SCSVS-AUTH-2¶

S4.2 Authorization Mechanisms¶

Control Objective¶

Implement secure authorization mechanisms to safeguard critical functions and sensitive operations, ensuring only authorized entities can perform these actions.

S4.2.A Secure Access to Critical Functions¶

SCSVS VR ID	Requirement	L1	L2	L3	SCWE
S4.2.A1	Verify that the contract uses msg.sender for authorization instead of tx.origin to avoid vulnerabilities related to contracts that forward calls from legitimate users.		✓	✓
S4.2.A2	Implement and verify appropriate access controls for functions that modify contract state or perform sensitive operations to prevent unauthorized access.		✓	✓

S4.2.B Timed Permissions¶

SCSVS VR ID	Requirement	L2	L3
S4.2.B1	Ensure that msg.sender validation is properly implemented when using Merkle trees to maintain security and prevent unauthorized access.	✓	✓
S4.2.B2	Use whitelisting to restrict interactions to a specific set of addresses, providing additional security against malicious actors.	✓	✓
S4.2.B3	Ensure that functions modifying the contract state or accessing sensitive operations have proper access controls implemented.	✓	✓