Blocklisting
Concordium Implementation
The EUROe smart contract maintains a blocklist, a list of addresses that have limited functionality available to them. Among others, these addresses cannot send, receive, or be operators of transactions related to EUROe. Assign addresses to and removing addresses from the blocklist is the responsibility of the BlockUnblockRole ("Blocker"), a role controlled by Membrane Finance ("Membrane").
Addresses are not blocked arbitrarily; an address may only be blocked pursuant to the Access Denial Policy, available at https://membrane.fi/legal/access-denial-policy
An address assigned to the blocklist may not:
- Mint new EUROe;
- Burn existing EUROe;
- Transfer EUROe;
- Update the operator of EUROe;
- Receive EUROe; or
- Send EUROe;
EVM Implementations
Addresses may be assigned the BLOCKED_ROLE ("Blocked Role"), a role preventing them from receiving or sending EUROe to other addresses. The role also disables their ability to burn or mint EUROe. Assigning and removing the Blocked Roles is the responsibility of BLOCKLISTER_ROLE ("Blocker"), a role controlled by Membrane Finance ("Membrane").
Addresses are not blocked arbitrarily; an address may only be blocked pursuant to the Access Denial Policy, available at https://membrane.fi/legal/access-denial-policy
Ramifications of the Blocked Role
An address that has been assigned the Blocked Role, may not
- Mint new EUROe;
- Burn existing EUROe;
- Receive EUROe; or
- Send EUROe;
A blocked address may, however, call the transferFrom() function, as long as it does not transfer funds from/to a blocked address.
Blocked Roles can perform critical operations
In certain cases, assigning Blocked Role to an address does not prevent it from performing critical operations. The below table illustrates some of the critical operations that can performed by privileged addresses:
| Additional role | Critical operations available to the Blocked Role |
|---|---|
| DEFAULT_ADMIN_ROLE | grantRole() and revokeRole() |
| PROXY_OWNER_ROLE | upgradeTo() and upgradeToAndCall() |
| PAUSER_ROLE | pause() |
| UNPAUSER_ROLE | unpause() |
| MINTER | mint() and mintSet() |
| BURNER | burnFrom() and burnFromWithPermit() |
| RESCUER | rescueERC20() |
Blocked Roles can perform some operations
A Blocked Role can still perform some non-critical operations even if they do not hold privileged roles. Such operations include, for example: approve(), permit(), and transferFrom() between two addresses that are not its own. Regardless, a Blocked Role will block the address from transfering its own funds to and from other addresses.
BLOCKLISTER can alter contract behaviour
The BLOCKLISTER can (un)intentionally disable mint(), mintSet(), burn(), burnFrom(), and burnFromWithPermit() functions by blocking the 0-address. Additionally, the BLOCKLISTER can unblock the contract address which is undesirable.
Membrane implements checks outside of the smart contract to ensure such role changes are not made.
Examples of addresses with the Blocked Role on testnets
The below addresses have been granted the Blocked Role and are provided for testing purposes. The roles assigned to the addresses may change without notice.
0x86Bb62493761C478757faafafeD3bBC19BEc3DB9
0x86Bb62493761C478757faafafeD3bBC19BEc3DB9
Solana Implementations
To blocklist addresses Membrane utilises the FreezeAccount instructions implement in the SPL Token Program. For more information, see Solana program library (spl.solana.com ↗)