Skip to main content

PolicyConfig

txgate_policy

Struct PolicyConfig 

Source 
pub struct PolicyConfig {
    pub whitelist: Vec<String>,
    pub blacklist: Vec<String>,
    pub transaction_limits: HashMap<String, Uint<256, 4>>,
    pub whitelist_enabled: bool,
}
Expand description

Policy configuration for transaction approval rules.

This struct defines the rules that govern which transactions are allowed or denied by the policy engine. It supports:

  • Whitelist: Addresses that are always allowed (when enabled)
  • Blacklist: Addresses that are always denied
  • Transaction limits: Maximum amount per single transaction

§Address Handling

Address comparisons are case-insensitive for Ethereum-style addresses. This ensures that 0xABC and 0xabc are treated as the same address.

§Security Considerations

  • An address cannot be in both whitelist and blacklist
  • Blacklist takes precedence if both checks are enabled
  • Transaction limits are enforced per token/currency

§Examples

use txgate_core::config::PolicyConfig;

let config = PolicyConfig {
    whitelist_enabled: true,
    whitelist: vec!["0x1234...".to_string()],
    blacklist: vec!["0xdead...".to_string()],
    ..Default::default()
};

assert!(config.validate().is_ok());

Fields§

§whitelist: Vec<String>

Addresses that are always allowed (if whitelist is enabled).

When whitelist_enabled is true, only addresses in this list are permitted as transaction recipients.

§blacklist: Vec<String>

Addresses that are always denied.

Transactions to any address in this list will be rejected, regardless of whitelist status.

§transaction_limits: HashMap<String, Uint<256, 4>>

Per-token transaction limits (max amount per single tx).

Key: token address or “ETH” for native token. Value: maximum amount in the token’s smallest unit (wei, etc.).

§Examples

use txgate_core::config::PolicyConfig;
use alloy_primitives::U256;
use std::collections::HashMap;

let mut limits = HashMap::new();
limits.insert("ETH".to_string(), U256::from(5_000_000_000_000_000_000u64)); // 5 ETH

let config = PolicyConfig {
    transaction_limits: limits,
    ..Default::default()
};
§whitelist_enabled: bool

Whether whitelist is enabled.

  • true: Only addresses in whitelist are allowed
  • false: All addresses except those in blacklist are allowed

Implementations§

Source§

impl PolicyConfig

Source

pub fn new() -> PolicyConfig

Creates a new empty policy configuration.

All lists are empty and whitelist is disabled by default.

§Examples
use txgate_core::config::PolicyConfig;

let config = PolicyConfig::new();
assert!(!config.whitelist_enabled);
assert!(config.whitelist.is_empty());
assert!(config.blacklist.is_empty());
Source

pub fn is_whitelisted(&self, address: &str) -> bool

Checks if an address is in the whitelist.

Address comparison is case-insensitive.

§Arguments
  • address - The address to check
§Returns

true if the address is in the whitelist, false otherwise.

§Examples
use txgate_core::config::PolicyConfig;

let config = PolicyConfig::new()
    .with_whitelist(vec!["0xABC123".to_string()]);

assert!(config.is_whitelisted("0xABC123"));
assert!(config.is_whitelisted("0xabc123")); // Case insensitive
assert!(!config.is_whitelisted("0xDEF456"));
Source

pub fn is_blacklisted(&self, address: &str) -> bool

Checks if an address is in the blacklist.

Address comparison is case-insensitive.

§Arguments
  • address - The address to check
§Returns

true if the address is in the blacklist, false otherwise.

§Examples
use txgate_core::config::PolicyConfig;

let config = PolicyConfig::new()
    .with_blacklist(vec!["0xDEAD".to_string()]);

assert!(config.is_blacklisted("0xDEAD"));
assert!(config.is_blacklisted("0xdead")); // Case insensitive
assert!(!config.is_blacklisted("0xABC123"));
Source

pub fn get_transaction_limit(&self, token: &str) -> Option<Uint<256, 4>>

Gets the per-transaction limit for a token.

Token key comparison is case-insensitive.

§Arguments
  • token - The token identifier (e.g., “ETH” or a contract address)
§Returns

The transaction limit if configured, None if no limit is set.

