npm - @layerzerolabs/protocol-stellar-v2 - Versions diffs - 0.2.40 → 0.2.43 - Mend

@layerzerolabs/protocol-stellar-v2 0.2.40 → 0.2.43

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (129) hide show

package/contracts/oapps/oapp-macros/src/generators.rs CHANGED Viewed

@@ -65,15 +65,13 @@ impl Parse for CustomImpls {
     }
 }
-/// Generates a complete OApp implementation with contract attributes and trait implementations.
+/// Generates OApp trait implementations only. No contract-level attributes are applied.
 ///
-/// This function creates:
-/// - `#[common_macros::lz_contract]` - Wrapper macro that combines:
-///   - `#[soroban_sdk::contract]` - Makes the struct a Soroban contract
-///   - `#[common_macros::ttl_configurable]` - Adds TTL configuration with auth
-///   - `#[common_macros::ttl_extendable]` - Adds manual TTL extension support
-///   - `#[common_macros::ownable]` - Adds single-owner access control
-/// - OAppCore, OAppSenderInternal, OAppReceiver, and OAppOptionsType3 trait implementations
+/// This function creates OAppCore, OAppSenderInternal, OAppReceiver, and OAppOptionsType3 trait implementations.
+///
+/// **The user must apply a contract macro** such as `#[common_macros::lz_contract]` or
+/// `#[soroban_sdk::contract]` to the struct. `#[lz_contract]` provides contract, TTL, and Auth
+/// (via `#[ownable]` or `#[multisig]`) in one place.
 ///
 /// The `custom` parameter controls which trait implementations are generated vs.
 /// expected to be provided by the user.
@@ -86,7 +84,6 @@ pub fn generate_oapp(attr: TokenStream, input: TokenStream) -> TokenStream {
     let receiver_impl = (!custom.receiver).then(|| generate_oapp_receiver(&item_struct.ident));
     let options_type3_impl = (!custom.options_type3).then(|| generate_oapp_options_type3(&item_struct.ident));
     quote! {
-        #[common_macros::lz_contract]
         #item_struct
         #core_impl
@@ -98,12 +95,18 @@ pub fn generate_oapp(attr: TokenStream, input: TokenStream) -> TokenStream {
 /// Generates an empty `impl OAppCore` that uses the trait's default implementations
 /// for peer management and endpoint access.
+///
+/// Also generates `impl RoleBasedAccessControl` because OAppCore extends it.
 fn generate_oapp_core(name: &Ident) -> TokenStream {
     quote! {
         use oapp::oapp_core::OAppCore as _;
+        use utils::rbac::RoleBasedAccessControl as _;
         #[soroban_sdk::contractimpl(contracttrait)]
         impl oapp::oapp_core::OAppCore for #name {}
+        #[soroban_sdk::contractimpl(contracttrait)]
+        impl utils::rbac::RoleBasedAccessControl for #name {}
     }
 }

package/contracts/oapps/oapp-macros/src/lib.rs CHANGED Viewed

@@ -126,7 +126,7 @@ mod generators;
 use proc_macro::TokenStream;
-/// Derives a complete OApp: `#[contract]` + `#[ownable]` + Core + Sender + Receiver + OptionsType3.
+/// Derives OApp trait implementations. Apply `#[lz_contract]` (or similar) for contract + TTL + Auth.
 ///
 /// ## Usage
 ///

package/contracts/oapps/oapp-macros/src/tests/snapshots/oapp_macros__tests__oapp__snapshot_generate_oapp.snap CHANGED Viewed

