212 lines
7.8 KiB
Solidity
212 lines
7.8 KiB
Solidity
|
|
// SPDX-License-Identifier: MIT
|
||
|
|
pragma solidity ^0.8.20;
|
||
|
|
|
||
|
|
import "@openzeppelin/contracts/access/AccessControl.sol";
|
||
|
|
import "./interfaces/IRegulatedEntityRegistry.sol";
|
||
|
|
|
||
|
|
/**
|
||
|
|
* @title RegulatedEntityRegistry
|
||
|
|
* @notice Registry for tracking regulated financial entities eligible for vault operations
|
||
|
|
* @dev Separate from eMoney ComplianceRegistry (used for transfers)
|
||
|
|
*/
|
||
|
|
contract RegulatedEntityRegistry is IRegulatedEntityRegistry, AccessControl {
|
||
|
|
bytes32 public constant REGISTRAR_ROLE = keccak256("REGISTRAR_ROLE");
|
||
|
|
bytes32 public constant OPERATOR_ROLE = keccak256("OPERATOR_ROLE");
|
||
|
|
|
||
|
|
struct Entity {
|
||
|
|
bool registered;
|
||
|
|
bool suspended;
|
||
|
|
bytes32 jurisdictionHash;
|
||
|
|
address[] authorizedWallets;
|
||
|
|
mapping(address => bool) isAuthorizedWallet;
|
||
|
|
mapping(address => bool) isOperator;
|
||
|
|
uint256 registeredAt;
|
||
|
|
}
|
||
|
|
|
||
|
|
mapping(address => Entity) private _entities;
|
||
|
|
|
||
|
|
constructor(address admin) {
|
||
|
|
_grantRole(DEFAULT_ADMIN_ROLE, admin);
|
||
|
|
_grantRole(REGISTRAR_ROLE, admin);
|
||
|
|
}
|
||
|
|
|
||
|
|
/**
|
||
|
|
* @notice Register a regulated entity
|
||
|
|
* @param entity Entity address
|
||
|
|
* @param jurisdictionHash Hash of jurisdiction identifier
|
||
|
|
* @param authorizedWallets Initial authorized wallets
|
||
|
|
*/
|
||
|
|
function registerEntity(
|
||
|
|
address entity,
|
||
|
|
bytes32 jurisdictionHash,
|
||
|
|
address[] calldata authorizedWallets
|
||
|
|
) external onlyRole(REGISTRAR_ROLE) {
|
||
|
|
require(entity != address(0), "RegulatedEntityRegistry: zero address");
|
||
|
|
require(!_entities[entity].registered, "RegulatedEntityRegistry: already registered");
|
||
|
|
|
||
|
|
Entity storage entityData = _entities[entity];
|
||
|
|
entityData.registered = true;
|
||
|
|
entityData.jurisdictionHash = jurisdictionHash;
|
||
|
|
entityData.registeredAt = block.timestamp;
|
||
|
|
|
||
|
|
for (uint256 i = 0; i < authorizedWallets.length; i++) {
|
||
|
|
require(authorizedWallets[i] != address(0), "RegulatedEntityRegistry: zero wallet");
|
||
|
|
entityData.authorizedWallets.push(authorizedWallets[i]);
|
||
|
|
entityData.isAuthorizedWallet[authorizedWallets[i]] = true;
|
||
|
|
}
|
||
|
|
|
||
|
|
emit EntityRegistered(entity, jurisdictionHash, block.timestamp);
|
||
|
|
}
|
||
|
|
|
||
|
|
/**
|
||
|
|
* @notice Check if an entity is registered and eligible
|
||
|
|
* @param entity Entity address
|
||
|
|
* @return isEligible True if entity is registered and not suspended
|
||
|
|
*/
|
||
|
|
function isEligible(address entity) external view override returns (bool) {
|
||
|
|
Entity storage entityData = _entities[entity];
|
||
|
|
return entityData.registered && !entityData.suspended;
|
||
|
|
}
|
||
|
|
|
||
|
|
/**
|
||
|
|
* @notice Check if a wallet is authorized for an entity
|
||
|
|
* @param entity Entity address
|
||
|
|
* @param wallet Wallet address
|
||
|
|
* @return isAuthorized True if wallet is authorized
|
||
|
|
*/
|
||
|
|
function isAuthorized(address entity, address wallet) external view override returns (bool) {
|
||
|
|
return _entities[entity].isAuthorizedWallet[wallet];
|
||
|
|
}
|
||
|
|
|
||
|
|
/**
|
||
|
|
* @notice Check if an address is an operator for an entity
|
||
|
|
* @param entity Entity address
|
||
|
|
* @param operator Operator address
|
||
|
|
* @return isOperator True if address is an operator
|
||
|
|
*/
|
||
|
|
function isOperator(address entity, address operator) external view override returns (bool) {
|
||
|
|
return _entities[entity].isOperator[operator];
|
||
|
|
}
|
||
|
|
|
||
|
|
/**
|
||
|
|
* @notice Add authorized wallet to an entity
|
||
|
|
* @param entity Entity address
|
||
|
|
* @param wallet Wallet address to authorize
|
||
|
|
*/
|
||
|
|
function addAuthorizedWallet(address entity, address wallet) external override {
|
||
|
|
require(_entities[entity].registered, "RegulatedEntityRegistry: entity not registered");
|
||
|
|
require(
|
||
|
|
hasRole(REGISTRAR_ROLE, msg.sender) ||
|
||
|
|
_entities[entity].isAuthorizedWallet[msg.sender] ||
|
||
|
|
_entities[entity].isOperator[msg.sender],
|
||
|
|
