# Method Block

## Overview

This policy provides a way to blocklist consumers from interacting with specific methods of your smart contract. Some example use cases include:

1. Preventing specific contracts from accessing your protocol *(as in malicious or phishing contracts)* 
2. In the event of an on-going security incident, you could limit access to your protocol instead of completely pausing it

## Protected Attack Vector

Intended as an additional layer of security, this policy protects against cases where a known malicious address shouldn't be allowed to interact with your protocol.

## How It Works

1. A known malicious contract sends a transaction to your protocol.<br>
2. The policy checks the contract's address and method they want to execute.<br>
3. If the address and method are blocklisted, the transaction will be blocked.

## Setup Instructions

1. Deploy your own version of this policy *(see* [*Source Code*](#source-code)*)*.<br>
2. Call the [setConsumerForbiddenMethod()](#setconsumerforbiddenmethod) method to configure addresses and methods that you want to prevent access to.<br>
3. Add the newly deployed policy to the [Firewall](/firewall/glossary.md#firewall) *(you can do this* [*Globally*](/firewall/configuration/firewall-configuration.md#global-policies) *or* [*Per-Method*](/firewall/configuration/firewall-configuration.md#per-method-policies)*, see* [*Policy Administration*](/firewall/configuration/policy-administration.md)*)*.<br>
4. That's it!

## Properties

<table><thead><tr><th width="302">Name</th><th width="256.3333333333333">Type</th><th>Description</th></tr></thead><tbody><tr><td><code>consumerMethodStatus</code></td><td><p><code>mapping</code></p><p><code>(address =></code></p><p>   <code>mapping</code></p><p>   <code>(bytes4 => bool)</code></p><p><code>)</code></p></td><td>the list of consumers and the methods they're blocklisted from calling<br><br>for example:<br><code>[consumerAddress][methodSig] = true</code></td></tr><tr><td><code>hasEnteredForbiddenMethod</code></td><td><p><code>mapping</code></p><p><code>(bytes32 => bool)</code></p></td><td>used internally to track which methods the consumer has called throughout the transaction execution</td></tr></tbody></table>

## Methods

### setConsumerForbiddenMethod()

#### `function setConsumerForbiddenMethod(address consumer, bytes4 methodSig, bool status)`

Callable only by the policy owner. Sets or unsets the `consumer` address as forbidden from calling the method with `methodSig`.<br>

| Parameter Name | Type      | Description                |
| -------------- | --------- | -------------------------- |
| `consumer`     | `address` | the consumer address       |
| `methodSig`    | `bytes4`  | the method signature       |
| `status`       | `bool`    | the status of the approval |

<br>

## **Security Lifecycle**

This policy runs during both the Firewall's [Pre Execution](/firewall/glossary.md#pre-execution) and the [Post Execution](/firewall/glossary.md#post-execution) hooks.

## Source Code

On our GitHub repository: [ForbiddenMethodsPolicy.sol](https://github.com/ironblocks/onchain-firewall/blob/main/packages/onchain-firewall/contracts/policies/ForbiddenMethodsPolicy.sol)


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://docs.ironblocks.com/firewall/policies/method-block.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.