@@ -5,11 +5,13 @@ expression: combined
 ---
 // === Default (no custom impls) ===
-#[common_macros::lz_contract]
 pub struct MyOApp;
 use oapp::oapp_core::OAppCore as _;
+use utils::rbac::RoleBasedAccessControl as _;
 #[soroban_sdk::contractimpl(contracttrait)]
 impl oapp::oapp_core::OAppCore for MyOApp {}
+#[soroban_sdk::contractimpl(contracttrait)]
+impl utils::rbac::RoleBasedAccessControl for MyOApp {}
 use oapp::oapp_sender::OAppSenderInternal as _;
 impl oapp::oapp_sender::OAppSenderInternal for MyOApp {}
 use oapp::oapp_receiver::OAppReceiver as _;
@@ -22,7 +24,6 @@ impl oapp::oapp_options_type3::OAppOptionsType3 for MyOApp {}
 // === custom = [core] ===
-#[common_macros::lz_contract]
 pub struct MyOApp;
 use oapp::oapp_sender::OAppSenderInternal as _;
 impl oapp::oapp_sender::OAppSenderInternal for MyOApp {}
@@ -36,11 +37,13 @@ impl oapp::oapp_options_type3::OAppOptionsType3 for MyOApp {}
 // === custom = [sender] ===
-#[common_macros::lz_contract]
 pub struct MyOApp;
 use oapp::oapp_core::OAppCore as _;
+use utils::rbac::RoleBasedAccessControl as _;
 #[soroban_sdk::contractimpl(contracttrait)]
 impl oapp::oapp_core::OAppCore for MyOApp {}
+#[soroban_sdk::contractimpl(contracttrait)]
+impl utils::rbac::RoleBasedAccessControl for MyOApp {}
 use oapp::oapp_receiver::OAppReceiver as _;
 #[soroban_sdk::contractimpl(contracttrait)]
 impl oapp::oapp_receiver::OAppReceiver for MyOApp {}
@@ -51,11 +54,13 @@ impl oapp::oapp_options_type3::OAppOptionsType3 for MyOApp {}
 // === custom = [receiver] ===
-#[common_macros::lz_contract]
 pub struct MyOApp;
 use oapp::oapp_core::OAppCore as _;
+use utils::rbac::RoleBasedAccessControl as _;
 #[soroban_sdk::contractimpl(contracttrait)]
 impl oapp::oapp_core::OAppCore for MyOApp {}
+#[soroban_sdk::contractimpl(contracttrait)]
+impl utils::rbac::RoleBasedAccessControl for MyOApp {}
 use oapp::oapp_sender::OAppSenderInternal as _;
 impl oapp::oapp_sender::OAppSenderInternal for MyOApp {}
 use oapp::oapp_options_type3::OAppOptionsType3 as _;
@@ -65,11 +70,13 @@ impl oapp::oapp_options_type3::OAppOptionsType3 for MyOApp {}
 // === custom = [options_type3] ===
-#[common_macros::lz_contract]
 pub struct MyOApp;
 use oapp::oapp_core::OAppCore as _;
+use utils::rbac::RoleBasedAccessControl as _;
 #[soroban_sdk::contractimpl(contracttrait)]
 impl oapp::oapp_core::OAppCore for MyOApp {}
+#[soroban_sdk::contractimpl(contracttrait)]
+impl utils::rbac::RoleBasedAccessControl for MyOApp {}
 use oapp::oapp_sender::OAppSenderInternal as _;
 impl oapp::oapp_sender::OAppSenderInternal for MyOApp {}
 use oapp::oapp_receiver::OAppReceiver as _;
@@ -79,20 +86,21 @@ impl oapp::oapp_receiver::OAppReceiver for MyOApp {}
 // === custom = [core, sender, receiver, options_type3] ===
-#[common_macros::lz_contract]
 pub struct MyOApp;
 // === Struct attributes + fields are preserved ===
-#[common_macros::lz_contract]
 #[derive(Clone, Debug)]
 pub struct FancyOApp {
     pub x: u32,
 }
 use oapp::oapp_core::OAppCore as _;
+use utils::rbac::RoleBasedAccessControl as _;
 #[soroban_sdk::contractimpl(contracttrait)]
 impl oapp::oapp_core::OAppCore for FancyOApp {}
+#[soroban_sdk::contractimpl(contracttrait)]
+impl utils::rbac::RoleBasedAccessControl for FancyOApp {}
 use oapp::oapp_sender::OAppSenderInternal as _;
 impl oapp::oapp_sender::OAppSenderInternal for FancyOApp {}
 use oapp::oapp_receiver::OAppReceiver as _;

