Perfect-Abstractions
diff --git a/‎website/docs/library/access/AccessControl/AccessControlFacet.mdx‎
Lines changed: 31 additions & 40 deletions b/‎website/docs/library/access/AccessControl/AccessControlFacet.mdx‎
Lines changed: 31 additions & 40 deletions
diff --git a/‎website/docs/library/access/AccessControl/AccessControlMod.mdx‎
Lines changed: 22 additions & 23 deletions b/‎website/docs/library/access/AccessControl/AccessControlMod.mdx‎
Lines changed: 22 additions & 23 deletions
diff --git a/‎website/docs/library/access/AccessControl/index.mdx‎
Lines changed: 1 addition & 1 deletion b/‎website/docs/library/access/AccessControl/index.mdx‎
Lines changed: 1 addition & 1 deletion
@@ -1,7 +1,7 @@
 ---
 sidebar_position: 2
 title: "AccessControlFacet"
-description: "Manages role-based access control within a diamond."
+description: "Manages roles and permissions within the diamond."
 gitSource: "https://github.com/Perfect-Abstractions/Compose/tree/main/src/access/AccessControl/AccessControlFacet.sol"
 ---
 
@@ -21,18 +21,19 @@ import GradientText from '@site/src/components/ui/GradientText';
 import GradientButton from '@site/src/components/ui/GradientButton';
 
 <DocSubtitle>
-Manages role-based access control within a diamond.
+Manages roles and permissions within the diamond.
 </DocSubtitle>
 
 <Callout type="info" title="Key Features">
-- Hierarchical role administration: roles can have their own admin roles.
-- Batch operations for granting and revoking multiple roles efficiently.
-- Explicit error messages for unauthorized access attempts.
+- Hierarchical role management with role admins.
+- Support for granting and revoking roles to individual accounts or in batches.
+- Built-in check functions (`hasRole`, `requireRole`) for easy permission verification.
+- Renounce role functionality for accounts to give up their own permissions.
 </Callout>
 
 ## Overview
 
-The AccessControlFacet provides a robust role-based access control (RBAC) system for Compose diamonds. It enables granular permission management by defining roles, assigning them to accounts, and enforcing role requirements on function calls. This facet is crucial for securing administrative functions and controlling access to sensitive operations.
+The AccessControlFacet provides a robust role-based access control (RBAC) system for Compose diamonds. It allows for granular permission management, enabling administrators to grant, revoke, and renounce roles for specific accounts. This facet is crucial for securing administrative functions and controlling access to sensitive operations within the diamond.
 
 ---
 
@@ -477,83 +478,73 @@ error AccessControlUnauthorizedSender(address _sender, address _account);
 <ExpandableCode language="solidity" maxLines={20} title="Example Implementation">
 {`pragma solidity ^0.8.30;
 
-import {DiamondABI} from "@compose/diamond-abi/DiamondABI.sol";
-import {DiamondInit ABI} from "@compose/diamond-init/DiamondInitABI.sol";
-import {DiamondCutFacet} from "@compose/diamond-cut/DiamondCutFacet.sol";
-import {AccessControlFacet} from "@compose/access-control/AccessControlFacet.sol";
+import {DiamondProxy, DiamondCut} from "@compose/diamond-proxy/contracts/DiamondProxy.sol";
+import {AccessControlFacet} from "@compose/diamond-proxy/contracts/facets/AccessControlFacet.sol";
 
-// Example of granting a role
-contract Deployer {
-    address immutable diamondAddress;
-
-    constructor(address _diamondAddress) {
-        diamondAddress = _diamondAddress;
+contract MyDiamond is DiamondProxy {
+    function upgrade() external {
+        // Assume diamondCut is already set up with the AccessControlFacet selector
+        // and implementation address.
+        // diamondCut.diamondCut(...);
     }
 
-    function grantAdminRole() external {
-        bytes4 selector = AccessControlFacet.grantRole.selector;
-        // Assuming DEFAULT_ADMIN_ROLE is 0x00...00
-        bytes memory data = abi.encodeWithSelector(selector, bytes32(0), msg.sender);
-
-        // In a real deployment, this would be part of a DiamondCut
-        // For demonstration, directly calling the facet via the diamond proxy
-        diamondAddress.call(data);
+    function grantAdminRole(address _account) external {
+        AccessControlFacet accessControl = AccessControlFacet(address(this));
+        bytes32 adminRole = accessControl.getRoleAdmin(AccessControlFacet.DEFAULT_ADMIN_ROLE());
+        accessControl.grantRole(adminRole, _account);
     }
 
-    function checkRole(address _account, bytes32 _role) public view returns (bool) {
-        bytes4 selector = AccessControlFacet.hasRole.selector;
-        bytes memory data = abi.encodeWithSelector(selector, _role, _account);
-        (bool success, bytes memory result) = diamondAddress.staticcall(data);
-        require(success, "checkRole failed");
-        return abi.decode(result, (bool));
+    function hasRootAccess(address _account) external view returns (bool) {
+        AccessControlFacet accessControl = AccessControlFacet(address(this));
+        return accessControl.hasRole(AccessControlFacet.DEFAULT_ADMIN_ROLE(), _account);
     }
 }`}
 </ExpandableCode>
 
