Balance Guard
Overview
This policy makes sure that a the balance of some address in some token (Native or ERC20) doesn't change over an allowed threshold with any given transaction.
Protected Attack Vector
If an attacker gains privileged access to an account (wallet or smart contract) - either by stealing the private keys or by exploiting some vulnerability - and the account has some balance in some token (Native or ERC20) - this policy will block a malicious transaction from going through if the change in balance is above a configured threshold for the token.
How It Works
When a transaction reaches this policy in the Pre Execution hook, it first looks up the balances of the account in it's configured tokens.
Then, in the Post Execution hook, the policy compares the difference in balance (per token) against it's configured change-threshold.
If the transaction changed the balance more than is allowed by the threshold, it will be reverted.
Setup Instructions
Deploy your own version of this policy (see Source Code).
Call the setConsumerMaxBalanceChange() method to configure the balance change thresholds.
Add the newly deployed policy to the Firewall (you can do this Globally or Per-Method, see Policy Administration).
That's it!
Properties
consumerMaxBalanceChange
mapping
(address =>
mapping
(address => uint)
)
a mapping between accounts, tokens, and their balance balance change threshold
for example:
[someAccount][someToken] = 50000
consumerLastBalance
mapping
(address =>
mapping
(address => uint[])
)
a mapping between accounts, tokens, and their balances before executing the transaction
Methods
setConsumerMaxBalanceChange()
function setConsumerMaxBalanceChange(address consumer, address token, uint maxBalanceChange)
function setConsumerMaxBalanceChange(address consumer, address token, uint maxBalanceChange)
Callable only by the policy owner. Sets the maximum balance change that can take place on the given token in a transaction.
consumer
address
the account holding the balance
token
address
the token to track balance changes for
maxBalanceChange
uint
the maximum balance change for the token
removeToken()
function removeToken(address consumer, address token)
function removeToken(address consumer, address token)
Callable only by the policy owner. Removes the token from the consumer, so that the policy will no longer track balance changes on that token.
consumer
address
the account holding the balance
token
address
the token to track balance changes for
View Functions
getConsumerTokens()
function getConsumerTokens(address consumer)
function getConsumerTokens(address consumer)
Gets the tokens and their configured balance change threshold for consumer
.
consumer
address
the account holding the balance
Security Lifecycle
This policy runs during both the Firewall's Pre Execution and the Post Execution hooks.
Source Code
On our GitHub repository: BalanceChangePolicy.sol
Last updated