package/contracts/oapps/oft/integration-tests/setup.rs CHANGED Viewed

@@ -10,12 +10,13 @@ use crate::{
     oft_types::OftType,
 };
 use endpoint_v2::{EndpointV2, EndpointV2Client};
+use oapp::oapp_core::OAPP_ADMIN_ROLE;
 use simple_message_lib::{SimpleMessageLib, SimpleMessageLibClient};
 use soroban_sdk::{
     contract, contractimpl, contracttype, log,
     testutils::{Address as _, MockAuth, MockAuthInvoke},
     token::{StellarAssetClient, TokenClient},
-    Address, BytesN, Env, IntoVal,
+    Address, BytesN, Env, IntoVal, Symbol,
 };
 // ============================================================================
@@ -126,7 +127,7 @@ fn setup_chain<'a>(env: &Env) -> ChainSetup<'a> {
     let shared_decimals: u32 = 6; // Default shared decimals
                                   // MintBurn with SAC wrapper: OFT uses wrapper for mint on credit; burn is on token directly.
     let mode = OftType::MintBurn(sac_wrapper_address.clone());
-    let oft_address = env.register(OFT, (&oft_token, &shared_decimals, &mode, &owner, &endpoint_address, &delegate));
+    let oft_address = env.register(OFT, (&oft_token, &shared_decimals, &mode, &endpoint_address, delegate.as_ref().unwrap()));
     let endpoint = EndpointV2Client::new(env, &endpoint_address);
     let sml = SimpleMessageLibClient::new(env, &sml_address);
@@ -213,17 +214,34 @@ pub fn wire_oft(env: &Env, chains: &[&ChainSetup<'_>]) {
     }
 }
+fn grant_oapp_admin(env: &Env, contract: &Address, owner: &Address) {
+    let role = Symbol::new(env, OAPP_ADMIN_ROLE);
+    env.mock_auths(&[MockAuth {
+        address: owner,
+        invoke: &MockAuthInvoke {
+            contract,
+            fn_name: "grant_role",
+            args: (owner, &role, owner).into_val(env),
+            sub_invokes: &[],
+        },
+    }]);
+    utils::rbac::RoleBasedAccessControlClient::new(env, contract).grant_role(owner, &role, owner);
+}
 pub fn set_peer(env: &Env, owner: &Address, oft: &OFTClient<'_>, dst_eid: u32, peer: &BytesN<32>) {
+    grant_oapp_admin(env, &oft.address, owner);
+    let peer_option = Some(peer.clone());
     env.mock_auths(&[MockAuth {
         address: owner,
         invoke: &MockAuthInvoke {
             contract: &oft.address,
             fn_name: "set_peer",
-            args: (&dst_eid, &Some(peer.clone())).into_val(env),
+            args: (&dst_eid, &peer_option, owner).into_val(env),
             sub_invokes: &[],
         },
     }]);
-    oapp::oapp_core::OAppCoreClient::new(env, &oft.address).set_peer(&dst_eid, &Some(peer.clone()));
+    oapp::oapp_core::OAppCoreClient::new(env, &oft.address).set_peer(&dst_eid, &peer_option, owner);
 }
 pub fn register_library(env: &Env, owner: &Address, endpoint: &EndpointV2Client<'_>, lib: &Address) {

