search

Approved Patterns

hashtag
Overview

Powered by our advance AI security engine, this policy will only allows transactions that interact with your protocol in a safe way. The engine provides a list of Approved Patterns - a list of calls that are allowed to be performed in sequence on your protocol - and only these vectors will be allowed to go through.

Any transaction that performs calls outside the Approved Patterns list will be blocked.

hashtag
Protected Attack Vector

For certain protocols, zero-day attacks may be discovered by crafting a malicious transaction that makes calls to your smart contracts in a way it wasn't intended to be used.

In such cases, the transaction will be blocked by this policy because the calls in the malicious transaction aren't in the Approved Patterns list.

hashtag
How It Works

  1. As part of the policy's setup, a list of Approved Patterns is generated by our AI security engine and is configured on the policy.

  2. A transaction executing a several calls reaches the Firewall.

  3. If the calls in the transactions are approved, the transaction will be allowed to go through. If not, the transaction will be reverted.

Internally, the Approved Patterns lists are hashed for high-efficiency calculation on-chain

hashtag
Setup Instructions

  1. Deploy your own version of this policy (see Source Code).

  2. Configure the Approved Patterns you wish to allow for your protocol. NOTE: Contact our Support for more information on how to get these generated for your protocol

  3. Add the newly deployed policy to the Firewall (you can do this Globally or Per-Method, see Policy Administration).

  4. That's it!

hashtag
Properties

Name
Type
Description

originCurrentVector

mapping

(address =>

mapping

(uint => bytes)

)

a mapping of the currently examined list of Approved Patterns (updates per transaction as calls get executed)

approvedVectorHashes

mapping

(bytes32 => bool)

a mapping of the (hashed) Approved Patterns

hashtag
Methods

hashtag
approveMultipleHashes()

hashtag
function approveMultipleHashes(bytes32[] calldata _vectorHashes)

Callable only by the policy owner. Approves multiple Approved Vectors

Parameter Name
Type
Description

_vectorHashes

bytes32[] calldata

an array of Approved Vectors hashes

hashtag
removeMultipleHashes()

hashtag
function removeMultipleHashes(bytes32[] calldata _vectorHashes)

Callable only by the policy owner. Removes previously Approved Vectors hashes.

Parameter Name
Type
Description

_vectorHashes

bytes32[] calldata

an array of Approved Vectors hashes

hashtag
setVectorHashStatus()

hashtag
function setVectorHashStatus(bytes32 _vectorHash, bool _status)

Callable only by the policy owner. Sets the status (approve / disapprove) of a single Approved Vectors hash.

Parameter Name
Type
Description

_vectorHashe

bytes32

the Approved Vectors hashes

_bool

bool

true to approve or false to disapprove

hashtag
Security Lifecycle

This policy runs during the Firewall's Pre-Execution hook.

hashtag
Source Code

On our GitHub repository: ApprovedVectorsPolicy.solarrow-up-right

PreviousApproved CallsNextBalance Guard

Last updated