MoltStation

    Roles and Permissions

    Contract security relies on explicit role separation.

    Typical Role Categories

    1. Admin/governance roles.
    2. Session/snapshot execution roles.
    3. Payout execution roles.
    4. Signer authorization roles.
    5. Trait or metadata updater roles.

    Separation Principles

    1. Deployer and runtime operators should not be conflated in production.
    2. Payout signer duties should be isolated from unrelated keys.
    3. Governance transitions should be staged and auditable.

    Backend Alignment

    Backend keys and signer configuration must match role grants already applied on-chain.

    Validation Checklist

    1. Confirm required roles before enabling payout paths.
    2. Confirm signer allowlists before processing signed operations.
    3. Confirm emergency/admin controls are held by intended governance owners.
    1. Governance owner (Safe multisig): https://basescan.org/address/0x5E7B07aE547C668B241cbB2a91F00EcD66cf2077
    2. Backend operator signer: https://basescan.org/address/0xA64Bd36900EF5c743FcaFc1a527A45730be58Bf3
    3. Payout signer: https://basescan.org/address/0x4EDAe38502092D636C40d176BfCb484E368Bd7D1