npm - @etherisc/gif-next - Versions diffs - 0.0.2-da06f3b-803 → 0.0.2-da0f894-204 - Mend

@etherisc/gif-next 0.0.2-da06f3b-803 → 0.0.2-da0f894-204

Files changed (315) hide show

package/contracts/instance/InstanceService.sol CHANGED Viewed

@@ -2,7 +2,6 @@
 pragma solidity ^0.8.20;
 import {Clones} from "@openzeppelin/contracts/proxy/Clones.sol";
-import {ShortString, ShortStrings} from "@openzeppelin/contracts/utils/ShortStrings.sol";
 import {Instance} from "./Instance.sol";
 import {IInstance} from "./IInstance.sol";
@@ -17,24 +16,16 @@ import {Service} from "../../contracts/shared/Service.sol";
 import {IService} from "../shared/IService.sol";
 import {NftId} from "../../contracts/types/NftId.sol";
 import {RoleId} from "../types/RoleId.sol";
-import {
-    ADMIN_ROLE,
-    INSTANCE_OWNER_ROLE,
-    DISTRIBUTION_OWNER_ROLE,
-    POOL_OWNER_ROLE,
-    PRODUCT_OWNER_ROLE,
-    INSTANCE_SERVICE_ROLE,
-    DISTRIBUTION_SERVICE_ROLE,
-    POOL_SERVICE_ROLE,
-    PRODUCT_SERVICE_ROLE,
-    POLICY_SERVICE_ROLE,
-    BUNDLE_SERVICE_ROLE} from "../types/RoleId.sol";
-import {ObjectType, INSTANCE, BUNDLE, POLICY, PRODUCT, DISTRIBUTION, REGISTRY, POOL} from "../types/ObjectType.sol";
+import {ADMIN_ROLE, DISTRIBUTION_OWNER_ROLE, POOL_OWNER_ROLE, PRODUCT_OWNER_ROLE, PUBLIC_ROLE, INSTANCE_SERVICE_ROLE, DISTRIBUTION_SERVICE_ROLE, POOL_SERVICE_ROLE, PRODUCT_SERVICE_ROLE, APPLICATION_SERVICE_ROLE, POLICY_SERVICE_ROLE, CLAIM_SERVICE_ROLE, BUNDLE_SERVICE_ROLE} from "../types/RoleId.sol";
+import {ObjectType, INSTANCE, BUNDLE, APPLICATION, POLICY, CLAIM, PRODUCT, DISTRIBUTION, REGISTRY, POOL} from "../types/ObjectType.sol";
 import {IDistributionComponent} from "../components/IDistributionComponent.sol";
 import {IPoolComponent} from "../components/IPoolComponent.sol";
 import {IProductComponent} from "../components/IProductComponent.sol";
-contract InstanceService is Service, IInstanceService {
+contract InstanceService is
+    Service,
+    IInstanceService
+{
     address internal _masterInstanceAccessManager;
     address internal _masterInstance;
@@ -44,23 +35,20 @@ contract InstanceService is Service, IInstanceService {
     // TODO update to real hash when instance is stable
     bytes32 public constant INSTANCE_CREATION_CODE_HASH = bytes32(0);
-    modifier onlyInstanceOwner(NftId instanceNftId) {
-        if(msg.sender != getRegistry().ownerOf(instanceNftId)) {
-            revert ErrorInstanceServiceRequestUnauhorized(msg.sender);
+    modifier onlyInstanceOwner(NftId instanceNftId) {
+        IRegistry registry = getRegistry();
+        ChainNft chainNft = ChainNft(registry.getChainNftAddress());
+        if( msg.sender != chainNft.ownerOf(instanceNftId.toInt())) {
+            revert ErrorInstanceServiceNotInstanceOwner(msg.sender, instanceNftId);
         }
         _;
     }
     modifier onlyRegisteredService() {
-        if (! getRegistry().isRegisteredService(msg.sender)) {
-            revert ErrorInstanceServiceRequestUnauhorized(msg.sender);
-        }
-        _;
-    }
-    modifier onlyComponent() {
-        if (! getRegistry().isRegisteredComponent(msg.sender)) {
-            revert ErrorInstanceServiceRequestUnauhorized(msg.sender);
+        address caller = msg.sender;
+        if (! getRegistry().isRegisteredService(caller)) {
+            revert ErrorInstanceServiceRequestUnauhorized(caller);
         }
         _;
     }
@@ -82,14 +70,14 @@ contract InstanceService is Service, IInstanceService {
         address registryServiceAddress = registry.getServiceAddress(REGISTRY(), getMajorVersion());
         IRegistryService registryService = IRegistryService(registryServiceAddress);
-        // initially grants ADMIN_ROLE to this (being the instance service).
-        // This will allow the instance service to bootstrap the authorizations of the instance.
-        // Instance service will renounce ADMIN_ROLE when bootstraping is finished
+        // initially set the authority of the access managar to this (being the instance service).
+        // This will allow the instance service to bootstrap the authorizations of the instance
+        // and then transfer the ownership of the access manager to the instance owner once everything is setup
         clonedAccessManager = InstanceAccessManager(Clones.clone(_masterInstanceAccessManager));
-        clonedAccessManager.initialize(address(this), registryAddress);