"RegulatedEntityRegistry: not authorized"
|
||
|
|
);
|
||
|
|
require(wallet != address(0), "RegulatedEntityRegistry: zero wallet");
|
||
|
|
require(!_entities[entity].isAuthorizedWallet[wallet], "RegulatedEntityRegistry: already authorized");
|
||
|
|
|
||
|
|
_entities[entity].authorizedWallets.push(wallet);
|
||
|
|
_entities[entity].isAuthorizedWallet[wallet] = true;
|
||
|
|
|
||
|
|
emit AuthorizedWalletAdded(entity, wallet);
|
||
|
|
}
|
||
|
|
|
||
|
|
/**
|
||
|
|
* @notice Remove authorized wallet from an entity
|
||
|
|
* @param entity Entity address
|
||
|
|
* @param wallet Wallet address to remove
|
||
|
|
*/
|
||
|
|
function removeAuthorizedWallet(address entity, address wallet) external override {
|
||
|
|
require(_entities[entity].registered, "RegulatedEntityRegistry: entity not registered");
|
||
|
|
require(
|
||
|
|
hasRole(REGISTRAR_ROLE, msg.sender) ||
|
||
|
|
_entities[entity].isAuthorizedWallet[msg.sender] ||
|
||
|
|
_entities[entity].isOperator[msg.sender],
|
||
|
|
"RegulatedEntityRegistry: not authorized"
|
||
|
|
);
|
||
|
|
require(_entities[entity].isAuthorizedWallet[wallet], "RegulatedEntityRegistry: not authorized");
|
||
|
|
|
||
|
|
_entities[entity].isAuthorizedWallet[wallet] = false;
|
||
|
|
|
||
|
|
// Remove from array
|
||
|
|
address[] storage wallets = _entities[entity].authorizedWallets;
|
||
|
|
for (uint256 i = 0; i < wallets.length; i++) {
|
||
|
|
if (wallets[i] == wallet) {
|
||
|
|
wallets[i] = wallets[wallets.length - 1];
|
||
|
|
wallets.pop();
|
||
|
|
break;
|
||
|
|
}
|
||
|
|
}
|
||
|
|
|
||
|
|
emit AuthorizedWalletRemoved(entity, wallet);
|
||
|
|
}
|
||
|
|
|
||
|
|
/**
|
||
|
|
* @notice Set operator status for an entity
|
||
|
|
* @param entity Entity address
|
||
|
|
* @param operator Operator address
|
||
|
|
* @param status True to grant operator status, false to revoke
|
||
|
|
*/
|
||
|
|
function setOperator(address entity, address operator, bool status) external override {
|
||
|
|
require(_entities[entity].registered, "RegulatedEntityRegistry: entity not registered");
|
||
|
|
require(
|
||
|
|
hasRole(REGISTRAR_ROLE, msg.sender) ||
|
||
|
|
_entities[entity].isAuthorizedWallet[msg.sender],
|
||
|
|
"RegulatedEntityRegistry: not authorized"
|
||
|
|
);
|
||
|
|
require(operator != address(0), "RegulatedEntityRegistry: zero operator");
|
||
|
|
|
||
|
|
_entities[entity].isOperator[operator] = status;
|
||
|
|
|
||
|
|
emit OperatorSet(entity, operator, status);
|
||
|
|
}
|
||
|
|
|
||
|
|
/**
|
||
|
|
* @notice Suspend an entity
|
||
|
|
* @param entity Entity address
|
||
|
|
*/
|
||
|
|
function suspendEntity(address entity) external onlyRole(REGISTRAR_ROLE) {
|
||
|
|
require(_entities[entity].registered, "RegulatedEntityRegistry: entity not registered");
|
||
|
|
require(!_entities[entity].suspended, "RegulatedEntityRegistry: already suspended");
|
||
|
|
|
||
|
|
_entities[entity].suspended = true;
|
||
|
|
|
||
|
|
emit EntitySuspended(entity, block.timestamp);
|
||
|
|
}
|
||
|
|
|
||
|
|
/**
|
||
|
|
* @notice Unsuspend an entity
|
||
|
|
* @param entity Entity address
|
||
|
|
*/
|
||
|
|
function unsuspendEntity(address entity) external onlyRole(REGISTRAR_ROLE) {
|
||
|
|
require(_entities[entity].registered, "RegulatedEntityRegistry: entity not registered");
|
||
|
|
require(_entities[entity].suspended, "RegulatedEntityRegistry: not suspended");
|
||
|
|
|
||
|
|
_entities[entity].suspended = false;
|
||
|
|
|
||
|
|
emit EntityUnsuspended(entity, block.timestamp);
|
||
|
|
}
|
||
|
|
|
||
|
|
/**
|
||
|
|
* @notice Get entity information
|
||
|
|
* @param entity Entity address
|
||
|
|
* @return registered True if entity is registered
|
||
|
|
* @return suspended True if entity is suspended
|
||
|
|
* @return jurisdictionHash Jurisdiction hash
|
||
|
|
* @return authorizedWallets List of authorized wallets
|
||
|
|
*/
|
||
|
|
function getEntity(address entity) external view override returns (
|
||
|
|
bool registered,
|
||
|
|
bool suspended,
|
||
|
|
bytes32 jurisdictionHash,
|
||
|
|
address[] memory authorizedWallets
|
||
|
|
) {
|
||
|
|
Entity storage entityData = _entities[entity];
|
||
|
|
return (
|
||
|
|
entityData.registered,
|
||
|
|
entityData.suspended,
|
||
|
|
entityData.jurisdictionHash,
|
||
|
|
entityData.authorizedWallets
|
||
|
|
);
|
||
|
|
}
|
||
|
|
}
|