Access Control Renounce Module

Renounce roles for accounts within a diamond

Key Features

Provides an internal function renounceRole for relinquishing roles.
Utilizes diamond storage (EIP-8042) for role management.
Emits a RoleRevoked event upon successful role renouncement.
Enforces sender authorization to prevent unauthorized role revokations.

Module Usage

This module provides internal functions for use in your custom facets. Import it to access shared logic and storage.

Overview

This module provides the renounceRole function, allowing an account to relinquish its assigned role. It leverages diamond storage to manage role assignments, ensuring that changes are immediately visible to all facets interacting with the same storage. This enables decentralized management of roles within the diamond.

Storage

AccessControlStorage

storage struct for the AccessControl. storage-location: erc8042:compose.accesscontrol

Definition

struct AccessControlStorage {
  mapping(address account => mapping(bytes32 role => bool hasRole)) hasRole;
  mapping(bytes32 role => bytes32 adminRole) adminRole;
}

State Variables

Property	Type	Description
`STORAGE_POSITION`	`bytes32`	Diamond storage slot position for this module (Value: `keccak256("compose.accesscontrol")`)

Functions

getStorage

Returns the storage for the AccessControl.

function getStorage() pure returns (AccessControlStorage storage _s);

Returns:

Property	Type	Description
`_s`	`AccessControlStorage`	The storage for the AccessControl.

renounceRole

function to renounce a role from the caller. Emits a {RoleRevoked} event. Reverts with AccessControlUnauthorizedSender If the caller is not the account to renounce the role from.

function renounceRole(bytes32 _role, address _account) ;

Parameters:

Property	Type	Description
`_role`	`bytes32`	The role to renounce.
`_account`	`address`	The account to renounce the role from.

Events

RoleRevoked

Emitted when a role is revoked from an account.

Signature:

event RoleRevoked(bytes32 indexed _role, address indexed _account, address indexed _sender);

Parameters:

Property	Type	Description
`_role`	`bytes32`	The role that was revoked.
`_account`	`address`	The account from which the role was revoked.
`_sender`	`address`	The account that revoked the role.

Errors

AccessControlUnauthorizedSender

Best Practices

Best Practice

Ensure that the caller is the intended account before calling renounceRole to prevent unauthorized role revocation.
Handle the AccessControlUnauthorizedSender error to gracefully manage cases where the caller is not the account from which the role is being renounced.
Verify that the AccessControlStorage struct and its associated STORAGE_POSITION are correctly configured within the diamond's storage layout.

Integration Notes

Shared Storage

This module interacts with diamond storage at the STORAGE_POSITION defined by keccak256(\"compose.accesscontrol\"). The renounceRole function modifies the shared AccessControlStorage struct. Changes made via this module are immediately visible to any other facet that reads from the same storage position, ensuring consistent state across the diamond. The getStorage function can be used to retrieve the storage instance if needed.

Was this helpful?

Last updated:March 13, 2026

Overview​

Storage​

AccessControlStorage​

State Variables​

Functions​

getStorage​

renounceRole​

Events​

Errors​

Best Practices​

Integration Notes​

Newsletter