+        clonedAccessManager.initialize(address(this));
         clonedInstance = Instance(Clones.clone(_masterInstance));
-        clonedInstance.initialize(address(clonedAccessManager), registryAddress, registryNftId, instanceOwner);
+        clonedInstance.initialize(address(clonedAccessManager), registryAddress, registryNftId, msg.sender);
         clonedInstanceReader = InstanceReader(Clones.clone(address(_masterInstanceReader)));
         clonedInstanceReader.initialize(registryAddress, address(clonedInstance));
@@ -101,9 +89,12 @@ contract InstanceService is Service, IInstanceService {
         // TODO amend setters with instance specific , policy manager ...
-        _grantInitialAuthorizations(clonedAccessManager, clonedInstance, clonedBundleManager, instanceOwner);
+        _grantInitialAuthorizations(clonedAccessManager, clonedInstance, clonedBundleManager);
-        assert(clonedAccessManager.renounceRole(ADMIN_ROLE()));
+        // to complete setup switch instance ownership to the instance owner
+        // TODO: use a role less powerful than admin, maybe INSTANCE_ADMIN (does not exist yet)
+        clonedAccessManager.grantRole(ADMIN_ROLE(), instanceOwner);
+        clonedAccessManager.revokeRole(ADMIN_ROLE(), address(this));
         IRegistry.ObjectInfo memory info = registryService.registerInstance(clonedInstance, instanceOwner);
         clonedInstanceNftId = info.nftId;
@@ -112,44 +103,38 @@ contract InstanceService is Service, IInstanceService {
         emit LogInstanceCloned(address(clonedAccessManager), address(clonedInstance), address(clonedInstanceReader), clonedInstanceNftId);
     }
-    function _grantInitialAuthorizations(
-        InstanceAccessManager clonedAccessManager,
-        Instance clonedInstance,
-        BundleManager clonedBundleManager,
-        address instanceOwner)
-            internal
-    {
-        _createCoreAndGifRoles(clonedAccessManager);
-        _createCoreTargets(clonedAccessManager, clonedInstance, clonedBundleManager);
+    function _grantInitialAuthorizations(InstanceAccessManager clonedAccessManager, Instance clonedInstance, BundleManager clonedBundleManager) internal {
+        _createGifRoles(clonedAccessManager);
+        _createGifTargets(clonedAccessManager, clonedInstance, clonedBundleManager);
         _grantDistributionServiceAuthorizations(clonedAccessManager, clonedInstance);
         _grantPoolServiceAuthorizations(clonedAccessManager, clonedInstance);
         _grantProductServiceAuthorizations(clonedAccessManager, clonedInstance);
+        _grantApplicationServiceAuthorizations(clonedAccessManager, clonedInstance);
         _grantPolicyServiceAuthorizations(clonedAccessManager, clonedInstance);
+        _grantClaimServiceAuthorizations(clonedAccessManager, clonedInstance);
         _grantBundleServiceAuthorizations(clonedAccessManager, clonedInstance, clonedBundleManager);
         _grantInstanceServiceAuthorizations(clonedAccessManager, clonedInstance);
-        _grantInstanceOwnerAuthorizations(clonedAccessManager, instanceOwner);
     }
-    function _createCoreAndGifRoles(InstanceAccessManager clonedAccessManager) internal {
-        // default roles controlled by INSTANCE_OWNER_ROLE -> gif roles
-        clonedAccessManager.createRole(INSTANCE_OWNER_ROLE(), "InstanceOwnerRole", ADMIN_ROLE());
-        clonedAccessManager.createRole(DISTRIBUTION_OWNER_ROLE(), "DistributionOwnerRole", INSTANCE_OWNER_ROLE());
-        clonedAccessManager.createRole(POOL_OWNER_ROLE(), "PoolOwnerRole", INSTANCE_OWNER_ROLE());
-        clonedAccessManager.createRole(PRODUCT_OWNER_ROLE(), "ProductOwnerRole", INSTANCE_OWNER_ROLE());
-        // default roles controlled by INSTANCE_SERVICE_ROLE -> core roles, all set/granted only once during cloning
-        clonedAccessManager.createRole(INSTANCE_SERVICE_ROLE(), "InstanceServiceRole", ADMIN_ROLE());
-        clonedAccessManager.createRole(DISTRIBUTION_SERVICE_ROLE(), "DistributionServiceRole", ADMIN_ROLE());
-        clonedAccessManager.createRole(POOL_SERVICE_ROLE(), "PoolServiceRole", ADMIN_ROLE());
-        clonedAccessManager.createRole(PRODUCT_SERVICE_ROLE(), "ProductServiceRole", ADMIN_ROLE());
-        clonedAccessManager.createRole(POLICY_SERVICE_ROLE(), "PolicyServiceRole", ADMIN_ROLE());
-        clonedAccessManager.createRole(BUNDLE_SERVICE_ROLE(), "BundleServiceRole", ADMIN_ROLE());
