Multicaller Preset
The Immutable Multicaller contract contains functionality that allows the transferring of ERC20 tokens and minting of NFTs in a single transaction, this contract is mainly used within our primary sales widget.
Code
The Multicaller contract can be found in the contracts repository here
Functionality
The Guarded Multicaller contract allows for the minting and burning of multiple NFTs from various collections in a single transaction. Due to the high level of security needed when working with NFTs, additional safety measures have been implemented to meet security standards (more on security here).
- Function Permits: prevent destructive calls from being made from the Multicaller contract.
- Signature Validation: prevents multicall instructions from random parties and only allows multicall instructions from trusted parties.
- Signer Access Control: manages these trusted parties.
- References: provide anti-replay protection and help sync with any web2 system listening to events.
Multicaller Permissions
The multicaller currently has 2 roles:
- DEFAULT_ADMIN_ROLE: This role is the owner of the multicaller contract and has the ability to add and remove other roles from the multicaller contract.
- MULTICALL_SIGNER_ROLE: This role is the signer role of the multicaller contract and has the ability to sign transactions to be executed by the multicaller contract.
Adding permissions to the multicaller
The Multicaller has a security feature to only allow to execute trusted functions and target contracts. Executing the setFunctionPermits method allows to add or revoke function permissions to the multicaller.
The setFunctionPermits method needs to be called by the DEFAULT_ADMIN_ROLE address.
Adding and removing Signer Permissions
Only trusted signers can sign transactions to be executed by the multicaller. Executing the grantMulticallSignerRole method allows to add a signer trusted party to the multicaller.
In case a previously approved signer needs their permissions revoked, executing the revokeMulticallSignerRole method will remove the signer's permissions, and transactions signed by them will fail while executed on chain.
The grantMulticallSignerRole and revokeMulticallSignerRole methods need to be called by the DEFAULT_ADMIN_ROLE address.
Interface
| Function | Description |
|---|---|
| setFunctionPermits(FunctionPermit[]) | Allows to set multiple function permits (either allow or revoke) in the multicaller contract |
| grantMulticallSignerRole(address account) | Grants a signer role to an address |
| revokeMulticallSignerRole(address account) | Revokes the signer role from an address |
| grantRole(bytes32 role, address account) | Grants a role to an address in the multicaller contract |
| revokeRole(bytes32 role, address account) | Revokes a role from an address in the multicaller contract |
| renounceRole(bytes32 role, address account) | Renounces a role from the multicaller contract (this is normally used when transferring the Admin of the contract to a new owner) |
| execute(address signer, bytes32 ref, address[] targets, []bytes data, uint256 deadline, bytes signature) | Executes a multicall previously signed by a signer role address |
| hasBeenExecuted(bytes32 reference) | Check if a reference has been executed by the multicaller |
| isFunctionPermitted(address target, bytes4 functionSelector) | Check if a function is permitted in the multicaller contract |
| hasRole(bytes32 role, address account) | Check if an address has certain role in the multicaller contract |
| eip712Domain | Returns the eip712 domain of the multicaller contract which contains information needed to enhance the security |
The easiest way to interact with your contract is to do it via the Immutable Explorer. Search for your contract , then go to the "Contracts" tab.
This requires your contract to have been verified. If you've deployed your contract via the Immutable Hub, this will already have been done for you. Otherwise, you can follow the instructions in our source code verification guide
