EOA Only
Overview
This policy will only allow an EOA to interact with your smart contracts, which is useful if you know that your protocol is expected to only server external users.
If you're protocol has multiple smart contracts where each of them should only be allowed to access from an EOA - but can themselves interact with each other - this policy allows for this too.
Protected Attack Vector
Most attacks on the smart contracts come from other, malicious smart contracts which are specially crafted to exploit some vulnerability in a protocol's business logic.
This policy protects against this attack vector by only allowing EOAs to interact with your smart contracts, so that a transaction coming from a malicious smart contract will be blocked.
How It Works
When a transaction reaches this policy, it first checks if the sender is an EOA - or alternatively - if it's coming from a contract that was allowlisted (i.e. a different smart contract in your protocol).
If the above check passes, the transaction will be allowed to go through.
Otherwise, the transaction will be reverted.
Setup Instructions
Deploy your own version of this policy (see Source Code).
Call the setAllowedContracts() method to configure any smart contracts within your protocol that should be allowed to interact with each other.
Add the newly deployed policy to the Firewall (you can do this Globally or Per-Method, see Policy Administration).
That's it!
Properties
allowedContracts
mapping
(address => bool)
the allowlist of contracts that are allowed to interact with your smart contracts these would normally be other smart contracts in your protocol which should be allowed to interact with each other
Methods
setAllowedContracts()
function setAllowedContracts(address contractAddress, bool status)
function setAllowedContracts(address contractAddress, bool status)
Callable only by the policy owner. Sets whether or contractAddress
is allowlisted in this policy.
contractAddress
address
the address of a smart contract to be allowed / disallowed
status
bool
the status of the approval
Security Lifecycle
This policy runs during the Firewall's Pre-Execution hook.
Source Code
On our GitHub repository: OnlyEOAPolicy.sol
Last updated