Skip to main content
The StoffelAccessControl contract provides role-based access control for MPC parties, ensuring only authorized addresses can participate in the computation.

Overview

Inheritance: OpenZeppelin’s AccessControl

Roles

PARTY_ROLE

Assigned to MPC compute nodes (servers). Parties can:
  • Participate in MPC protocol execution
  • Submit computation results
  • Access party-restricted functions

DESIGNATED_PARTY_ROLE

Elevated role for orchestration. The designated party can:
  • Trigger round transitions
  • Initialize input mask buffers
  • Coordinate preprocessing and output phases
  • All permissions of PARTY_ROLE

Storage

Constructor

Modifiers

onlyParty

Restricts function to addresses with PARTY_ROLE.

onlyDesignatedParty

Restricts function to the designated party.

Party Management

Adding Parties

Removing Parties

Querying Party Status

Constraints

n >= 3t + 1

The HoneyBadger protocol requires n >= 3t + 1:

Minimum Party Threshold

Parties cannot be removed if it would violate the threshold:

Designated Party Transfer

Events

Example Usage

Deploy with Initial Parties

Check Permissions

Dynamic Party Management

Security Considerations

  1. Threshold maintenance: Never allow party count to drop below t + 1
  2. Designated party security: Protect the designated party key
  3. Role separation: Use separate addresses for different roles when possible
  4. Multi-sig: Consider using a multi-sig for designated party role in production

Next Steps