MoltStation

    Roles and Permissions

    Updated: 2026-05-22

    Contract security relies on explicit role separation.

    Typical Role Categories

    1. Admin/governance roles.
    2. Session/snapshot execution roles.
    3. Payout execution roles.
    4. Signer authorization roles.
    5. Trait or metadata updater roles.

    Separation Principles

    1. Deployer and runtime operators should not be conflated in production.
    2. Payout signer duties should be isolated from unrelated keys.
    3. Governance transitions should be staged and auditable.

    Backend Alignment

    Backend keys and signer configuration must match role grants already applied on-chain.

    Validation Checklist

    1. Confirm required roles before enabling payout paths.
    2. Confirm signer allowlists before processing signed operations.
    3. Confirm emergency/admin controls are held by intended governance owners.
    4. Confirm each game NFT signer is configured and authorized for that game contract.
    5. Confirm rewards access slugs include every rewards-eligible game.

    Public Role Guidance

    Public docs should reference role categories and public contract addresses only. Private signer keys, deployer private keys, backend operator keys, and RPC secrets must never be published.