equal(removedMinter, minter);
+    assert.equal(await token.isMinter(minter), false);
+  })
+});

tokens/test/contracts/access/MinterAccessControlTestV1.sol

@@ -0,0 +1,15 @@
+// SPDX-License-Identifier: MIT
+
+pragma solidity >=0.6.0 <0.8.0;
+
+import "../../../contracts/access/MinterAccessControl.sol";
+
+contract MinterAccessControlTestV1 is MinterAccessControl {
+
+    function initialize() external initializer {
+        __Ownable_init_unchained();
+        __MinterAccessControl_init_unchained();
+    }
+
+    uint256[50] private __gap;
+}

tokens/test/contracts/access/MinterAccessControlTestV2.sol

@@ -0,0 +1,20 @@
+// SPDX-License-Identifier: MIT
+
+pragma solidity >=0.6.0 <0.8.0;
+
+import "../../../contracts/access/MinterAccessControl.sol";
+
+contract MinterAccessControlTestV2 is MinterAccessControl {
+    bytes4 constant public V2 = bytes4(keccak256("V2"));
+
+    function initialize() external initializer {
+        __Ownable_init_unchained();
+        __MinterAccessControl_init_unchained();
+    }
+
+    function version() public view returns (bytes4) {
+        return V2;
+    }
+
+    uint256[50] private __gap;
+}

tokens/test/erc-1155/ERC1155RaribleUser.test.js

@@ -177,6 +177,78 @@ contract("ERC1155RaribleUser", accounts => {
     await checkCreators(tokenId, [minter]);
   });
 
+  it("mint and transfer with minter access control", async () => {
+    const minter = accounts[1];
+    let transferTo = accounts[2];
+
+    const tokenId = minter + "b00000000000000000000001";
+    const tokenURI = "//uri";
+    let supply = 5;
+    let mint = 2;
+
+    await expectThrow(
+      token.mintAndTransfer([tokenId, tokenURI, supply, creators([minter]), [], [zeroWord]], transferTo, mint, {from: minter})
+    );
+
+    await token.addMinter(minter, {from: tokenOwner});
+    assert.equal(await token.isMinter(minter), true);
+    assert.equal(await token.isMinter(transferTo), false);
+
+    await token.mintAndTransfer([tokenId, tokenURI, supply, creators([minter]), [], [zeroWord]], transferTo, mint, {from: minter});
+    assert.equal(await token.balanceOf(transferTo, tokenId), mint);
+    assert.equal(await token.balanceOf(minter, tokenId), 0);
+  });
+
+  it("mint and transfer with minter access control and minter signature", async () => {
+    const minter = accounts[1];
+    let transferTo = accounts[2];
+
+    const tokenId = minter + "b00000000000000000000001";
+    const tokenURI = "//uri";
+    let supply = 5;
+    let mint = 2;
+
+    const signature = await getSignature(tokenId, tokenURI, supply, creators([minter]), [], minter);
+
+    await expectThrow(
+      token.mintAndTransfer([tokenId, tokenURI, supply, creators([minter]), [], [signature]], transferTo, mint, {from: whiteListProxy})
+    );
+
+    await token.setApprovalForAll(whiteListProxy, true, {from: minter})
+    await token.addMinter(minter, {from: tokenOwner});
+    assert.equal(await token.isMinter(minter), true);
+    assert.equal(await token.isMinter(whiteListProxy), false);
+
+    await token.mintAndTransfer([tokenId, tokenURI, supply, creators([minter]), [], [signature]], transferTo, mint, {from: whiteListProxy})
+    assert.equal(await token.balanceOf(transferTo, tokenId), mint);
+    assert.equal(await token.balanceOf(minter, tokenId), 0);
+  });
+
+  it("mint and transfer with minter access control and wrong minter signature", async () => {
+    const minter = accounts[1];
+    let transferTo = accounts[2];
+
+    const tokenId = minter + "b00000000000000000000001";
+    const tokenURI = "//uri";
+    let supply = 5;
+    let mint = 2;
+
+    const signature = await getSignature(tokenId, tokenURI, supply, creators([minter]), [], transferTo);
+
+    await expectThrow(
+      token.mintAndTransfer([tokenId, tokenURI, supply, creators([minter]), [], [signature]], transferTo, mint, {from: whiteListProxy})
+    );
+
+    await token.setApprovalForAll(whiteListProxy, true, {from: minter})
+    await token.addMinter(minter, {from: tokenOwner});
+    assert.equal(await token.isMinter(minter), true);
+    assert.equal(await token.isMinter(whiteListProxy), false);
+
+    await expectThrow(
+      token.mintAndTransfer([tokenId, tokenURI, supply, creators([minter]), [], [signature]], transferTo, mint, {from: whiteListProxy})
+    );
+  });
+
   async function getSignature(tokenId, tokenURI, supply, creators, fees, account) {
   	return sign(account, tokenId, tokenURI, supply, creators, fees, token.address);
   }

