Whitelist
Last updated
Last updated
This policy acts as an allowlist of accounts that are allowed to interact with your protocol. Transactions from senders that are not in allow list will be reverted.
This policy protects against fraudulent and/or unauthorized transactions to your protocol. If an attacker discovers some business logic flaw in a smart contract which would normally grant access to restricted parts of your protocol - this allow list policy can mitigate that, by only allowing certain senders access to privileged business flows.
Policy owners add allowed senders to the allow list by calling the
and setting the status to true
.
Senders can now interact with the protocol as normal, transactions will be allowed to go through.
As needed, policy owners can remove senders from the allow list by calling and setting the status to false
.
Deploy your own version of this policy (see ).
Call the method to setup which consumers are allowed to execute calls to your smart contract.
Add the newly deployed policy to the (you can do this or , see ).
That's it!
consumerAllowlist
mapping
(address =>
mapping
(address => bool)
)
the list of sender addresses that are allowed to access a consumer smart contract
for example:
[consumerAddress][senderAddress] = true
function setConsumerAllowlist(address consumer, address account, bool status)
Callable only by the policy owner. Sets the approval of account
to send transactions to consumer
to either true
or false
(allowing or disallowing the account
to interact with the consumer
).
consumer
address
the consumer smart contract to be protected by this policy
account
address
the sender's address
status
bool
the status of the approval
This policy runs during the .
On our GitHub repository: