Custom Protector

Overview

This policy allows you to implement custom logic that checks and maintains the integrity of your smart contract's data by integrating invariants testing tailored to your business requirements.

This works by registering an additional Invariants Logic Contract with the policy, which will receive all the data it needs to identify if a malicious state has taken place.

IMPORTANT: To use this policy, your must be using the modifier for functions you want to protect with this policy

Protected Attack Vector

This policy protects against malicious changes to the state of your smart contracts in a way that violates your business rules.

How It Works

1. A malicious transaction is sent to your contract.

2. The policy saves a snapshot of the configured private variables of your smart contract before the transaction is executed.

3. The transaction is then allowed to start executing it's calls to your smart contracts.

4. Before the transaction is committed, the policy takes a second snapshot of the private variables, and sends both versions ("before" and "after") to the Invariants Logic Contract.

5. The Invariants Logic Contract contract inspects the state change.

6. If the transaction change the state in a way that breaks the protocol's business rules, the transaction will be reverted.

7. Otherwise, it is allowed to go through and is committed to the blockchain.

Setup Instructions

5. That's it!

Properties

Methods

setSighashInvariantStorageSlots()

function setSighashInvariantStorageSlots(address consumer, bytes4 sighash, bytes32[] calldata storageSlots)

setInvariantLogicContract()

function setInvariantLogicContract(address _invariantLogicContract)

Callable only by the policy owner. Sets the a new address for the Invariants Logic Contract contract.

Security Lifecycle

Source Code