package/contracts/oapps/oft/integration-tests/utils.rs CHANGED Viewed

@@ -1,6 +1,8 @@
 //! Utility functions for OFT-STD integration tests.
-use crate::extensions::rate_limiter::{Direction, Mode, RateLimitConfig};
+use crate::extensions::rate_limiter::{Direction, Mode, RateLimitConfig, RATE_LIMITER_ADMIN_ROLE};
+use crate::extensions::oft_fee::FEE_ADMIN_ROLE;
+use crate::extensions::pausable::{PAUSER_ROLE, UNPAUSER_ROLE};
 use crate::integration_tests::setup::{decode_packet, ChainSetup};
 use crate::MintableClient;
 use endpoint_v2::{MessagingFee, Origin, OutboundPacket};
@@ -13,7 +15,6 @@ use soroban_sdk::{
     xdr::ToXdr,
     Address, Bytes, BytesN, Env, IntoVal, Map, Symbol, Val, Vec,
 };
 // ============================================================================
 // Address Conversion Utilities
 // ============================================================================
@@ -356,16 +357,44 @@ pub fn token_balance(env: &Env, token: &Address, account: &Address) -> i128 {
 // ============================================================================
 pub fn set_paused(env: &Env, chain: &ChainSetup<'_>, paused: bool) {
+    // `pause` / `unpause` are protected by RBAC (`PAUSER_ROLE` / `UNPAUSER_ROLE`). Grant them to owner for tests.
+    let pauser = Symbol::new(env, PAUSER_ROLE);
+    let unpauser = Symbol::new(env, UNPAUSER_ROLE);
     env.mock_auths(&[MockAuth {
         address: &chain.owner,
         invoke: &MockAuthInvoke {
             contract: &chain.oft.address,
-            fn_name: "set_paused",
-            args: (&paused,).into_val(env),
+            fn_name: "grant_role",
+            args: (&chain.owner, &pauser, &chain.owner).into_val(env),
             sub_invokes: &[],
         },
     }]);
-    chain.oft.set_paused(&paused);
+    chain.oft.grant_role(&chain.owner, &pauser, &chain.owner);
+    env.mock_auths(&[MockAuth {
+        address: &chain.owner,
+        invoke: &MockAuthInvoke {
+            contract: &chain.oft.address,
+            fn_name: "grant_role",
+            args: (&chain.owner, &unpauser, &chain.owner).into_val(env),
+            sub_invokes: &[],
+        },
+    }]);
+    chain.oft.grant_role(&chain.owner, &unpauser, &chain.owner);
+    env.mock_auths(&[MockAuth {
+        address: &chain.owner,
+        invoke: &MockAuthInvoke {
+            contract: &chain.oft.address,
+            fn_name: if paused { "pause" } else { "unpause" },
+            args: (&chain.owner,).into_val(env),
+            sub_invokes: &[],
+        },
+    }]);
+    if paused {
+        chain.oft.pause(&chain.owner);
+    } else {
+        chain.oft.unpause(&chain.owner);
+    }
 }
 pub fn is_paused(chain: &ChainSetup<'_>) -> bool {
@@ -377,45 +406,84 @@ pub fn is_paused(chain: &ChainSetup<'_>) -> bool {
 // ============================================================================
 pub fn set_fee_deposit_address(env: &Env, chain: &ChainSetup<'_>, deposit_address: &Address) {
+    // `set_fee_deposit_address` is protected by RBAC (`FEE_ADMIN_ROLE`). Grant it to owner for tests.
+    let role = Symbol::new(env, FEE_ADMIN_ROLE);
+    env.mock_auths(&[MockAuth {
+        address: &chain.owner,
+        invoke: &MockAuthInvoke {
+            contract: &chain.oft.address,
+            fn_name: "grant_role",
+            args: (&chain.owner, &role, &chain.owner).into_val(env),
+            sub_invokes: &[],
+        },
+    }]);
+    chain.oft.grant_role(&chain.owner, &role, &chain.owner);
     let deposit_address_opt = Some(deposit_address.clone());
     env.mock_auths(&[MockAuth {
         address: &chain.owner,
         invoke: &MockAuthInvoke {
             contract: &chain.oft.address,
             fn_name: "set_fee_deposit_address",
-            args: (&deposit_address_opt,).into_val(env),
+            args: (&deposit_address_opt, &chain.owner).into_val(env),
