1fb7266469
- Introduced Aggregator.sol for Chainlink-compatible oracle functionality, including round-based updates and access control. - Added OracleWithCCIP.sol to extend Aggregator with CCIP cross-chain messaging capabilities. - Created .gitmodules to include OpenZeppelin contracts as a submodule. - Developed a comprehensive deployment guide in NEXT_STEPS_COMPLETE_GUIDE.md for Phase 2 and smart contract deployment. - Implemented Vite configuration for the orchestration portal, supporting both Vue and React frameworks. - Added server-side logic for the Multi-Cloud Orchestration Portal, including API endpoints for environment management and monitoring. - Created scripts for resource import and usage validation across non-US regions. - Added tests for CCIP error handling and integration to ensure robust functionality. - Included various new files and directories for the orchestration portal and deployment scripts.
101 lines
3.3 KiB
Solidity
101 lines
3.3 KiB
Solidity
// SPDX-License-Identifier: MIT
|
|
pragma solidity ^0.8.19;
|
|
|
|
import "@openzeppelin/contracts/access/AccessControl.sol";
|
|
import "./interfaces/IComplianceRegistry.sol";
|
|
|
|
/**
|
|
* @title ComplianceRegistry
|
|
* @notice Manages compliance status for accounts including allowed/frozen flags, risk tiers, and jurisdiction information
|
|
* @dev This registry is consulted by PolicyManager during transfer authorization to enforce compliance rules
|
|
*/
|
|
contract ComplianceRegistry is IComplianceRegistry, AccessControl {
|
|
bytes32 public constant COMPLIANCE_ROLE = keccak256("COMPLIANCE_ROLE");
|
|
|
|
struct ComplianceStatus {
|
|
bool allowed;
|
|
bool frozen;
|
|
uint8 riskTier;
|
|
bytes32 jurisdictionHash;
|
|
}
|
|
|
|
mapping(address => ComplianceStatus) private _compliance;
|
|
|
|
/**
|
|
* @notice Initializes the ComplianceRegistry with an admin address
|
|
* @param admin Address that will receive DEFAULT_ADMIN_ROLE
|
|
*/
|
|
constructor(address admin) {
|
|
_grantRole(DEFAULT_ADMIN_ROLE, admin);
|
|
}
|
|
|
|
/**
|
|
* @notice Returns whether an account is allowed (compliant)
|
|
* @param account Address to check
|
|
* @return true if account is allowed, false otherwise
|
|
*/
|
|
function isAllowed(address account) external view override returns (bool) {
|
|
return _compliance[account].allowed;
|
|
}
|
|
|
|
/**
|
|
* @notice Returns whether an account is frozen
|
|
* @param account Address to check
|
|
* @return true if account is frozen, false otherwise
|
|
*/
|
|
function isFrozen(address account) external view override returns (bool) {
|
|
return _compliance[account].frozen;
|
|
}
|
|
|
|
/**
|
|
* @notice Returns the risk tier for an account
|
|
* @param account Address to check
|
|
* @return Risk tier value (0-255)
|
|
*/
|
|
function riskTier(address account) external view override returns (uint8) {
|
|
return _compliance[account].riskTier;
|
|
}
|
|
|
|
/**
|
|
* @notice Returns the jurisdiction hash for an account
|
|
* @param account Address to check
|
|
* @return bytes32 hash representing the jurisdiction
|
|
*/
|
|
function jurisdictionHash(address account) external view override returns (bytes32) {
|
|
return _compliance[account].jurisdictionHash;
|
|
}
|
|
|
|
/**
|
|
* @notice Sets compliance status for an account
|
|
* @dev Requires COMPLIANCE_ROLE
|
|
* @param account Address to update
|
|
* @param allowed Whether the account is allowed (compliant)
|
|
* @param tier Risk tier (0-255)
|
|
* @param jurHash Jurisdiction hash (e.g., keccak256("US"))
|
|
*/
|
|
function setCompliance(
|
|
address account,
|
|
bool allowed,
|
|
uint8 tier,
|
|
bytes32 jurHash
|
|
) external override onlyRole(COMPLIANCE_ROLE) {
|
|
_compliance[account].allowed = allowed;
|
|
_compliance[account].riskTier = tier;
|
|
_compliance[account].jurisdictionHash = jurHash;
|
|
|
|
emit ComplianceUpdated(account, allowed, tier, jurHash);
|
|
}
|
|
|
|
/**
|
|
* @notice Sets frozen status for an account
|
|
* @dev Requires COMPLIANCE_ROLE. Frozen accounts cannot send or receive tokens.
|
|
* @param account Address to update
|
|
* @param frozen Whether the account should be frozen
|
|
*/
|
|
function setFrozen(address account, bool frozen) external override onlyRole(COMPLIANCE_ROLE) {
|
|
_compliance[account].frozen = frozen;
|
|
emit FrozenUpdated(account, frozen);
|
|
}
|
|
}
|
|
|