Method Block
Overview
This policy provides a way to blocklist consumers from interacting with specific methods of your smart contract. Some example use cases include:
Preventing specific contracts from accessing your protocol (as in malicious or phishing contracts)
In the event of an on-going security incident, you could limit access to your protocol instead of completely pausing it
Protected Attack Vector
Intended as an additional layer of security, this policy protects against cases where a known malicious address shouldn't be allowed to interact with your protocol.
How It Works
A known malicious contract sends a transaction to your protocol.
The policy checks the contract's address and method they want to execute.
If the address and method are blocklisted, the transaction will be blocked.
Setup Instructions
Deploy your own version of this policy (see Source Code).
Call the setConsumerForbiddenMethod() method to configure addresses and methods that you want to prevent access to.
Add the newly deployed policy to the Firewall (you can do this Globally or Per-Method, see Policy Administration).
That's it!
Properties
consumerMethodStatus
mapping
(address =>
mapping
(bytes4 => bool)
)
the list of consumers and the methods they're blocklisted from calling
for example:
[consumerAddress][methodSig] = true
hasEnteredForbiddenMethod
mapping
(bytes32 => bool)
used internally to track which methods the consumer has called throughout the transaction execution
Methods
setConsumerForbiddenMethod()
function setConsumerForbiddenMethod(address consumer, bytes4 methodSig, bool status)
function setConsumerForbiddenMethod(address consumer, bytes4 methodSig, bool status)
Callable only by the policy owner. Sets or unsets the consumer
address as forbidden from calling the method with methodSig
.
consumer
address
the consumer address
methodSig
bytes4
the method signature
status
bool
the status of the approval
Security Lifecycle
This policy runs during both the Firewall's Pre Execution and the Post Execution hooks.
Source Code
On our GitHub repository: ForbiddenMethodsPolicy.sol
Last updated