-        // custom roles -> controled by component owner
+    function _createGifRoles(InstanceAccessManager clonedAccessManager) internal {
+        clonedAccessManager.createGifRole(DISTRIBUTION_OWNER_ROLE(), "DistributionOwnerRole");
+        clonedAccessManager.createGifRole(POOL_OWNER_ROLE(), "PoolOwnerRole");
+        clonedAccessManager.createGifRole(PRODUCT_OWNER_ROLE(), "ProductOwnerRole");
+        clonedAccessManager.createGifRole(DISTRIBUTION_SERVICE_ROLE(), "DistributionServiceRole");
+        clonedAccessManager.createGifRole(POOL_SERVICE_ROLE(), "PoolServiceRole");
+        clonedAccessManager.createGifRole(PRODUCT_SERVICE_ROLE(), "ProductServiceRole");
+        clonedAccessManager.createGifRole(APPLICATION_SERVICE_ROLE(), "ApplicationServiceRole");
+        clonedAccessManager.createGifRole(POLICY_SERVICE_ROLE(), "PolicyServiceRole");
+        clonedAccessManager.createGifRole(CLAIM_SERVICE_ROLE(), "ClaimServiceRole");
+        clonedAccessManager.createGifRole(BUNDLE_SERVICE_ROLE(), "BundleServiceRole");
+        clonedAccessManager.createGifRole(INSTANCE_SERVICE_ROLE(), "InstanceServiceRole");
     }
-    function _createCoreTargets(InstanceAccessManager clonedAccessManager, Instance clonedInstance, BundleManager clonedBundleManager) internal {
-        clonedAccessManager.createTarget(address(clonedAccessManager), "InstanceAccessManager");
-        clonedAccessManager.createTarget(address(clonedInstance), "Instance");
-        clonedAccessManager.createTarget(address(clonedBundleManager), "BundleManager");
+    function _createGifTargets(InstanceAccessManager clonedAccessManager, Instance clonedInstance, BundleManager clonedBundleManager) internal {
+        clonedAccessManager.createGifTarget(address(clonedAccessManager), "InstanceAccessManager");
+        clonedAccessManager.createGifTarget(address(clonedInstance), "Instance");
+        clonedAccessManager.createGifTarget(address(clonedBundleManager), "BundleManager");
     }
     function _grantDistributionServiceAuthorizations(InstanceAccessManager clonedAccessManager, Instance clonedInstance) internal {
@@ -157,9 +142,18 @@ contract InstanceService is Service, IInstanceService {
         IRegistry registry = getRegistry();
         address distributionServiceAddress = registry.getServiceAddress(DISTRIBUTION(), getMajorVersion());
         clonedAccessManager.grantRole(DISTRIBUTION_SERVICE_ROLE(), distributionServiceAddress);
-        bytes4[] memory instanceDistributionServiceSelectors = new bytes4[](2);
-        instanceDistributionServiceSelectors[0] = clonedInstance.createDistributionSetup.selector;// can instance owner set another role for this function?
+        bytes4[] memory instanceDistributionServiceSelectors = new bytes4[](11);
+        instanceDistributionServiceSelectors[0] = clonedInstance.createDistributionSetup.selector;
         instanceDistributionServiceSelectors[1] = clonedInstance.updateDistributionSetup.selector;
+        instanceDistributionServiceSelectors[2] = clonedInstance.createDistributorType.selector;
+        instanceDistributionServiceSelectors[3] = clonedInstance.updateDistributorType.selector;
+        instanceDistributionServiceSelectors[4] = clonedInstance.updateDistributorTypeState.selector;
+        instanceDistributionServiceSelectors[5] = clonedInstance.createDistributor.selector;
+        instanceDistributionServiceSelectors[6] = clonedInstance.updateDistributor.selector;
+        instanceDistributionServiceSelectors[7] = clonedInstance.updateDistributorState.selector;
+        instanceDistributionServiceSelectors[8] = clonedInstance.createReferral.selector;
+        instanceDistributionServiceSelectors[9] = clonedInstance.updateReferral.selector;
+        instanceDistributionServiceSelectors[10] = clonedInstance.updateReferralState.selector;
         clonedAccessManager.setTargetFunctionRole(
             "Instance",
             instanceDistributionServiceSelectors,
@@ -168,7 +162,7 @@ contract InstanceService is Service, IInstanceService {
     function _grantPoolServiceAuthorizations(InstanceAccessManager clonedAccessManager, Instance clonedInstance) internal {
         // configure authorization for pool service on instance
-        address poolServiceAddress = _registry.getServiceAddress(POOL(), getMajorVersion());