             sub_invokes: &[],
         },
     }]);
-    chain.oft.set_fee_deposit_address(&deposit_address_opt);
+    chain.oft.set_fee_deposit_address(&deposit_address_opt, &chain.owner);
 }
 pub fn set_default_fee_bps(env: &Env, chain: &ChainSetup<'_>, fee_bps: u32) {
+    // `set_default_fee_bps` is protected by RBAC (`FEE_ADMIN_ROLE`). Grant it to owner for tests.
+    let role = Symbol::new(env, FEE_ADMIN_ROLE);
+    env.mock_auths(&[MockAuth {
+        address: &chain.owner,
+        invoke: &MockAuthInvoke {
+            contract: &chain.oft.address,
+            fn_name: "grant_role",
+            args: (&chain.owner, &role, &chain.owner).into_val(env),
+            sub_invokes: &[],
+        },
+    }]);
+    chain.oft.grant_role(&chain.owner, &role, &chain.owner);
     let fee_bps_opt = Some(fee_bps);
     env.mock_auths(&[MockAuth {
         address: &chain.owner,
         invoke: &MockAuthInvoke {
             contract: &chain.oft.address,
             fn_name: "set_default_fee_bps",
-            args: (&fee_bps_opt,).into_val(env),
+            args: (&fee_bps_opt, &chain.owner).into_val(env),
             sub_invokes: &[],
         },
     }]);
-    chain.oft.set_default_fee_bps(&fee_bps_opt);
+    chain.oft.set_default_fee_bps(&fee_bps_opt, &chain.owner);
 }
 pub fn set_fee_bps(env: &Env, chain: &ChainSetup<'_>, dst_eid: u32, fee_bps: u32) {
+    // `set_fee_bps` is protected by RBAC (`FEE_ADMIN_ROLE`). Grant it to owner for tests.
+    let role = Symbol::new(env, FEE_ADMIN_ROLE);
+    env.mock_auths(&[MockAuth {
+        address: &chain.owner,
+        invoke: &MockAuthInvoke {
+            contract: &chain.oft.address,
+            fn_name: "grant_role",
+            args: (&chain.owner, &role, &chain.owner).into_val(env),
+            sub_invokes: &[],
+        },
+    }]);
+    chain.oft.grant_role(&chain.owner, &role, &chain.owner);
     let fee_bps_opt = Some(fee_bps);
     env.mock_auths(&[MockAuth {
         address: &chain.owner,
         invoke: &MockAuthInvoke {
             contract: &chain.oft.address,
             fn_name: "set_fee_bps",
-            args: (&dst_eid, &fee_bps_opt).into_val(env),
+            args: (&dst_eid, &fee_bps_opt, &chain.owner).into_val(env),
             sub_invokes: &[],
         },
     }]);
-    chain.oft.set_fee_bps(&dst_eid, &fee_bps_opt);
+    chain.oft.set_fee_bps(&dst_eid, &fee_bps_opt, &chain.owner);
 }
 // ============================================================================
@@ -442,17 +510,30 @@ pub fn set_rate_limit_with_mode(
     window_seconds: u64,
     mode: Mode,
 ) {
+    // `set_rate_limit` is protected by RBAC (`RATE_LIMITER_ADMIN_ROLE`). Grant it to owner for tests.
+    let role = Symbol::new(env, RATE_LIMITER_ADMIN_ROLE);
+    env.mock_auths(&[MockAuth {
+        address: &chain.owner,
+        invoke: &MockAuthInvoke {
+            contract: &chain.oft.address,
+            fn_name: "grant_role",
+            args: (&chain.owner, &role, &chain.owner).into_val(env),
+            sub_invokes: &[],
+        },
+    }]);
+    chain.oft.grant_role(&chain.owner, &role, &chain.owner);
     let config = Some(RateLimitConfig { limit, window_seconds, mode });
     env.mock_auths(&[MockAuth {
         address: &chain.owner,
         invoke: &MockAuthInvoke {
             contract: &chain.oft.address,
             fn_name: "set_rate_limit",
-            args: (direction, &dst_eid, &config).into_val(env),
+            args: (direction, &dst_eid, &config, &chain.owner).into_val(env),
             sub_invokes: &[],
         },
     }]);
-    chain.oft.set_rate_limit(direction, &dst_eid, &config);
+    chain.oft.set_rate_limit(direction, &dst_eid, &config, &chain.owner);
 }
 pub fn rate_limit_capacity(chain: &ChainSetup<'_>, direction: &Direction, eid: u32) -> i128 {

