Firewall Documentation
Home
  • Overview
  • Quick Start
    • Using Function Modifiers
    • Using Proxy Patterb
  • Concepts
  • Configuration
    • Governance
    • Firewall Configuration
    • Policy Administration
  • How It Works
  • Smart Contracts
    • Firewall.sol
    • FirewallConsumer.sol
    • FirewallProxyAdmin.sol
    • FirewallTransparentUpgradableProxy.sol
  • Policies
    • Admin Notary
    • Whitelist
    • Approved Calls
    • Approved Patterns
    • Balance Guard
    • EOA Only
    • Method Block
    • Custom Protector
    • Non Reentrant
    • Combined Policies
  • Addresses
  • Glossary
  • Support
  • FAQ
Powered by GitBook
On this page
  • Overview
  • Protected Attack Vector
  • How It Works
  • Setup Instructions
  • Properties
  • Methods
  • setConsumerForbiddenMethod()
  • Security Lifecycle
  • Source Code
  1. Policies

Method Block

Overview

This policy provides a way to blocklist consumers from interacting with specific methods of your smart contract. Some example use cases include:

  1. Preventing specific contracts from accessing your protocol (as in malicious or phishing contracts)

  2. In the event of an on-going security incident, you could limit access to your protocol instead of completely pausing it

Protected Attack Vector

Intended as an additional layer of security, this policy protects against cases where a known malicious address shouldn't be allowed to interact with your protocol.

How It Works

  1. A known malicious contract sends a transaction to your protocol.

  2. The policy checks the contract's address and method they want to execute.

  3. If the address and method are blocklisted, the transaction will be blocked.

Setup Instructions

  1. That's it!

Properties

Name
Type
Description

consumerMethodStatus

mapping

(address =>

mapping

(bytes4 => bool)

)

the list of consumers and the methods they're blocklisted from calling for example: [consumerAddress][methodSig] = true

hasEnteredForbiddenMethod

mapping

(bytes32 => bool)

used internally to track which methods the consumer has called throughout the transaction execution

Methods

setConsumerForbiddenMethod()

function setConsumerForbiddenMethod(address consumer, bytes4 methodSig, bool status)

Callable only by the policy owner. Sets or unsets the consumer address as forbidden from calling the method with methodSig.

Parameter Name
Type
Description

consumer

address

the consumer address

methodSig

bytes4

the method signature

status

bool

the status of the approval

Security Lifecycle

Source Code

PreviousEOA OnlyNextCustom Protector

Last updated 11 months ago

Deploy your own version of this policy (see ).

Call the method to configure addresses and methods that you want to prevent access to.

Add the newly deployed policy to the (you can do this or , see ).

This policy runs during both the Firewall's and the hooks.

On our GitHub repository:

ForbiddenMethodsPolicy.sol
Source Code
setConsumerForbiddenMethod()
Policy Administration
Globally
Per-Method
Firewall
Pre Execution
Post Execution