tokens/test/erc-721-minimal/RaribleUser.test.js

@@ -124,6 +124,70 @@ contract("ERC721RaribleUser minimal", accounts => {
     );
   });
 
+  it("mint and transfer with minter access control", async () => {
+    const minter = accounts[1];
+    let transferTo = accounts[2];
+
+    const tokenId = minter + "b00000000000000000000001";
+    const tokenURI = "//uri";
+
+    await expectThrow(
+      token.mintAndTransfer([tokenId, tokenURI, creators([minter]), [], [zeroWord]], transferTo, {from: minter})
+    );
+
+    await token.addMinter(minter, {from: tokenOwner})
+    assert.equal(await token.isMinter(minter), true);
+    assert.equal(await token.isMinter(transferTo), false);
+
+    await token.mintAndTransfer([tokenId, tokenURI, creators([minter]), [], [zeroWord]], transferTo, {from: minter})
+    assert.equal(await token.ownerOf(tokenId), transferTo);
+  });
+
+  it("mint and transfer with minter access control and minter signature", async () => {
+    const minter = accounts[1];
+    let transferTo = accounts[2];
+
+    const tokenId = minter + "b00000000000000000000001";
+    const tokenURI = "//uri";
+
+    const signature = await getSignature(tokenId, tokenURI, creators([minter]), [], minter);
+
+    await expectThrow(
+      token.mintAndTransfer([tokenId, tokenURI, creators([minter]), [], [signature]], transferTo, {from: whiteListProxy})
+    );
+
+    await token.setApprovalForAll(whiteListProxy, true, {from: minter})
+    await token.addMinter(minter, {from: tokenOwner})
+    assert.equal(await token.isMinter(minter), true);
+    assert.equal(await token.isMinter(whiteListProxy), false);
+
+    await token.mintAndTransfer([tokenId, tokenURI, creators([minter]), [], [signature]], transferTo, {from: whiteListProxy})
+    assert.equal(await token.ownerOf(tokenId), transferTo);
+  });
+
+  it("mint and transfer with minter access control and wrong minter signature", async () => {
+    const minter = accounts[1];
+    let transferTo = accounts[2];
+
+    const tokenId = minter + "b00000000000000000000001";
+    const tokenURI = "//uri";
+
+    const signature = await getSignature(tokenId, tokenURI, creators([minter]), [], transferTo);
+
+    await expectThrow(
+      token.mintAndTransfer([tokenId, tokenURI, creators([minter]), [], [signature]], transferTo, {from: whiteListProxy})
+    );
+
+    await token.setApprovalForAll(whiteListProxy, true, {from: minter})
+    await token.addMinter(minter, {from: tokenOwner})
+    assert.equal(await token.isMinter(minter), true);
+    assert.equal(await token.isMinter(whiteListProxy), false);
+
+    await expectThrow(
+      token.mintAndTransfer([tokenId, tokenURI, creators([minter]), [], [signature]], transferTo, {from: whiteListProxy})
+    );
+  });
+
   function getSignature(tokenId, tokenURI, fees, creators, account) {
 		return sign(account, tokenId, tokenURI, fees, creators, token.address);
   }