+        address poolServiceAddress = getRegistry().getServiceAddress(POOL(), getMajorVersion());
         clonedAccessManager.grantRole(POOL_SERVICE_ROLE(), address(poolServiceAddress));
         bytes4[] memory instancePoolServiceSelectors = new bytes4[](4);
         instancePoolServiceSelectors[0] = clonedInstance.createPoolSetup.selector;
@@ -181,7 +175,7 @@ contract InstanceService is Service, IInstanceService {
     function _grantProductServiceAuthorizations(InstanceAccessManager clonedAccessManager, Instance clonedInstance) internal {
         // configure authorization for product service on instance
-        address productServiceAddress = _registry.getServiceAddress(PRODUCT(), getMajorVersion());
+        address productServiceAddress = getRegistry().getServiceAddress(PRODUCT(), getMajorVersion());
         clonedAccessManager.grantRole(PRODUCT_SERVICE_ROLE(), address(productServiceAddress));
         bytes4[] memory instanceProductServiceSelectors = new bytes4[](5);
         instanceProductServiceSelectors[0] = clonedInstance.createProductSetup.selector;
@@ -195,23 +189,50 @@ contract InstanceService is Service, IInstanceService {
             PRODUCT_SERVICE_ROLE());
     }
+    function _grantApplicationServiceAuthorizations(InstanceAccessManager clonedAccessManager, Instance clonedInstance) internal {
+        // configure authorization for application services on instance
+        address applicationServiceAddress = getRegistry().getServiceAddress(APPLICATION(), getMajorVersion());
+        clonedAccessManager.grantRole(APPLICATION_SERVICE_ROLE(), applicationServiceAddress);
+        bytes4[] memory instanceApplicationServiceSelectors = new bytes4[](3);
+        instanceApplicationServiceSelectors[0] = clonedInstance.createApplication.selector;
+        instanceApplicationServiceSelectors[1] = clonedInstance.updateApplication.selector;
+        instanceApplicationServiceSelectors[2] = clonedInstance.updateApplicationState.selector;
+        clonedAccessManager.setTargetFunctionRole(
+            "Instance",
+            instanceApplicationServiceSelectors,
+            APPLICATION_SERVICE_ROLE());
+    }
     function _grantPolicyServiceAuthorizations(InstanceAccessManager clonedAccessManager, Instance clonedInstance) internal {
-        // configure authorization for policy service on instance
-        address policyServiceAddress = _registry.getServiceAddress(POLICY(), getMajorVersion());
-        clonedAccessManager.grantRole(POLICY_SERVICE_ROLE(), address(policyServiceAddress));
-        bytes4[] memory instancePolicyServiceSelectors = new bytes4[](3);
-        instancePolicyServiceSelectors[0] = clonedInstance.createPolicy.selector;
-        instancePolicyServiceSelectors[1] = clonedInstance.updatePolicy.selector;
-        instancePolicyServiceSelectors[2] = clonedInstance.updatePolicyState.selector;
+        // configure authorization for policy services on instance
+        address policyServiceAddress = getRegistry().getServiceAddress(POLICY(), getMajorVersion());
+        clonedAccessManager.grantRole(POLICY_SERVICE_ROLE(), policyServiceAddress);
+        bytes4[] memory instancePolicyServiceSelectors = new bytes4[](2);
+        instancePolicyServiceSelectors[0] = clonedInstance.updatePolicy.selector;
+        instancePolicyServiceSelectors[1] = clonedInstance.updatePolicyState.selector;
         clonedAccessManager.setTargetFunctionRole(
             "Instance",
             instancePolicyServiceSelectors,
             POLICY_SERVICE_ROLE());
     }
+    function _grantClaimServiceAuthorizations(InstanceAccessManager clonedAccessManager, Instance clonedInstance) internal {
+        // configure authorization for claim/payout services on instance
+        address claimServiceAddress = getRegistry().getServiceAddress(CLAIM(), getMajorVersion());
+        clonedAccessManager.grantRole(POLICY_SERVICE_ROLE(), claimServiceAddress);
+        // TODO add claims function authz
+        bytes4[] memory instanceClaimServiceSelectors = new bytes4[](0);
+        // instanceClaimServiceSelectors[0] = clonedInstance.updatePolicy.selector;
+        // instanceClaimServiceSelectors[1] = clonedInstance.updatePolicyState.selector;
+        clonedAccessManager.setTargetFunctionRole(
+            "Instance",
+            instanceClaimServiceSelectors,
+            CLAIM_SERVICE_ROLE());
+    }
