# Glossary ## Firewall A collection of smart contracts that work together to provide on-chain security by applying pre/post execution policies on incoming transactions. For more details, see [Firewall in the Concetps section](/firewall/concepts.md#firewall). ## Policy A smart contract that protects against specific attack vectors by performing various checks on incoming transactions. For more details, see [Policy in the Concepts section](/firewall/concepts.md#policy). ## Firewall Consumer On-chain protocols *(i.e. smart contracts)* that use the Firewall to protect their assets and community for malicious actors. ## Firewall Admin The principal *(person, people, or organization)* that administers the Firewall. This principal is allowed to perform administrative tasks on the Firewall Consumer - such as changing the Firewall Admin or setting a new Firewall. ## Firewall Owner The principal *(person, people, or organization)* that governs the Firewall.\ Only the Firewall Owner can set which Policies are the Firewall can execute. See [Approved Policies](#approved-policies) for more details. ## Firewall Proxy A smart contract that is both a Firewall Consumer, and a proxy that implements the Transparent Upgradable Proxy pattern. For more details, see [Using Proxy Pattern](https://docs.openzeppelin.com/upgrades-plugins/1.x/proxies). ## Firewall Proxy Admin A smart contract that acts as the administrator of the Firewall Proxy. This is similar to [OpenZeppelin's Proxy Admin](https://docs.openzeppelin.com/contracts/3.x/api/proxy#ProxyAdmin) smart contract - with additional methods for administration of a Firewall Proxy. ## Protected Method A method on a Firewall Consumer smart contract that is protected by the Firewall. ## Pre Execution A transaction security life-cycle phase that takes place **before** a transaction is allowed to reach a protected method on Firewall Consumer smart contract. For most use cases, policies use this phase to examine access control to a Protected Method. ## Post Execution A transaction security life-cycle phase that takes place **after** a transaction is allowed to reach a protected method on Firewall Consumer smart contract. For most use cases, policies use this phase to inspect and validate state changes on a Firewall Consumer. ## Approved Policies Each Firewall holds a list of policies that Firewall Consumers can use based on their individual needs.\ From time to time, Firewall owners may choose to update certain policies, and disable others. This mechanism is provided via approving or disapproving policies. For more details, see [setPolicyStatus()](/firewall/smart-contracts/firewall.sol.md#setpolicystatus). ## Approved Patterns Some transactions can call multiple contracts, or trigger multiple functions on the same contract - in any order. Each such sequence of calls is considered a vector. Some policies work with a list of approved vectors to only allow specific business logic to take place on the protocol. See [Approved Patterns](/firewall/policies/approved-patterns.md) for one such use case. --- # Agent Instructions: Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter: ``` GET https://docs.ironblocks.com/firewall/glossary.md?ask= ``` The question should be specific, self-contained, and written in natural language. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.