 ## Best Practices
 
 <Callout type="tip" title="Best Practice">
-- Initialize roles and their admins during diamond deployment using `DiamondInit`.
-- Grant roles to specific addresses or multisigs, avoiding broad grants to `address(0)`.
-- Use `requireRole` judiciously within other facets to protect sensitive functions.
+- Ensure the `DEFAULT_ADMIN_ROLE` is granted to the initial deployer or multisig for diamond ownership.
+- Use role hierarchies by setting role admins appropriately to delegate permission management.
+- Batch role grants and revokes (`grantRoleBatch`, `revokeRoleBatch`) for gas efficiency when managing multiple accounts.
 </Callout>
 
 ## Security Considerations
 
 <Callout type="warning" title="Security">
-Ensure that the caller of `setRoleAdmin`, `grantRole`, `revokeRole`, `grantRoleBatch`, and `revokeRoleBatch` is authorized by the role's admin. Be cautious when setting role admins to prevent privilege escalation. Reentrancy is not a direct concern for this facet's core logic, but ensure calling facets properly validate inputs before calling `requireRole`.
+Access control checks are enforced at the function level. Ensure that callers attempting to manage roles (grant, revoke, set admin) possess the necessary administrative privileges for the target role. Reentrancy is not a direct concern for role management functions, but ensure that any functions that *grant* roles do not have reentrancy vulnerabilities if they call external contracts. All role operations are protected against unauthorized callers via `AccessControlUnauthorizedAccount` and `AccessControlUnauthorizedSender` errors.
 </Callout>
 
 <div style={{marginTop: "3rem", paddingTop: "2rem", borderTop: "1px solid var(--ifm-color-emphasis-200)"}}>
   <RelatedDocs
     items={[
       {
         title: "AccessControlMod",
-        href: "/docs/library/access/AccessControl",
+        href: "/docs/library/access/AccessControl/AccessControlMod",
         description: "Module used by AccessControlFacet",
         icon: "📦"
       },
       {
         title: "OwnerTwoStepsFacet",
-        href: "/docs/library/access/OwnerTwoSteps",
+        href: "/docs/library/access/OwnerTwoSteps/OwnerTwoStepsFacet",
         description: "Related facet in access",
         icon: "💎"
       },
       {
         title: "AccessControlPausableFacet",
-        href: "/docs/library/access/AccessControlPausable",
+        href: "/docs/library/access/AccessControlPausable/AccessControlPausableFacet",
         description: "Related facet in access",
         icon: "💎"
       },
       {
         title: "AccessControlTemporalFacet",
-        href: "/docs/library/access/AccessControlTemporal",
+        href: "/docs/library/access/AccessControlTemporal/AccessControlTemporalFacet",
         description: "Related facet in access",
         icon: "💎"
       },
       {
         title: "OwnerFacet",
-        href: "/docs/library/access/Owner",
+        href: "/docs/library/access/Owner/OwnerFacet",
         description: "Related facet in access",
         icon: "💎"
       }
@@ -565,4 +556,4 @@ Ensure that the caller of `setRoleAdmin`, `grantRole`, `revokeRole`, `grantRoleB
   <WasThisHelpful pageId="AccessControlFacet" />
 </div>
 
-<LastUpdated date="2025-12-28T04:47:31.466Z" />
+<LastUpdated date="2025-12-30T14:41:02.648Z" />
@@ -26,9 +26,8 @@ Manage roles and permissions within a diamond.
 
 <Callout type="info" title="Key Features">
 - Role-based access control for granular permission management.
-- Functions to grant, revoke, and check for role ownership (`grantRole`, `revokeRole`, `hasRole`).
-- Support for setting and changing the administrative role for any given role (`setRoleAdmin`).
-- Built-in reversion with `AccessControlUnauthorizedAccount` for unauthorized access attempts.
+- Functions to grant, revoke, and check role assignments for accounts.
+- Ability to define and manage administrative roles for other roles.
 </Callout>
 
 <Callout type="info" title="Module Usage">
@@ -37,7 +36,7 @@ This module provides internal functions for use in your custom facets. Import it
 
 ## Overview
 
-The AccessControl module provides a robust system for managing roles and permissions within a Compose diamond. It allows for granular control over which accounts can perform specific actions by assigning them roles. This is crucial for maintaining security and ensuring that only authorized entities can interact with sensitive functions.
+The AccessControl module provides a robust system for managing roles and permissions within your Compose diamond. It allows you to define granular access levels for different accounts, ensuring that only authorized entities can perform sensitive operations. This module is crucial for building secure and auditable decentralized applications.
 