     function _grantBundleServiceAuthorizations(InstanceAccessManager clonedAccessManager, Instance clonedInstance, BundleManager clonedBundleManager) internal {
         // configure authorization for bundle service on instance
-        address bundleServiceAddress = _registry.getServiceAddress(BUNDLE(), getMajorVersion());
+        address bundleServiceAddress = getRegistry().getServiceAddress(BUNDLE(), getMajorVersion());
         clonedAccessManager.grantRole(BUNDLE_SERVICE_ROLE(), address(bundleServiceAddress));
         bytes4[] memory instanceBundleServiceSelectors = new bytes4[](2);
         instanceBundleServiceSelectors[0] = clonedInstance.createBundle.selector;
@@ -235,8 +256,8 @@ contract InstanceService is Service, IInstanceService {
     }
     function _grantInstanceServiceAuthorizations(InstanceAccessManager clonedAccessManager, Instance clonedInstance) internal {
-        // configure authorization for instance service on instance
-        address instanceServiceAddress = _registry.getServiceAddress(INSTANCE(), getMajorVersion());
+// configure authorization for instance service on instance
+        address instanceServiceAddress = getRegistry().getServiceAddress(INSTANCE(), getMajorVersion());
         clonedAccessManager.grantRole(INSTANCE_SERVICE_ROLE(), instanceServiceAddress);
         bytes4[] memory instanceInstanceServiceSelectors = new bytes4[](1);
         instanceInstanceServiceSelectors[0] = clonedInstance.setInstanceReader.selector;
@@ -245,41 +266,24 @@ contract InstanceService is Service, IInstanceService {
             instanceInstanceServiceSelectors,
             INSTANCE_SERVICE_ROLE());
-        // configure authorizations for instance service on instance access manager
-        bytes4[] memory accessManagerInstanceServiceSelectors = new bytes4[](3);
-        accessManagerInstanceServiceSelectors[0] = clonedAccessManager.createTarget.selector;
-        accessManagerInstanceServiceSelectors[1] = clonedAccessManager.setTargetLocked.selector;
-        accessManagerInstanceServiceSelectors[2] = clonedAccessManager.setTargetFunctionRole.selector;
+        bytes4[] memory instanceAccessManagerInstanceServiceSelectors = new bytes4[](1);
+        instanceAccessManagerInstanceServiceSelectors[0] = clonedAccessManager.createGifTarget.selector;
         clonedAccessManager.setTargetFunctionRole(
             "InstanceAccessManager",
-            accessManagerInstanceServiceSelectors,
+            instanceAccessManagerInstanceServiceSelectors,
             INSTANCE_SERVICE_ROLE());
     }
-    function _grantInstanceOwnerAuthorizations(InstanceAccessManager clonedAccessManager, address instanceOwner) internal {
-        // configure authorization for instance owner on instance access manager
-        clonedAccessManager.grantRole(INSTANCE_OWNER_ROLE(), instanceOwner);
-        // TODO instance owner can grant/revoke/renounce INSTANCE_OWNER_ROLE -> through instance service?
-        //clonedAccessManager.setRoleAdmin(INSTANCE_OWNER_ROLE(), INSTANCE_OWNER_ROLE()); -> invalid
-        bytes4[] memory accessManagerInstanceOwnerSelectors = new bytes4[](2);
-        accessManagerInstanceOwnerSelectors[0] = clonedAccessManager.createCustomTarget.selector;
-        accessManagerInstanceOwnerSelectors[1] = clonedAccessManager.setTargetFunctionCustomRole.selector;
-        clonedAccessManager.setTargetFunctionRole(
-            "InstanceAccessManager",
-            accessManagerInstanceOwnerSelectors,
-            INSTANCE_OWNER_ROLE());
-    }
     function setAndRegisterMasterInstance(address instanceAddress)
             external
             onlyOwner
             returns(NftId masterInstanceNftId)
     {
-        require(_masterInstance == address(0), "ERROR:CRD-002:INSTANCE_MASTER_ALREADY_SET");
-        require(_masterInstanceAccessManager == address(0), "ERROR:CRD-001:ACCESS_MANAGER_MASTER_ALREADY_SET");
-        require(_masterInstanceBundleManager == address(0), "ERROR:CRD-004:BUNDLE_MANAGER_MASTER_ALREADY_SET");
+        if(_masterInstance != address(0)) { revert ErrorInstanceServiceMasterInstanceAlreadySet(); }
+        if(_masterInstanceAccessManager != address(0)) { revert ErrorInstanceServiceMasterInstanceAccessManagerAlreadySet(); }
+        if(_masterInstanceBundleManager != address(0)) { revert ErrorInstanceServiceMasterBundleManagerAlreadySet(); }
