ckb-transaction-firewall-sdk
Off-chain pre-flight blacklist check for CKB transactions.
Before broadcasting a CKB transaction, call check_transaction to verify that
no output's lock or type args appear in the on-chain BLKL v2 blacklist registry.
The check mirrors what the firewall-lock contract enforces at consensus time,
allowing wallets and dApps to reject blacklisted transactions early without
spending UTXOs.
Installation
[]
= "0.3"
With optional features:
[]
= { = "0.3", = ["serde", "testnet"] }
Quick start
use ;
// Identify the registry cell dep by its type_id_value — bytes 34-66 of the
// registry type-script args. This is stable across governance upgrades.
let spec = RegistrySpec ;
let cfg = FirewallConfig ;
// Build your transaction normally, then call check_transaction before signing.
let tx = UnsignedTxLike ;
let now_secs = now
.duration_since
.unwrap
.as_secs;
match check_transaction
Multi-registry example
The firewall lock args can reference multiple registry cells. The preflight check enforces all of them.
use ;
let cfg = FirewallConfig ;
Building firewall lock scripts
Use build_firewall_lock_args and build_firewall_lock_script to construct
the lock args for a new firewall-protected cell:
use ;
let config = FirewallLockConfig ;
let lock_script = build_firewall_lock_script.unwrap;
Error codes
Each FirewallError variant maps to an on-chain error code. Codes 8–12 and 17
can be surfaced by SDK preflight; codes 5–7 and 13–16 are enforced by the
on-chain contract only.
| Code | Variant | Description |
|---|---|---|
| 5 | — | Inner lock rejected the spend (on-chain only) |
| 6 | — | Flags byte invalid — no check bits or reserved bits set (on-chain only) |
| 7 | — | Lock args too short (on-chain only) |
| 8 | MissingRegistryCellDep |
Required registry cell dep not found |
| 9 | InvalidRegistryData |
Registry data malformed or unsupported version |
| 10 | RegistryNotSorted |
Registry entries not in ascending order |
| 11 | BlacklistedLockArgs |
Output lock args found in active blacklist |
| 12 | BlacklistedTypeArgs |
Output type args found in active blacklist |
| 13 | — | Governance threshold not met (on-chain only) |
| 14 | — | Invalid governance signature (on-chain only) |
| 15 | — | Invalid Merkle proof (on-chain only) |
| 16 | — | Review window still active (on-chain only, via CKB since) |
| 17 | AmbiguousRegistryCellDep |
Multiple cell deps match the same registry spec |
Features
serde
Enables Serialize / Deserialize on all public types.
= { = "0.3", = ["serde"] }
testnet
Exposes the testnet module with testnet RPC URL, governance constants, and
deployed contract outpoints.
use testnet;
let rpc = RPC_URL;
let registry = registry_spec;
Architecture note
This crate is purely in-process — no RPC calls, no async, no network I/O.
It operates on CellDepLike / UnsignedTxLike values you construct from your
own RPC results or transaction builder. The on-chain firewall-lock contract
additionally enforces governance signatures and the 72-hour review window via
CKB since; this SDK covers only the blacklist preflight (codes 8–12, 17).