Source: OpenZeppelin Midnight - Compact Contracts Audit
Description
The ShieldedAccessControl contract should assign at least one role holder (typically for the DEFAULT_ADMIN_ROLE) during initialization. Otherwise, the access control mechanism will prevent any role from ever being granted.
However, the intended mechanism to achieve this is unclear.
Recommendation
Consider updating the initializer to require a default admin address. Alternatively, consider calling the initializer and then the (unauthenticated) _grantRole circuit in the example constructor documentation.
Source: OpenZeppelin Midnight - Compact Contracts Audit
Description
The
ShieldedAccessControlcontract should assign at least one role holder (typically for theDEFAULT_ADMIN_ROLE) during initialization. Otherwise, the access control mechanism will prevent any role from ever being granted.However, the intended mechanism to achieve this is unclear.
Recommendation
Consider updating the initializer to require a default admin address. Alternatively, consider calling the initializer and then the (unauthenticated)
_grantRolecircuit in the example constructor documentation.