Blog

Why you should not use OpenZeppelin’s AccessControl for blacklist purposes

Already quite a few times, OpenZeppelin’s AccessControl contract was used for blacklisting purposes, e.g. limiting transfers for tokens.

One could actually think that this is not a bad idea because this contract has a perfect access control system which allows the role owner or DEFAULT_ADMIN to assign roles to specific addresses.

This can include assigning a BLACKLISTED role to addresses in an effort to limit these addresses transferring tokens.

Now let me tell you why this is probably not such a great idea ...

The AccessControl contract has a function which is called renounceRole:

... which is invoking the following internal function:

this function allows the address with the actual role to renounce it, which means in the provided example, this address will no longer be restricted for transfers. Therefore, you should better switch to using your own blacklisting mechanism.