Firewall.sol

The Firewall contract is the main contract of the system. It stores and manages all the Policies to which Firewall Consumers subscribe to, and executes them as needed.

Properties

NameTypeDescription

approvedPolicies

mapping (address => bool)

the Policies that can be used by Firewall Consumers that use this Firewall

subscribedPolicies

mapping

(address =>

mapping

(bytes4 => address[])

)

a mapping between the Protected Methods of a Firewall Consumer and the Policies configured for these methods

subscribedGlobalPolicies

mapping

(address => address[])

a mapping between a Firewall Consumer and the Policies that are configured on it

Modifiers

onlyConsumerAdmin()

Only allows the modified function to run if it was called by the Firewall Admin (see setFirewallAdmin()) .

Methods

preExecution()

function preExecution(address sender, bytes calldata data, uint value)

Runs the Pre Execution hook on all the Policies that msg.sender has subscribed to for the method described by the first 4 bytes of data.

Parameter NameTypeDescription

sender

address

the sender of the transaction

data

bytes calldata

the transaction data

value

uint

the value that was sent with the transaction

postExecution()

function postExecution(address sender, bytes calldata data, uint value)

Runs the Post Execution hook on all the Policies that msg.sender has subscribed to for the method described by the first 4 bytes of data.

Parameter NameTypeDescription

sender

address

the sender of the transaction

data

bytes calldata

the transaction data

value

uint

the value that was sent with the transaction

setPolicyStatus()

function setPolicyStatus(address policy, bool status)

Callable only by the Firewall Owner, used to approve or revoke approval of a Policy. Revoking approval doesn’t remove existing consumer subscriptions.

Parameter NameTypeDescription

policy

address

the address of the policy to set the status for

status

bool

the new status of the policy, true meaning approved and false meaning unapproved see Approved Policies for more details

addPolicy()

function addPolicy(address consumer, bytes4 methodSig, address policy)

Callable only by the Firewall Admin of the Firewall Consumer, this method adds the Policy to the list of subscribed policies for the given method signature.

Parameter NameTypeDescription

consumer

address

the Firewall Consumer for which to add the Policy for

methodSig

bytes4

the method-sig for which to apply this Policy for

policy

address

the Policy to add

removePolicy()

function removePolicy(address consumer, bytes4 methodSig, uint policyIndex)

Callable only by the Firewall Admin of the consumer, this method removes the Policy found at the policyIndex from the list of subscribed policies for the given method signature.

Parameter NameTypeDescription

consumer

address

the Firewall Consumer for which to remove the Policy from

methodSig

bytes4

the method-sig for which to apply this Policy for

policyIndex

uint

the index of the Policy to remove

addPolicies()

function addPolicies(address consumer, bytes4[] calldata methodSigs, address[] calldata policies)

Callable only by the Firewall Admin of the Firewall Consumer, this method adds multiple policies to the list of subscribed policies for the given method signatures. Each Policy will be subscribed to the corresponding Method-Sig from the methodSigs array.

Parameter NameTypeDescription

consumer

address

the Firewall Consumer for which to add the Policy

methodSigs

bytes4[] calldata

the method-sig for which to apply this Policy for

policies

address[] calldata

the Policy to add

removePolicies()

function removePolicies(address consumer, bytes4[] calldata methodSigs, address[] calldata policies)

Callable only by the Firewall Admin of the Firewall Consumer, this method removes multiple policies from the list of subscribed policies for the given method signatures. Each Policy will be removed from the corresponding Method-Sig from the methodSigs array.

Parameter NameTypeDescription

consumer

address

the Firewall Consumer for which to remove the Policy from

methodSig

bytes4 calldata

the method-sig for which to apply this Policy for

policyIndex

uint calldata

the index of the Policy to remove

addGlobalPolicy()

function addGlobalPolicy(address consumer, address policy)

Callable only by the Firewall Admin of the Firewall Consumer, this method adds a Global Policy to the list of subscribed policies for the Firewall Consumer.

Parameter NameTypeDescription

consumer

address

the Firewall Consumer for which to add the policy for

policy

address

the Policy to add

removeGlobalPolicy()

function removeGlobalPolicy(address consumer, uint policyIndex)

Callable only by the Firewall Admin of the Firewall Consumer, this method removes a Global Policy from the list of subscribed policies for the Firewall Consumer.

Parameter NameTypeDescription

consumer

address

the Firewall Consumer for which to remove the Policy from

policyIndex

uint

the index of the Policy to remove

addGlobalPoliciesForConsumers()

function addGlobalPoliciesForConsumers(address[] consumers, address policy)

Callable only by the Firewall Admin of all the Firewall Consumers, this method adds a Global Policy to the list of subscribed policies for the all the Firewall Consumers.

Parameter NameTypeDescription

consumers

address[]

an array of Firewall Consumers to add the Policy to

policy

address

the address of the Policy to add

removeGlobalPoliciesForConsumers()

function removeGlobalPoliciesForConsumers(address[] consumers, address policy)

Callable only by the Firewall Admin of all the Firewall Consumers, this method removes a Global Policy from a list of Firewall Consumers.

Parameter NameTypeDescription

consumers

address[]

an array of Firewall Consumers to remove the Policy from

policy

address

the address of the Policy to remove

View Functions

getActivePolicies()

function getActivePolicies(address consumer, bytes4 methodSig) public returns (address[] memory)

Returns an array of all the policies a Firewall Consumer has subscribed to a method.

Parameter NameTypeDescription

consumer

address

the Firewall Consumer for which to get the active policies

methodSig

bytes4

the method signature we’re getting the active policies for

getActiveGloablPolicies()

function getActiveGloablPolicies(address consumer) public returns (address[] memory)

Returns an array of all the Global Policies a Firewall Consumer is subscribed to.

Parameter NameTypeDescription

consumer

address

the Firewall Consumer for which to get the active policies

Source Code

On our GitHub repository: Firewall.sol

Last updated