-
Notifications
You must be signed in to change notification settings - Fork 118
Transaction Policy
supernets2-node has a policy filter on eth_sendRawTransaction to allow or deny certain addresses from sending transactions or deploying contracts. Named policies (send_tx, deploy) have an allow/deny setting. If an address is on it's list, it is allowed/denied according to policy. If an address is not on the policy's list, it gets the opposite of the setting.
A policy with allow=true is an 'allow list' - addresses on the list are allowed, all others are denied.
A policy with allow=false is a 'deny list' - addresses on the list are denied, all others are allowed.
The policy should be configured on the sequencer node. Other nodes proxy eth_sendRawTransaction to the sequencer node.
NAME:
supernets2-node policy - View, update, and apply policies
USAGE:
supernets2-node policy command [command options] [arguments...]
COMMANDS:
update Update the default action for a policy
describe Describe the default actions for the policies
add Add address(es) to a policy exclusion list
remove Remove address(es) from a policy exclusion list
clear Clear the addresses listed as exceptions to a policy
help, h Shows a list of commands or help for one command
OPTIONS:
--cfg FILE, -c FILE Configuration FILE
--help, -h show helpA named policy can have the allow rule to be changed to true or false
$ supernets2-node policy -c ~/supernets2/config.toml update --help
NAME:
supernets2-node policy update - Update the default action for a policy
USAGE:
supernets2-node policy update [command options] [arguments...]
OPTIONS:
--policy value, -p value Name of policy to operate on
--allow Update policy to 'allow' addresses on list (default: false)
--deny Update policy to 'deny' addresses on list (default: false)
--help, -h show help
Change the send_tx policy to false, creating a deny list.
$ supernets2-node policy -c ~/supernets2/config.toml update --policy send_tx --deny
The current state of policies can be shown.
$ supernets2-node policy -c ~/supernets2/config.toml describe --help
NAME:
supernets2-node policy describe - Describe the default actions for the policies
USAGE:
supernets2-node policy describe [command options] [arguments...]
OPTIONS:
--policy value, -p value Name of policy to operate on
--no-header (default: false)
--help, -h show help
$ supernets2-node policy -c ~/supernets2/config.toml describe
Policy: Action
deploy: allow
send_tx: allow
$ supernets2-node policy -c ~/supernets2/config.toml describe --policy send_tx
Policy: send_tx
Action: allow
Addresses:
0xD3FE08170b451863f97BF8608Bf25C0C14DA98da
...
Addresses can be added/removed to/from named policies on standard input, or from a csv file
$ supernets2-node policy -c ~/supernets2/config.toml add --help
NAME:
supernets2-node policy add - Add address(es) to a policy exclusion list
USAGE:
supernets2-node policy add [command options] [arguments...]
OPTIONS:
--policy value, -p value Name of policy to operate on
--csv value CSV file with addresses
--help, -h show help
$ supernets2-node policy -c ~/supernets2/config.toml add --policy send_tx 0xDEADBEEF 0xABCD1234
$ supernets2-node policy -c ~/supernets2/config.toml add --policy send_tx --csv ./path/to/file.csv
$ supernets2-node policy -c ~/supernets2/config.toml remove --policy send_tx 0xDEADBEEF 0xABCD1234
A policy list can be cleared, all addresses removed from the policy
supernets-node policy -c ~/supernets2/config.toml clear