-        require (instanceAddress != address(0), "ERROR:CRD-006:INSTANCE_ZERO");
+        if(instanceAddress == address(0)) { revert ErrorInstanceServiceInstanceAddressZero(); }
         IInstance instance = IInstance(instanceAddress);
         InstanceAccessManager accessManager = InstanceAccessManager(instance.authority());
@@ -289,13 +293,13 @@ contract InstanceService is Service, IInstanceService {
         BundleManager bundleManager = instance.getBundleManager();
         address bundleManagerAddress = address(bundleManager);
-        require (accessManagerAddress != address(0), "ERROR:CRD-005:ACCESS_MANAGER_ZERO");
-        require (instanceReaderAddress != address(0), "ERROR:CRD-007:INSTANCE_READER_ZERO");
-        require (bundleManagerAddress != address(0), "ERROR:CRD-008:BUNDLE_MANAGER_ZERO");
-        require(instance.authority() == accessManagerAddress, "ERROR:CRD-009:INSTANCE_AUTHORITY_MISMATCH");
-        require(instanceReader.getInstance() == instance, "ERROR:CRD-010:INSTANCE_READER_INSTANCE_MISMATCH");
-        require(bundleManager.getInstance() == instance, "ERROR:CRD-011:BUNDLE_MANAGER_INSTANCE_MISMATCH");
+        if(accessManagerAddress == address(0)) { revert ErrorInstanceServiceAccessManagerZero(); }
+        if(instanceReaderAddress == address(0)) { revert ErrorInstanceServiceInstanceReaderZero(); }
+        if(bundleManagerAddress == address(0)) { revert ErrorInstanceServiceBundleManagerZero(); }
+        if(instance.authority() != accessManagerAddress) { revert ErrorInstanceServiceInstanceAuthorityMismatch(); }
+        if(instanceReader.getInstance() != instance) { revert ErrorInstanceServiceInstanceReaderInstanceMismatch2(); }
+        if(bundleManager.getInstance() != instance) { revert ErrorInstanceServiceBundleMangerInstanceMismatch(); }
         _masterInstanceAccessManager = accessManagerAddress;
         _masterInstance = instanceAddress;
@@ -310,27 +314,27 @@ contract InstanceService is Service, IInstanceService {
         // masterInstance.linkToRegisteredNftId();
     }
-    function setMasterInstanceReader(address instanceReaderAddress)
-        external
-        onlyOwner
-    {
-        require(_masterInstanceReader != address(0), "ERROR:CRD-003:INSTANCE_READER_MASTER_NOT_SET");
-        require (instanceReaderAddress != address(0), "ERROR:CRD-012:INSTANCE_READER_ZERO");
-        require(instanceReaderAddress != _masterInstanceReader, "ERROR:CRD-014:INSTANCE_READER_MASTER_SAME_AS_NEW");
+    function setMasterInstanceReader(address instanceReaderAddress) external onlyOwner {
+        if(_masterInstanceReader == address(0)) { revert ErrorInstanceServiceMasterInstanceReaderNotSet(); }
+        if(instanceReaderAddress == address(0)) { revert ErrorInstanceServiceInstanceReaderAddressZero(); }
+        if(instanceReaderAddress == _masterInstanceReader) { revert ErrorInstanceServiceInstanceReaderSameAsMasterInstanceReader(); }
         InstanceReader instanceReader = InstanceReader(instanceReaderAddress);
-        require(instanceReader.getInstance() == IInstance(_masterInstance), "ERROR:CRD-015:INSTANCE_READER_INSTANCE_MISMATCH");
+        if(instanceReader.getInstance() != IInstance(_masterInstance)) { revert ErrorInstanceServiceInstanceReaderInstanceMismatch(); }
         _masterInstanceReader = instanceReaderAddress;
     }
-    function upgradeInstanceReader(NftId instanceNftId)
-        external
-        onlyInstanceOwner(instanceNftId)
-    {
+    // TODO access restriction
+    function upgradeInstanceReader(NftId instanceNftId) external {
         IRegistry registry = getRegistry();
         IRegistry.ObjectInfo memory instanceInfo = registry.getObjectInfo(instanceNftId);
         Instance instance = Instance(instanceInfo.objectAddress);
+        address owner = instance.getOwner();
+        if (msg.sender != owner) {
+            revert ErrorInstanceServiceRequestUnauhorized(msg.sender);
+        }
         InstanceReader upgradedInstanceReaderClone = InstanceReader(Clones.clone(address(_masterInstanceReader)));
         upgradedInstanceReaderClone.initialize(address(registry), address(instance));
@@ -372,29 +376,22 @@ contract InstanceService is Service, IInstanceService {
         (registryAddress, initialOwner) = abi.decode(data, (address, address));
         // TODO while InstanceService is not deployed in InstanceServiceManager constructor
