Approved Calls
Last updated
Last updated
This policy provides an additional security layer, by having the sender first submit the transaction's data for off-chain validation before it can be sent your protocol's smart contract.
This policy protects against attacks that are difficult (or impossible) to detect on-chain by integrating advanced off-chain security checks. One such example is detecting a transaction that will cause a bridge imbalance across two (or more) separate networks.
Before sending a transaction to the blockchain, your DApp needs to send the transaction data to a Signer API.
If the transaction passes all checks performed by the Signer API, a secure signature will be returned.
The DApp can now submit this signature to the policy by calling the method.
Finally, the DApp can now submit the original transaction and it will be allowed to go through.
Coming Soon: We're building a DApp SDK to make this integration seamless for DApps.
That's it!
If you're just getting started, we recommend you use Ironblocks' Signer API
Before submitting your transaction to the blockchain, send it to a Signer API to get a secure signature:
The response
object has the following interface:
NOTE: Your response will have a
Status Code 200
whether it's approved or rejected , as long as it was validly transmitted and received.
approvedCalls
mapping
(address => bytes32[])
maps a sender (tx.origin
) to it's signed call hashes
approvedCallsExpiration
mapping
(address => uint256)
maps a sender to most recent timestamp of an approved call
function approveCallsViaSignature(bytes32[] calldata _callHashes, uint256 expiration, address txOrigin, uint nonce, bytes memory signature)
Approves a call via a secure signature (from the Signer API)
_callHashes
bytes32[] calldata
the call hashes to approve
expiration
uint256
the expiration time of these approved calls
txOrigin
address
the transaction origin of the approved hashes
nonce
uint
used internally to prevent replay attacks
signature
bytes memory
the signature of the signer with the above parameters
Deploy your own version of this policy (see ).
Add the newly deployed policy to the (you can do this or , see ).
Once you receive the signature you can register your signature with the policy, which will allow the original transaction to pass when submitted on-chain. You do this by calling the method on the policy.
This policy runs during the .
On our GitHub repository: