Perfect-Abstractions
diff --git a/‎website/docs/library/access/AccessControl/AccessControlFacet.mdx‎
Lines changed: 28 additions & 38 deletions b/‎website/docs/library/access/AccessControl/AccessControlFacet.mdx‎
Lines changed: 28 additions & 38 deletions
diff --git a/‎website/docs/library/access/AccessControl/AccessControlMod.mdx‎
Lines changed: 28 additions & 21 deletions b/‎website/docs/library/access/AccessControl/AccessControlMod.mdx‎
Lines changed: 28 additions & 21 deletions
diff --git a/‎website/docs/library/access/AccessControl/index.mdx‎
Lines changed: 1 addition & 1 deletion b/‎website/docs/library/access/AccessControl/index.mdx‎
Lines changed: 1 addition & 1 deletion
diff --git a/‎website/docs/library/access/AccessControlPausable/AccessControlPausableFacet.mdx‎
Lines changed: 39 additions & 24 deletions b/‎website/docs/library/access/AccessControlPausable/AccessControlPausableFacet.mdx‎
Lines changed: 39 additions & 24 deletions
@@ -25,15 +25,14 @@ Manages role-based access control within a diamond.
 </DocSubtitle>
 
 <Callout type="info" title="Key Features">
-- Role-based access control (RBAC) implementation.
-- Supports granting and revoking roles for individual accounts and batches.
-- Allows for defining role administrators to manage role assignments.
-- Emits events for role changes for off-chain monitoring.
+- Role-based access control for granular permission management.
+- Support for batch granting and revoking roles.
+- Extensible with other access control facets like `AccessControlPausableFacet`.
 </Callout>
 
 ## Overview
 
-The AccessControlFacet provides a robust framework for implementing role-based access control (RBAC) within a Compose diamond. It allows for granular permission management by defining roles, assigning them to accounts, and enforcing role requirements for function execution. This facet is crucial for securing sensitive operations and ensuring that only authorized entities can perform specific actions.
+The AccessControlFacet provides a robust role-based access control (RBAC) system for Compose diamonds. It allows for granular permission management by defining roles and assigning them to accounts. This facet is crucial for securing sensitive functions and orchestrating complex interactions by enforcing role requirements.
 
 ---
 
@@ -478,58 +477,49 @@ error AccessControlUnauthorizedSender(address _sender, address _account);
 <ExpandableCode language="solidity" maxLines={20} title="Example Implementation">
 {`pragma solidity ^0.8.30;
 
-import { DiamondAccessControl } from "@compose/access/DiamondAccessControl";
-import { AccessControlFacet } from "@compose/access/AccessControl/AccessControlFacet";
-import { AccessControlStorage } from "@compose/access/AccessControl/AccessControlStorage";
+import {DiamondInit} from "@compose/diamond/DiamondInit.sol";
+import {DiamondCut} from "@compose/diamond/DiamondCut.sol";
+import {AccessControlFacet} from "@compose/access/AccessControl/AccessControlFacet.sol";
+import {Diamond} from "@compose/diamond/Diamond.sol";
 
-contract MyDiamond is DiamondAccessControl {
-    bytes32 constant ACCESS_CONTROL_STORAGE_POSITION = keccak256("compose.accesscontrol");
+contract DeployDiamondWithAccessControl is DiamondInit {
+    // Define roles
+    bytes32 constant ADMIN_ROLE = keccak256("ADMIN_ROLE");
+    bytes32 constant OPERATOR_ROLE = keccak256("OPERATOR_ROLE");
 
-    // Example Role Definitions
-    bytes32 public constant ADMIN_ROLE = keccak256("ADMIN_ROLE");
-    bytes32 public constant MINTER_ROLE = keccak256("MINTER_ROLE");
+    function deploy() external {
+        // ... diamond deployment logic ...
 