package/contracts/oapps/oft/src/extensions/oft_fee.rs CHANGED Viewed

@@ -1,6 +1,9 @@
-use common_macros::{contract_error, contract_trait, only_auth, storage};
+use common_macros::{contract_error, contract_trait, only_role, storage};
 use soroban_sdk::{assert_with_error, contractevent, token::TokenClient, Address, Env};
-use utils::{auth::Auth, option_ext::OptionExt};
+use utils::{option_ext::OptionExt, rbac::RoleBasedAccessControl};
+/// Role for fee configuration (set_default_fee_bps, set_fee_bps, set_fee_deposit_address).
+pub const FEE_ADMIN_ROLE: &str = "FEE_ADMIN_ROLE";
 /// Base fee in basis points (10,000 BPS = 100%)
 /// Used as denominator in fee calculations
@@ -69,7 +72,7 @@ pub struct FeeDepositAddressSet {
 // =========================================================================
 #[contract_trait]
-pub trait OFTFee: OFTFeeInternal + Auth {
+pub trait OFTFee: OFTFeeInternal + RoleBasedAccessControl {
     // =========================================================================
     // Management Functions
     // =========================================================================
@@ -79,8 +82,9 @@ pub trait OFTFee: OFTFeeInternal + Auth {
     /// - `Some(n)`: sets the default fee to `n` basis points (must be >0 and <=10,000).
     /// - `Some(0)`: rejected — use `None` to remove the default fee instead.
     /// - `None`: removes the default fee (effective rate becomes 0).
-    #[only_auth]
-    fn set_default_fee_bps(env: &soroban_sdk::Env, default_fee_bps: &Option<u32>) {
+    /// * `operator` - The address that must have FEE_ADMIN_ROLE
+    #[only_role(operator, FEE_ADMIN_ROLE)]
+    fn set_default_fee_bps(env: &soroban_sdk::Env, default_fee_bps: &Option<u32>, operator: &soroban_sdk::Address) {
         Self::__set_default_fee_bps(env, default_fee_bps);
     }
@@ -92,14 +96,23 @@ pub trait OFTFee: OFTFeeInternal + Auth {
     /// # Arguments
     /// * `dst_eid` - The destination endpoint ID
     /// * `fee_bps` - The fee rate (0-10,000), or None to remove the fee configuration
-    #[only_auth]
-    fn set_fee_bps(env: &soroban_sdk::Env, dst_eid: u32, fee_bps: &Option<u32>) {
+    /// * `operator` - The address that must have FEE_ADMIN_ROLE
+    #[only_role(operator, FEE_ADMIN_ROLE)]
+    fn set_fee_bps(env: &soroban_sdk::Env, dst_eid: u32, fee_bps: &Option<u32>, operator: &soroban_sdk::Address) {
         Self::__set_fee_bps(env, dst_eid, fee_bps);
     }
     /// Sets or removes the address where collected fees will be deposited.
-    #[only_auth]
-    fn set_fee_deposit_address(env: &soroban_sdk::Env, fee_deposit_address: &Option<soroban_sdk::Address>) {
+    ///
+    /// # Arguments
+    /// * `fee_deposit_address` - The address to deposit fees to, or None to remove the fee deposit address
+    /// * `operator` - The address that must have FEE_ADMIN_ROLE
+    #[only_role(operator, FEE_ADMIN_ROLE)]
+    fn set_fee_deposit_address(
+        env: &soroban_sdk::Env,
+        fee_deposit_address: &Option<soroban_sdk::Address>,
+        operator: &soroban_sdk::Address,
+    ) {
         Self::__set_fee_deposit_address(env, fee_deposit_address);
     }
@@ -134,7 +147,7 @@ pub trait OFTFee: OFTFeeInternal + Auth {
 }
 /// Internal trait for OFT fee operations used by OFT hooks.
-/// Contains only truly internal methods that are called from OFTInternal implementations.
+/// Contains only truly internal methods that are called from OFTFee implementations.
 pub trait OFTFeeInternal {
     // =========================================================================
     // OFT Hooks

package/contracts/oapps/oft/src/extensions/pausable.rs CHANGED Viewed

@@ -1,6 +1,12 @@
-use common_macros::{contract_error, contract_trait, only_auth, storage};
+use common_macros::{contract_error, contract_trait, only_role, storage};
 use soroban_sdk::{assert_with_error, contractevent, Env};
-use utils::auth::Auth;
+use utils::rbac::RoleBasedAccessControl;
+/// Role for pausing the contract.
+pub const PAUSER_ROLE: &str = "PAUSER_ROLE";
+/// Role for unpausing the contract.
+pub const UNPAUSER_ROLE: &str = "UNPAUSER_ROLE";
 // =========================================================================
 // Storage
@@ -37,18 +43,33 @@ pub struct PausedSet {
 // =========================================================================
 #[contract_trait]
-pub trait OFTPausable: OFTPausableInternal + Auth {
-    /// Sets the paused state of the OFT.
+pub trait OFTPausable: OFTPausableInternal + RoleBasedAccessControl {
+    // =========================================================================
+    // Management Functions
+    // =========================================================================
+    /// Pauses the OFT. When paused, the OFT will reject new send/receive/quote_send/quote_oft operations.
     ///
-    /// When paused, the OFT will reject new send/receive/quote_send/quote_oft operations.
+    /// # Arguments
+    /// * `operator` - The address that must have PAUSER_ROLE
+    #[only_role(operator, PAUSER_ROLE)]
+    fn pause(env: &soroban_sdk::Env, operator: &soroban_sdk::Address) {
+        Self::__set_paused(env, true);
+    }
+    /// Unpauses the OFT.
     ///
     /// # Arguments
-    /// * `paused` - `true` to pause, `false` to unpause
-    #[only_auth]
-    fn set_paused(env: &soroban_sdk::Env, paused: bool) {
-        Self::__set_paused(env, paused);
+    /// * `operator` - The address that must have UNPAUSER_ROLE
+    #[only_role(operator, UNPAUSER_ROLE)]
+    fn unpause(env: &soroban_sdk::Env, operator: &soroban_sdk::Address) {
+        Self::__set_paused(env, false);
     }
+    // =========================================================================
+    // View Functions
+    // =========================================================================
     /// Returns the paused state of the OFT.
     fn is_paused(env: &soroban_sdk::Env) -> bool {
         Self::__is_paused(env)
@@ -56,7 +77,7 @@ pub trait OFTPausable: OFTPausableInternal + Auth {
 }
 /// Internal trait for pausable operations used by OFT hooks.
-/// Contains only truly internal methods that are called from OFTInternal implementations.
+/// Contains only truly internal methods that are called from OFTPausable implementations.
 pub trait OFTPausableInternal {
     // =========================================================================
     // OFT Hooks

