Firewall Documentation
Home
  • Overview
  • Quick Start
    • Using Function Modifiers
    • Using Proxy Patterb
  • Concepts
  • Configuration
    • Governance
    • Firewall Configuration
    • Policy Administration
  • How It Works
  • Smart Contracts
    • Firewall.sol
    • FirewallConsumer.sol
    • FirewallProxyAdmin.sol
    • FirewallTransparentUpgradableProxy.sol
  • Policies
    • Admin Notary
    • Whitelist
    • Approved Calls
    • Approved Patterns
    • Balance Guard
    • EOA Only
    • Method Block
    • Custom Protector
    • Non Reentrant
    • Combined Policies
  • Addresses
  • Glossary
  • Support
  • FAQ
Powered by GitBook
On this page
  • Overview
  • Protected Attack Vector
  • How It Works
  • Setup Instructions
  • Properties
  • Methods
  • setAllowedContracts()
  • Security Lifecycle
  • Source Code
  1. Policies

EOA Only

Overview

This policy will only allow an EOA to interact with your smart contracts, which is useful if you know that your protocol is expected to only server external users.

If you're protocol has multiple smart contracts where each of them should only be allowed to access from an EOA - but can themselves interact with each other - this policy allows for this too.

Protected Attack Vector

Most attacks on the smart contracts come from other, malicious smart contracts which are specially crafted to exploit some vulnerability in a protocol's business logic.

This policy protects against this attack vector by only allowing EOAs to interact with your smart contracts, so that a transaction coming from a malicious smart contract will be blocked.

How It Works

  1. When a transaction reaches this policy, it first checks if the sender is an EOA - or alternatively - if it's coming from a contract that was allowlisted (i.e. a different smart contract in your protocol).

  2. If the above check passes, the transaction will be allowed to go through.

  3. Otherwise, the transaction will be reverted.

Setup Instructions

  1. That's it!

Properties

Name
Type
Description

allowedContracts

mapping

(address => bool)

the allowlist of contracts that are allowed to interact with your smart contracts these would normally be other smart contracts in your protocol which should be allowed to interact with each other

Methods

setAllowedContracts()

function setAllowedContracts(address contractAddress, bool status)

Callable only by the policy owner. Sets whether or contractAddress is allowlisted in this policy.

Parameter Name
Type
Description

contractAddress

address

the address of a smart contract to be allowed / disallowed

status

bool

the status of the approval

Security Lifecycle

Source Code

PreviousBalance GuardNextMethod Block

Last updated 11 months ago

Deploy your own version of this policy (see ).

Call the method to configure any smart contracts within your protocol that should be allowed to interact with each other.

Add the newly deployed policy to the (you can do this or , see ).

This policy runs during the .

On our GitHub repository:

OnlyEOAPolicy.sol
Source Code
setAllowedContracts()
Policy Administration
Globally
Per-Method
Firewall
Firewall's Pre-Execution hook