-    constructor(address _diamondAdmin, address _owner) DiamondAccessControl(_diamondAdmin, _owner) {
         // Initialize AccessControlFacet
-        AccessControlFacet acFacet = AccessControlFacet(address(this));
-        acFacet.grantRole(ADMIN_ROLE, _diamondAdmin);
-        acFacet.grantRole(ADMIN_ROLE, _owner);
-        acFacet.grantRole(MINTER_ROLE, _owner);
-    }
+        AccessControlFacet accessControlFacet = AccessControlFacet(diamondAddress);
+        accessControlFacet.grantRole(ADMIN_ROLE, msg.sender); // Grant admin role to deployer
+        accessControlFacet.grantRole(OPERATOR_ROLE, address(this)); // Grant operator role to diamond itself
 
-    // Function to grant MINTER_ROLE to an address
-    function grantMinterRole(address _account) external {
-        AccessControlFacet acFacet = AccessControlFacet(address(this));
-        acFacet.grantRole(MINTER_ROLE, _account);
+        // ... other facet initializations ...
     }
 
-    // Function that requires MINTER_ROLE
-    function mintTokens(address _to, uint256 _amount) external {
-        AccessControlFacet acFacet = AccessControlFacet(address(this));
-        acFacet.requireRole(MINTER_ROLE, msg.sender);
-        // ... token minting logic ...
-    }
+    // Example of calling a protected function using requireRole
+    function executeProtectedAction() external {
+        AccessControlFacet accessControlFacet = AccessControlFacet(diamondAddress);
+        accessControlFacet.requireRole(OPERATOR_ROLE, msg.sender);
 
-    // Function to get role admin
-    function getAdminForRole(bytes32 _role) external view returns (bytes32) {
-        AccessControlFacet acFacet = AccessControlFacet(address(this));
-        return acFacet.getRoleAdmin(_role);
+        // ... protected action logic ...
     }
 }`}
 </ExpandableCode>
 
 ## Best Practices
 
 <Callout type="tip" title="Best Practice">
-- Initialize roles and grant initial permissions during diamond deployment or upgrade initialization.
-- Define role hierarchies using `setRoleAdmin` to ensure proper administrative control.
-- Utilize `requireRole` within functions to enforce access control checks, reverting with specific errors if unauthorized.
+- Initialize roles and grant them to appropriate accounts during diamond deployment.
+- Use `grantRoleBatch` and `revokeRoleBatch` for efficient mass role management.
+- Define clear hierarchies for roles using `setRoleAdmin` to manage administrative privileges.
 </Callout>
 
 ## Security Considerations
 
 <Callout type="warning" title="Security">
-Ensure that sensitive roles, such as `ADMIN_ROLE`, are only granted to trusted addresses. The `setRoleAdmin` function's access control is enforced by the current role administrator, preventing unauthorized changes to role hierarchies. Batch operations (`grantRoleBatch`, `revokeRoleBatch`) should be used cautiously to avoid unintended mass role modifications. Reentrancy is not a direct concern as functions operate on state and do not make external calls without proper checks.
+Ensure that role administration is properly secured. The `setRoleAdmin`, `grantRole`, and `revokeRole` functions require the caller to be the admin of the role. Reentrancy is mitigated as role modifications are atomic. Input validation is handled internally by the facet to prevent invalid role or account assignments.
 </Callout>
 
 <div style={{marginTop: "3rem", paddingTop: "2rem", borderTop: "1px solid var(--ifm-color-emphasis-200)"}}>
@@ -573,4 +563,4 @@ Ensure that sensitive roles, such as `ADMIN_ROLE`, are only granted to trusted a
   <WasThisHelpful pageId="AccessControlFacet" />
 </div>
 
-<LastUpdated date="2025-12-30T15:37:57.431Z" />
+<LastUpdated date="2025-12-30T15:54:26.223Z" />
@@ -1,7 +1,7 @@
 ---
 sidebar_position: 1
 title: "AccessControlMod"
-description: "Manages role-based access control for diamond operations."
+description: "Manages roles and permissions within a diamond."
 gitSource: "https://github.com/Perfect-Abstractions/Compose/tree/main/src/access/AccessControl/AccessControlMod.sol"
 ---
 
@@ -21,14 +21,14 @@ import GradientText from '@site/src/components/ui/GradientText';
 import GradientButton from '@site/src/components/ui/GradientButton';
 
 <DocSubtitle>
-Manages role-based access control for diamond operations.
+Manages roles and permissions within a diamond.
 </DocSubtitle>
 