 ---
 
@@ -402,66 +401,66 @@ error AccessControlUnauthorizedAccount(address _account, bytes32 _role);
 <ExpandableCode language="solidity" maxLines={20} title="Example Implementation">
 {`pragma solidity ^0.8.30;
 
-import {IAccessControlMod} from "@compose-protocol/diamond-contracts/contracts/modules/access/AccessControlMod.sol";
+import {IAccessControl} from "@compose-protocol/diamond-contracts/contracts/modules/accesscontrol/IAccessControl.sol";
 
 contract MyFacet {
-    IAccessControlMod internal accessControl;
+    IAccessControl immutable accessControl;
 
-    function initialize(address accessControlAddress) external {
-        accessControl = IAccessControlMod(accessControlAddress);
+    constructor(address _diamondProxy) {
+        accessControl = IAccessControl(_diamondProxy);
     }
 
-    function grantAdminRoleToUser(address user) external {
+    function grantAdminRole(address _account) external {
         bytes32 adminRole = accessControl.getStorage().DEFAULT_ADMIN_ROLE;
-        accessControl.grantRole(adminRole, user);
+        accessControl.grantRole(adminRole, _account);
     }
 
-    function performAdminAction() external {
-        bytes32 adminRole = accessControl.getStorage().DEFAULT_ADMIN_ROLE;
-        accessControl.requireRole(adminRole);
-        // Perform admin action
+    function executeSensitiveAction() external {
+        bytes32 sensitiveRole = keccak256("SENSITIVE_ROLE");
+        accessControl.requireRole(sensitiveRole, msg.sender);
+        // ... perform sensitive action ...
     }
 }`}
 </ExpandableCode>
 
 ## Best Practices
 
 <Callout type="tip" title="Best Practice">
-- Use `requireRole` to enforce access control checks directly within facet functions, reverting with `AccessControlUnauthorizedAccount` on failure.
-- Define custom roles and manage their admin roles using `setRoleAdmin` to maintain a clear hierarchy and control over role assignments.
-- Ensure the AccessControl module is initialized with appropriate default admin roles during diamond deployment.
+- Use `requireRole` for access control checks to ensure correct authorization before executing critical functions.
+- Define custom roles using `keccak256` for specific functionalities and manage their assignments and admin roles effectively.
+- Be mindful of role administration: ensure the `DEFAULT_ADMIN_ROLE` is secured and `setRoleAdmin` is used judiciously.
 </Callout>
 
 ## Integration Notes
 
 <Callout type="success" title="Shared Storage">
-The AccessControl module stores its state within the diamond's storage. Facets interact with this module via its interface. The `getStorage()` function provides direct access to the module's internal storage struct, which contains mappings for roles, role admins, and account role assignments. Any changes made to role assignments or admin roles through the AccessControl module's functions are immediately reflected and accessible to all facets interacting with the diamond.
+The AccessControl module stores its state within the diamond's storage. Facets interact with it by calling its external functions via the diamond proxy address. Ensure the AccessControl facet is correctly initialized within the diamond's deployment process. Any changes to role assignments or admin roles made through this module are immediately reflected across all facets interacting with the diamond.
 </Callout>
 
 <div style={{marginTop: "3rem", paddingTop: "2rem", borderTop: "1px solid var(--ifm-color-emphasis-200)"}}>
   <RelatedDocs
     items={[
       {
         title: "OwnerTwoStepsMod",
-        href: "/docs/library/access/OwnerTwoSteps",
+        href: "/docs/library/access/OwnerTwoSteps/OwnerTwoStepsMod",
         description: "Related module in access",
         icon: "📦"
       },
       {
         title: "AccessControlPausableMod",
-        href: "/docs/library/access/AccessControlPausable",
+        href: "/docs/library/access/AccessControlPausable/AccessControlPausableMod",
         description: "Related module in access",
         icon: "📦"
       },
       {
         title: "AccessControlTemporalMod",
-        href: "/docs/library/access/AccessControlTemporal",
+        href: "/docs/library/access/AccessControlTemporal/AccessControlTemporalMod",
         description: "Related module in access",
         icon: "📦"
       },
       {
         title: "OwnerMod",
-        href: "/docs/library/access/Owner",
+        href: "/docs/library/access/Owner/OwnerMod",
         description: "Related module in access",
         icon: "📦"
       }
@@ -473,4 +472,4 @@ The AccessControl module stores its state within the diamond's storage. Facets i
   <WasThisHelpful pageId="AccessControlMod" />
 </div>
 
-<LastUpdated date="2025-12-28T04:47:27.236Z" />
+<LastUpdated date="2025-12-30T14:40:54.750Z" />
@@ -14,7 +14,7 @@ import Icon from '@site/src/components/ui/Icon';
 <DocCardGrid columns={2}>
   <DocCard
     title="AccessControlFacet"
-    description={"Manages role-based access control within a diamond."}
+    description={"Manages roles and permissions within the diamond."}
     href="/docs/library/access/AccessControl/AccessControlFacet"
     icon={<Icon name="book" size={28} />}
     size="medium"