         //      owner is InstanceServiceManager deployer
-        _initializeService(registryAddress, owner);
-        _registerInterface(type(IInstanceService).interfaceId);
+        initializeService(registryAddress, owner);
+        registerInterface(type(IInstanceService).interfaceId);
     }
-    // TODO call instance access manager directlly and delete this function?
     function hasRole(address account, RoleId role, address instanceAddress) public view returns (bool) {
         Instance instance = Instance(instanceAddress);
         InstanceAccessManager accessManager = InstanceAccessManager(instance.authority());
         return accessManager.hasRole(role, account);
     }
-    // creates gif targets only -> they have INSTANCE as parent
     function createGifTarget(NftId instanceNftId, address targetAddress, string memory targetName) external onlyRegisteredService {
         IRegistry registry = getRegistry();
         IRegistry.ObjectInfo memory instanceInfo = registry.getObjectInfo(instanceNftId);
-        if(instanceInfo.objectType != INSTANCE()) {
-            revert ErrorInstanceServiceNotInstance(instanceNftId);
-        }
         Instance instance = Instance(instanceInfo.objectAddress);
         InstanceAccessManager accessManager = InstanceAccessManager(instance.authority());
-        accessManager.createTarget(targetAddress, targetName);
+        accessManager.createGifTarget(targetAddress, targetName);
     }
     function grantDistributionDefaultPermissions(NftId instanceNftId, address distributionAddress, string memory distributionName) external onlyRegisteredService {
@@ -436,8 +433,22 @@ contract InstanceService is Service, IInstanceService {
         instanceAccessManager.setTargetFunctionRole(poolName, fctSelectors, POOL_OWNER_ROLE());
         bytes4[] memory fctSelectors2 = new bytes4[](1);
-        fctSelectors2[0] = IPoolComponent.underwrite.selector;
+        fctSelectors2[0] = IPoolComponent.verifyApplication.selector;
         instanceAccessManager.setTargetFunctionRole(poolName, fctSelectors2, POLICY_SERVICE_ROLE());
+        // bundle owner specific functions
+        bytes4[] memory fctSelectors3 = new bytes4[](7);
+        fctSelectors3[0] = IPoolComponent.stake.selector;
+        fctSelectors3[1] = IPoolComponent.unstake.selector;
+        fctSelectors3[2] = IPoolComponent.extend.selector;
+        fctSelectors3[3] = IPoolComponent.lockBundle.selector;
+        fctSelectors3[4] = IPoolComponent.unlockBundle.selector;
+        fctSelectors3[5] = IPoolComponent.close.selector;
+        fctSelectors3[6] = IPoolComponent.setBundleFee.selector;
+        instanceAccessManager.setTargetFunctionRole(
+            poolName,
+            fctSelectors3,
+            IPoolComponent(poolAddress).getBundleOwnerRole());
     }
     function grantProductDefaultPermissions(NftId instanceNftId, address productAddress, string memory productName) external onlyRegisteredService {
@@ -457,17 +468,23 @@ contract InstanceService is Service, IInstanceService {
         instanceAccessManager.setTargetFunctionRole(productName, fctSelectors, PRODUCT_OWNER_ROLE());
     }
-    function setComponentLocked(bool locked) onlyComponent external {
+    function setTargetLocked(string memory targetName, bool locked) external {
         address componentAddress = msg.sender;
         IRegistry registry = getRegistry();
-        NftId instanceNftId = registry.getObjectInfo(componentAddress).parentNftId;
-        address instanceAddress = registry.getObjectInfo(instanceNftId).objectAddress;
+        IRegistry.ObjectInfo memory componentInfo = registry.getObjectInfo(componentAddress);
+        if (componentInfo.nftId.eqz()) {
+            revert ErrorInstanceServiceComponentNotRegistered(componentAddress);
+        }
+        // TODO validate component type
+        address instanceAddress = registry.getObjectInfo(componentInfo.parentNftId).objectAddress;
         IInstance instance = IInstance(instanceAddress);
         InstanceAccessManager accessManager = InstanceAccessManager(instance.authority());
-        // TODO setLocked by target address?
-        string memory componentName = ShortStrings.toString(accessManager.getTargetInfo(componentAddress).name);
-        accessManager.setTargetLocked(componentName, locked);
+        accessManager.setTargetClosed(targetName, locked);
     }
 }