 <Callout type="info" title="Key Features">
-- Role-based access control (RBAC) for granular permissions.
-- Functions for granting, revoking, and checking roles (`grantRole`, `revokeRole`, `hasRole`).
-- Built-in reversion with `AccessControlUnauthorizedAccount` error for unauthorized access attempts.
-- Supports setting administrative roles for managing other roles.
+- Permission management via roles assigned to accounts.
+- Ability to grant and revoke roles dynamically.
+- Built-in check for role existence with `hasRole`.
+- Revert mechanism for unauthorized access attempts via `requireRole`.
 </Callout>
 
 <Callout type="info" title="Module Usage">
@@ -37,7 +37,7 @@ This module provides internal functions for use in your custom facets. Import it
 
 ## Overview
 
-This module provides a robust role-based access control (RBAC) system, enabling granular permission management within your diamond. By composing this module, you can define roles and assign them to addresses, ensuring that only authorized accounts can execute sensitive functions. This enhances security and maintainability by centralizing access logic.
+The AccessControl module provides a robust system for managing roles and permissions, ensuring that only authorized accounts can perform specific actions. This is crucial for maintaining security and control within a Compose diamond by enabling granular access delegation and revocation.
 
 ---
 
@@ -403,40 +403,47 @@ error AccessControlUnauthorizedAccount(address _account, bytes32 _role);
 {`pragma solidity ^0.8.30;
 
 import { AccessControlMod } from "@compose/access/AccessControl/AccessControlMod";
-import { DiamondStorage } from "@compose/diamond/DiamondStorage";
+import { AccessControlStorage } from "@compose/access/AccessControl/AccessControlStorage";
 
 contract MyFacet {
     AccessControlMod internal accessControl;
 
-    function initialize(DiamondStorage storage _diamondStorage) public {
-        accessControl = AccessControlMod(_diamondStorage.getFacetAddress(keccak256("compose.accesscontrol")));
+    // Assuming AccessControlMod is initialized and its storage slot is known
+    constructor(address _diamondProxy) {
+        // Fetch storage location from the diamond proxy
+        address accessControlAddress = _diamondProxy; // Example: If AccessControlMod is a facet itself
+        accessControl = AccessControlMod(accessControlAddress);
     }
 
-    bytes32 public constant MY_ROLE = keccak256("MY_ROLE");
+    function grantAdminRole(address _account) external {
+        bytes32 adminRole = keccak256("AccessControl.ADMIN_ROLE"); // Example role
+        accessControl.grantRole(adminRole, _account);
+    }
 
-    function grantMyRole(address _account) external {
-        accessControl.grantRole(MY_ROLE, _account);
+    function checkAdminRole(address _account) view external returns (bool) {
+        bytes32 adminRole = keccak256("AccessControl.ADMIN_ROLE"); // Example role
+        return accessControl.hasRole(adminRole, _account);
     }
 
-    function doRestrictedAction() external {
-        accessControl.requireRole(MY_ROLE, msg.sender);
-        // ... perform restricted action
+    function enforceAdminRole(address _account) view external {
+        bytes32 adminRole = keccak256("AccessControl.ADMIN_ROLE"); // Example role
+        accessControl.requireRole(adminRole, _account);
     }
 }`}
 </ExpandableCode>
 
 ## Best Practices
 
 <Callout type="tip" title="Best Practice">
-- Define roles using `bytes32` constants and manage them consistently across facets.
-- Use `requireRole` within facet functions to enforce access control checks inline.
-- Leverage `setRoleAdmin` to manage role administration hierarchies for enhanced security.
+- Define roles using `bytes32` and `keccak256` for clarity and gas efficiency.
+- Use `requireRole` for immediate enforcement of permissions within functions.
+- Carefully manage the administration of roles using `setRoleAdmin` to prevent unintended privilege escalation.
 </Callout>
 
