[BUG]:Allow any address holding the REVOKER_ROLE to revoke tokens

[aniket866]

Bug Description

• Where: TNT.sol -> revokeToken function

• Issue: The check if (tokenIssuers[tokenId] != msg.sender) revert NotIssuer(); restricts revocation exclusively to the exact address that minted the token, ignoring the REVOKER_ROLE hierarchy.

• Fix: Allow any address holding the REVOKER_ROLE to revoke tokens.

• Why: If the original minter wallet is lost, compromised, or rotated out, the token becomes permanently un-revocable even by administrators.

Steps to Reproduce

N/A

Logs and Screenshots

N/A

Environment Details

N/A

Impact

High - Major feature is broken

Code of Conduct

• I have joined the Discord server and will post updates there
• I have searched existing issues to avoid duplicates

[shrilakshmikakati]

I'd like to take this one.
I've reviewed the code in TNT.sol and identified the exact problem. The revokeToken function has two conflicting authorization checks — the onlyRole(REVOKER_ROLE) modifier correctly gates the function, but the secondary check if (tokenIssuers[tokenId] != msg.sender) revert NotIssuer() forces the caller to also be the original minter, which completely overrides the role system.
The fix is surgical — remove that single line. The onlyRole(REVOKER_ROLE) modifier alone is the correct and sufficient authorization gate. No other functions or logic need to change. The tokenIssuers mapping and NotIssuer error can stay as they are used elsewhere.
I can have a PR up shortly.