package/contracts/instance/InstanceServiceManager.sol CHANGED Viewed

@@ -17,7 +17,7 @@ contract InstanceServiceManager is ProxyManager {
     constructor(
         address registryAddress
     )
-        ProxyManager()
+        ProxyManager(registryAddress)
     {
         InstanceService instSrv = new InstanceService();
         // bytes memory initCode = type(InstanceService).creationCode;

package/contracts/instance/base/ComponentService.sol CHANGED Viewed

@@ -61,7 +61,7 @@ abstract contract ComponentService is Service {
         owner = msg.sender;
         // check component has not already been registerd
-        NftId compoentNftId = _registry.getNftId(componentAddress);
+        NftId compoentNftId = getRegistry().getNftId(componentAddress);
         if(compoentNftId.gtz()) {
             revert ErrorComponentServiceAlreadyRegistered(componentAddress, compoentNftId);
         }

package/contracts/instance/module/IAccess.sol CHANGED Viewed

@@ -11,8 +11,7 @@ interface IAccess {
     struct RoleInfo {
         ShortString name;
         bool isCustom;
-        //bool isLocked;
-        RoleId admin;
+        bool isLocked;
         Timestamp createdAt;
         Timestamp updatedAt;
     }
@@ -25,24 +24,24 @@ interface IAccess {
         Timestamp updatedAt;
     }
-    error ErrorIAccessCallerIsNotRoleAdmin(address caller, RoleId roleId);
     error ErrorIAccessRoleIdInvalid(RoleId roleId);
     error ErrorIAccessRoleIdTooBig(RoleId roleId);
     error ErrorIAccessRoleIdTooSmall(RoleId roleId);
-    error ErrorIAccessRoleIdAlreadyExists(RoleId roleId);
+    error ErrorIAccessRoleIdAlreadyExists(RoleId roleId, ShortString name);
+    error ErrorIAccessRoleIdNotActive(RoleId roleId);
     error ErrorIAccessRoleNameEmpty(RoleId roleId);
     error ErrorIAccessRoleNameNotUnique(RoleId roleId, ShortString name);
-    error ErrorIAccessSetNoncustomRole(RoleId roleId);
-    error ErrorIAccessSetLockedForNoncustomRole(RoleId roleId);
+    error ErrorIAccessRoleInvalidUpdate(RoleId roleId, bool isCustom);
+    error ErrorIAccessRoleIsCustomIsImmutable(RoleId roleId, bool isCustom, bool isCustomExisting);
+    error ErrorIAccessGrantNonexstentRole(RoleId roleId);
+    error ErrorIAccessRevokeNonexstentRole(RoleId roleId);
+    error ErrorIAccessRenounceNonexstentRole(RoleId roleId);
     error ErrorIAccessTargetAddressZero();
     error ErrorIAccessTargetDoesNotExist(ShortString name);
-    error ErrorIAccessTargetAlreadyExists(address target, ShortString name);
+    error ErrorIAccessTargetAddressDoesNotExist(address target);
+    error ErrorIAccessTargetExists(address target, ShortString name);
     error ErrorIAccessTargetNameEmpty(address target);
     error ErrorIAccessTargetNameExists(address target, address existingTarget, ShortString name);
     error ErrorIAccessTargetLocked(address target);
-    error ErrorIAccessTargetIsRegistered(address target);
-    error ErrorIAccessSetLockedForNoncustomTarget(address target);
-    error ErrorIAccessSetForNoncustomTarget(address target);
 }

package/contracts/instance/module/IBundle.sol CHANGED Viewed

@@ -3,6 +3,7 @@ pragma solidity ^0.8.20;
 import {NftId} from "../../types/NftId.sol";
 import {Fee} from "../../types/Fee.sol";
+import {Seconds} from "../../types/Seconds.sol";
 import {Timestamp} from "../../types/Timestamp.sol";
 interface IBundle {
@@ -13,7 +14,7 @@ interface IBundle {
         uint256 capitalAmount; // net investment capital + net premiums - payouts
         uint256 lockedAmount; // capital amount linked to collateralizaion of non-closed policies (<= balance)
         uint256 balanceAmount; // total amount of funds: capitalAmount + fees (balance >= captial)
-        uint256 lifetime;
+        Seconds lifetime;
         Timestamp expiredAt; // no new policies
         Timestamp closedAt; // no open policies, locked amount = 0
     }

package/contracts/instance/module/IDistribution.sol CHANGED Viewed

@@ -24,6 +24,8 @@ interface IDistribution {
         DistributorType distributorType;
         bool active;
         bytes data;
+        uint256 sumCommisions;
+        uint256 numPoliciesSold;
     }
     struct ReferralInfo {

package/contracts/instance/module/IPolicy.sol CHANGED Viewed

@@ -2,12 +2,39 @@
 pragma solidity ^0.8.20;
 import {NftId} from "../../types/NftId.sol";
-import {NumberId} from "../../types/NumberId.sol";
+import {ClaimId} from "../../types/ClaimId.sol";
 import {ReferralId} from "../../types/Referral.sol";
 import {RiskId} from "../../types/RiskId.sol";
+import {Seconds} from "../../types/Seconds.sol";
 import {Timestamp} from "../../types/Timestamp.sol";
 interface IPolicy {
+    struct Premium {
+        // this is the net premium calculated by the product
+        uint256 netPremiumAmount;
+        // fullPremium = netPremium + all fixed amounts + all variable amounts (excl commission and minDistribtuionOwnerFee variable part)
+        uint256 fullPremiumAmount;
+        // premium = fullPremium - discount
+        uint256 premiumAmount;
+        uint256 productFeeFixAmount;
+        uint256 poolFeeFixAmount;
+        uint256 bundleFeeFixAmount;
+        uint256 distributionFeeFixAmount;
+        uint256 productFeeVarAmount;
+        uint256 poolFeeVarAmount;
+        uint256 bundleFeeVarAmount;
+        uint256 distributionFeeVarAmount;
+        uint256 distributionOwnerFeeFixAmount;
+        // this is the remaining amount when the commission and discount are subtracted from the distribution fee variable part (must be at least the minDistributionOwnerFee)
+        uint256 distributionOwnerFeeVarAmount;
+        // this value is based on distributor type referenced in the referral
+        uint256 commissionAmount;
+        // this is based on referral used
+        uint256 discountAmount;
+    }
+    /// @dev policy data for the full policy lifecycle
     struct PolicyInfo {
         NftId productNftId;
         NftId bundleNftId;
@@ -16,7 +43,7 @@ interface IPolicy {
         uint256 sumInsuredAmount;
         uint256 premiumAmount;
         uint256 premiumPaidAmount;
-        uint256 lifetime;
+        Seconds lifetime;
         bytes applicationData;
         bytes policyData;
         uint16 claimsCount;
@@ -37,7 +64,7 @@ interface IPolicy {
     // claimId neeeds to be encoded policyNftId:claimId combination
     struct PayoutInfo {
-        NumberId claimId;
+        ClaimId claimId;
         uint256 amount;
         bytes data;
         Timestamp paidAt; // payoment of confirmed claim amount (or declinedAt)