 ## Integration Notes
 
 <Callout type="success" title="Shared Storage">
-The `AccessControlMod` is designed to be integrated into a Compose diamond using the diamond storage pattern. Its storage is located at the slot identified by `STORAGE_POSITION`, which is `keccak256("compose.accesscontrol")`. Facets can retrieve the `AccessControlMod` contract instance using `_diamondStorage.getFacetAddress(keccak256("compose.accesscontrol"))` and then interact with its functions. The `AccessControlStorage` struct is empty, indicating that the module manages its state internally or through a separate mechanism managed by the diamond's initialization process.
+The AccessControl module utilizes the diamond storage pattern, storing its state at a well-defined slot identified by `keccak256("compose.accesscontrol")`. Facets can access this state by calling the `getStorage()` function or directly interacting with the module's functions, which implicitly read from this storage slot. Ensure that the AccessControl module is correctly initialized and its storage slot is reserved to avoid conflicts with other modules.
 </Callout>
 
 <div style={{marginTop: "3rem", paddingTop: "2rem", borderTop: "1px solid var(--ifm-color-emphasis-200)"}}>
@@ -474,4 +481,4 @@ The `AccessControlMod` is designed to be integrated into a Compose diamond using
   <WasThisHelpful pageId="AccessControlMod" />
 </div>
 
-<LastUpdated date="2025-12-30T15:37:52.074Z" />
+<LastUpdated date="2025-12-30T15:54:22.483Z" />
@@ -21,7 +21,7 @@ import Icon from '@site/src/components/ui/Icon';
   />
   <DocCard
     title="AccessControlMod"
-    description={"Manages role-based access control for diamond operations."}
+    description={"Manages roles and permissions within a diamond."}
     href="/docs/library/access/AccessControl/AccessControlMod"
     icon={<Icon name="book" size={28} />}
     size="medium"
 
@@ -1,7 +1,7 @@
 ---
 sidebar_position: 2
 title: "AccessControlPausableFacet"
-description: "Manages role-based pausing and unpausing of operations."
+description: "Control role access and pause/unpause specific roles."
 gitSource: "https://github.com/Perfect-Abstractions/Compose/tree/main/src/access/AccessControlPausable/AccessControlPausableFacet.sol"
 ---
 
@@ -21,19 +21,18 @@ import GradientText from '@site/src/components/ui/GradientText';
 import GradientButton from '@site/src/components/ui/GradientButton';
 
 <DocSubtitle>
-Manages role-based pausing and unpausing of operations.
+Control role access and pause/unpause specific roles.
 </DocSubtitle>
 
 <Callout type="info" title="Key Features">
-- Role-specific pausing and unpausing of operations.
-- Integration with diamond's access control for administrative actions.
-- Emits `RolePaused` and `RoleUnpaused` events for state changes.
-- Reverts with specific errors for unauthorized access and paused roles.
+- Allows pausing and unpausing of specific roles, preventing execution of role-bound functions.
+- Integrates seamlessly with existing AccessControl mechanisms.
+- Provides view functions to check the current paused status of any role.
 </Callout>
 
 ## Overview
 
-This facet provides granular control over role execution by allowing specific roles to be temporarily paused. It integrates with the diamond's access control system to ensure only authorized entities can manage pause states. This enables flexible operational control and emergency stops for critical functions.
+This facet provides granular control over role-based access, allowing specific roles to be temporarily paused. It integrates with the core AccessControl logic to enforce role permissions and adds a pausing mechanism for enhanced operational flexibility. Use this facet to manage temporary disruptions or maintenance periods for specific functionalities tied to roles.
 
 ---
 
@@ -283,43 +282,59 @@ error AccessControlRolePaused(bytes32 _role);
 <ExpandableCode language="solidity" maxLines={20} title="Example Implementation">
 {`pragma solidity ^0.8.30;
 
-import { Diamond } from "@compose/core/Diamond.sol";
-import { AccessControlPausableFacet } from "@compose/access/AccessControlPausable/AccessControlPausableFacet.sol";
-import { AccessControlFacet } from "@compose/access/AccessControl/AccessControlFacet.sol";
+import { Diamond } from "@compose/diamond/Diamond";
+import { AccessControlPausableFacet } from "@compose/access/AccessControlPausable/AccessControlPausableFacet";
+import { AccessControlFacet } from "@compose/access/AccessControl/AccessControlFacet";
 
 contract MyDiamond is Diamond {
-    constructor(address _diamondAdmin, address[] memory _initFacets, bytes[] memory _initCalldata) Diamond(_diamondAdmin, _initFacets, _initCalldata) {}
+    constructor(address _diamondAdmin) Diamond( _diamondAdmin) {
+        // ... deployment logic ...
+    }
 
