The Token Oracle app is an ACL Oracle. ACL Oracles are small helper functions that plug in to Aragon's access control list (ACL) to do more sophisticated permission evaluation. In the context of Dandelion Orgs, the Token Oracle is used to check if an address holds Dandelion Org tokens and is thus a member of the organization. This is done by setting a minimum required balance in the Token Oracle. Then when an account submits the intent to perform an action on an Aragon app function whose ROLE is protected behind this Oracle, the ACL will check with the Oracle if the account has the minimum balance of tokens required. The Token Oracle will return a boolean which can be used to either approve or reject the intent.
The code in this repo has not been audited.
How does it work?
The Token Oracle app is initialized with the address of an ERC-20 token and a minimum balance. It has setters for both of these parameters. Other applications can then "query" through the ACL, the Token Oracle to determine if an account has at least the minimum balance of the token that the Token Oracle is tracking.
The Token Oracle is initialized with
address _token and
uint256 _minBalance parameters.
address _tokenparameter is the address of the token that Token Oracle is to track.
uint256 _minBalanceis the minimum balance of
address _tokenthat an account needs to hold.
The Token Oracle app should implement the following roles:
- SET_TOKEN_ROLE: This allows for changing the token address that the Token Oracle tracks.
- SET_MIN_BALANCE_ROLE: This allows for changing the threshold at which the Token Oracle returns a true or false boolean.
The Token Oracle does not have an interface. It is meant as a back-end helper function for Aragon applications to perform more sophisticated permissions evaluation.
How to run Token Oracle locally
The Token Oracle works in tandem with other Aragon applications. While we do not explore this functionality as a stand alone demo, the Dandelion Org template uses the Token Oracle and it can be run locally.
Deploying to an Aragon DAO
We welcome community contributions!
Please check out our open Issues to get started.
If you discover something that could potentially impact security, please notify us immediately. The quickest way to reach us is via the #dev channel in our team Keybase chat. Just say hi and that you discovered a potential security vulnerability and we'll DM you to discuss details.