package/contracts/oapps/oft/src/extensions/rate_limiter.rs CHANGED Viewed

@@ -1,7 +1,10 @@
 use crate as oft;
-use common_macros::{contract_error, contract_trait, only_auth, storage};
+use common_macros::{contract_error, contract_trait, only_role, storage};
 use soroban_sdk::{assert_with_error, contractevent, contracttype, Env};
-use utils::auth::Auth;
+use utils::rbac::RoleBasedAccessControl;
+/// Role for rate limiter configuration (set_rate_limit).
+pub const RATE_LIMITER_ADMIN_ROLE: &str = "RATE_LIMITER_ADMIN_ROLE";
 // =========================================================================
 // Types
@@ -94,7 +97,7 @@ pub struct RateLimitSet {
 // =========================================================================
 #[contract_trait]
-pub trait RateLimiter: RateLimiterInternal + Auth {
+pub trait RateLimiter: RateLimiterInternal + RoleBasedAccessControl {
     // =========================================================================
     // Management Functions
     // =========================================================================
@@ -105,12 +108,14 @@ pub trait RateLimiter: RateLimiterInternal + Auth {
     /// * `direction` - The direction (Inbound or Outbound)
     /// * `eid` - The endpoint ID
     /// * `config` - The rate limit configuration, or None to remove the rate limit
-    #[only_auth]
+    /// * `operator` - The address that must have RATE_LIMITER_ADMIN_ROLE
+    #[only_role(operator, RATE_LIMITER_ADMIN_ROLE)]
     fn set_rate_limit(
         env: &soroban_sdk::Env,
         direction: &oft::rate_limiter::Direction,
         eid: u32,
         config: &Option<oft::rate_limiter::RateLimitConfig>,
+        operator: &soroban_sdk::Address,
     ) {
         Self::__set_rate_limit(env, direction, eid, config);
     }

package/contracts/oapps/oft/src/oft.rs CHANGED Viewed

@@ -7,7 +7,7 @@ use crate::{
     },
     oft_types::{lock_unlock, mint_burn, OftType},
 };
-use common_macros::{contract_impl, storage};
+use common_macros::{contract_impl, lz_contract, storage};
 use oapp_macros::oapp;
 use oft_core::{
     impl_oft_lz_receive, utils as oft_utils, OFTCore, OFTError, OFTFeeDetail, OFTInternal, OFTLimit, OFTReceipt,
@@ -29,6 +29,7 @@ enum OFTStorage {
 // OFT Contract
 // =========================================================================
+#[lz_contract]
 #[oapp]
 pub struct OFT;
@@ -42,11 +43,10 @@ impl OFT {
         token: &Address,
         shared_decimals: u32,
         oft_type: OftType,
-        owner: &Address,
         endpoint: &Address,
         delegate: &Address,
     ) {
-        Self::__initialize_oft(env, token, shared_decimals, owner, endpoint, delegate);
+        Self::__initialize_oft(env, token, shared_decimals, delegate, endpoint, delegate);
         OFTStorage::set_oft_type(env, &oft_type);
     }