-    function pauseMyRole() external {
-        AccessControlPausableFacet(address(this)).pauseRole("MY_ROLE");
+    function upgrade() public {
+        // Example: Adding AccessControlPausableFacet
+        address[] memory facetsToAdd = new address[](1);
+        facetsToAdd[0] = address(new AccessControlPausableFacet());
+
+        bytes[] memory selectorsToAdd = new bytes[](3);
+        selectorsToAdd[0] = AccessControlPausableFacet.pauseRole.selector;
+        selectorsToAdd[1] = AccessControlPausableFacet.unpauseRole.selector;
+        selectorsToAdd[2] = AccessControlPausableFacet.isRolePaused.selector;
+
+        facetCut(facetsToAdd, selectorsToAdd, new address[](0), new bytes[](0));
     }
 
-    function unpauseMyRole() external {
-        AccessControlPausableFacet(address(this)).unpauseRole("MY_ROLE");
+    function pauseMyRole() external {
+        AccessControlPausableFacet pausableFacet = AccessControlPausableFacet(address(this));
+        bytes32 myRole = keccak256("MY_ROLE");
+        pausableFacet.pauseRole(myRole);
     }
 
-    function checkMyRolePauseStatus(bytes32 _role) external view returns (bool) {
-        return AccessControlPausableFacet(address(this)).isRolePaused(_role);
+    function unpauseMyRole() external {
+        AccessControlPausableFacet pausableFacet = AccessControlPausableFacet(address(this));
+        bytes32 myRole = keccak256("MY_ROLE");
+        pausableFacet.unpauseRole(myRole);
     }
 
-    function requireMyRoleNotPaused(bytes32 _role, address _account) external view {
-        AccessControlPausableFacet(address(this)).requireRoleNotPaused(_role, _account);
+    function checkRoleStatus(bytes32 _role) external view returns (bool) {
+        AccessControlPausableFacet pausableFacet = AccessControlPausableFacet(address(this));
+        return pausableFacet.isRolePaused(_role);
     }
 }`}
 </ExpandableCode>
 
 ## Best Practices
 
 <Callout type="tip" title="Best Practice">
-- Initialize the facet with appropriate role administrators during diamond deployment.
-- Use `pauseRole` and `unpauseRole` judiciously to manage operational states, ensuring the caller has the necessary administrative privileges.
-- Leverage `requireRoleNotPaused` within other facets to conditionally gate functionality based on the operational status of a role.
+- Initialize or upgrade the diamond to include this facet to enable role pausing capabilities.
+- Ensure the caller invoking `pauseRole` and `unpauseRole` has the necessary administrative privileges for the target role.
+- Leverage `requireRoleNotPaused` within other facets or contract logic to dynamically enforce pausing states.
 </Callout>
 
 ## Security Considerations
 
 <Callout type="warning" title="Security">
-Ensure that the administrative role capable of pausing and unpausing is properly secured. The `requireRoleNotPaused` function should be integrated into any facet function that relies on a role's operational status to prevent execution when paused. Reentrancy is not a concern as the functions are read-only or perform state changes without external calls.
+The `pauseRole` and `unpauseRole` functions are restricted to the admin of the respective role, preventing unauthorized pausing. The `requireRoleNotPaused` function reverts with `AccessControlRolePaused` if the role is paused, ensuring that paused roles cannot be utilized. Ensure that any critical functions protected by roles properly call `requireRoleNotPaused` or equivalent logic to respect the paused state.
 </Callout>
 
 <div style={{marginTop: "3rem", paddingTop: "2rem", borderTop: "1px solid var(--ifm-color-emphasis-200)"}}>
@@ -345,4 +360,4 @@ Ensure that the administrative role capable of pausing and unpausing is properly
   <WasThisHelpful pageId="AccessControlPausableFacet" />
 </div>
 
-<LastUpdated date="2025-12-30T15:37:32.160Z" />
+<LastUpdated date="2025-12-30T15:54:02.317Z" />