§Examples
use txgate_core::config::PolicyConfig;
use alloy_primitives::U256;

let config = PolicyConfig::new()
    .with_transaction_limit("ETH", U256::from(5_000_000_000_000_000_000u64));

assert_eq!(
    config.get_transaction_limit("ETH"),
    Some(U256::from(5_000_000_000_000_000_000u64))
);
assert_eq!(config.get_transaction_limit("eth"), Some(U256::from(5_000_000_000_000_000_000u64))); // Case insensitive
assert!(config.get_transaction_limit("BTC").is_none());
Source

pub fn validate(&self) -> Result<(), PolicyError>

Validates the policy configuration.

Checks for configuration errors such as:

  • Addresses appearing in both whitelist and blacklist
§Returns

Ok(()) if the configuration is valid, or a PolicyError describing the issue.

§Errors

Returns PolicyError::InvalidConfiguration if:

  • An address appears in both the whitelist and blacklist (case-insensitive)
§Examples
use txgate_core::config::PolicyConfig;

// Valid config - no overlap
let valid = PolicyConfig::new()
    .with_whitelist(vec!["0xAAA".to_string()])
    .with_blacklist(vec!["0xBBB".to_string()]);
assert!(valid.validate().is_ok());

// Invalid config - same address in both lists
let invalid = PolicyConfig::new()
    .with_whitelist(vec!["0xAAA".to_string()])
    .with_blacklist(vec!["0xAAA".to_string()]);
assert!(invalid.validate().is_err());
Source

pub fn with_whitelist(self, addresses: Vec<String>) -> PolicyConfig

Builder method to set the whitelist.

This enables the whitelist automatically.

§Arguments
  • addresses - List of addresses to whitelist
§Examples
use txgate_core::config::PolicyConfig;

let config = PolicyConfig::new()
    .with_whitelist(vec!["0xAAA".to_string(), "0xBBB".to_string()]);

assert!(config.whitelist_enabled);
assert_eq!(config.whitelist.len(), 2);
Source

pub fn with_blacklist(self, addresses: Vec<String>) -> PolicyConfig

Builder method to set the blacklist.

§Arguments
  • addresses - List of addresses to blacklist
§Examples
use txgate_core::config::PolicyConfig;

let config = PolicyConfig::new()
    .with_blacklist(vec!["0xDEAD".to_string()]);

assert_eq!(config.blacklist.len(), 1);
Source

pub fn with_transaction_limit( self, token: &str, limit: Uint<256, 4>, ) -> PolicyConfig

Builder method to add a per-transaction limit for a token.

§Arguments
  • token - Token identifier (e.g., “ETH” or contract address)
  • limit - Maximum amount per transaction
§Examples
use txgate_core::config::PolicyConfig;
use alloy_primitives::U256;

let config = PolicyConfig::new()
    .with_transaction_limit("ETH", U256::from(5_000_000_000_000_000_000u64))
    .with_transaction_limit("USDC", U256::from(10_000_000_000u64)); // 10k USDC

assert!(config.get_transaction_limit("ETH").is_some());
assert!(config.get_transaction_limit("USDC").is_some());
Source

pub const fn with_whitelist_enabled(self, enabled: bool) -> PolicyConfig

Builder method to enable or disable whitelist mode.

§Arguments
  • enabled - Whether whitelist mode should be enabled
§Examples
use txgate_core::config::PolicyConfig;

let config = PolicyConfig::new()
    .with_whitelist_enabled(false);

assert!(!config.whitelist_enabled);

Trait Implementations§

Source§

impl Clone for PolicyConfig

Source§

fn clone(&self) -> PolicyConfig

Returns a duplicate of the value. Read more
1.0.0 · Source§

fn clone_from(&mut self, source: &Self)

Performs copy-assignment from source. Read more
Source§

impl Debug for PolicyConfig

Source§

fn fmt(&self, f: &mut Formatter<'_>) -> Result<(), Error>

Formats the value using the given formatter. Read more
Source§

impl Default for PolicyConfig

Source§

fn default() -> PolicyConfig

Returns the “default value” for a type. Read more
Source§

impl<'de> Deserialize<'de> for PolicyConfig

Source§

fn deserialize<__D>( __deserializer: __D, ) -> Result<PolicyConfig, <__D as Deserializer<'de>>::Error>
where __D: Deserializer<'de>,

Deserialize this value from the given Serde deserializer. Read more
Source§

impl PartialEq for PolicyConfig

Source§

fn eq(&self, other: &PolicyConfig) -> bool

Tests for self and other values to be equal, and is used by ==.
1.0.0 · Source§

fn ne(&self, other: &Rhs) -> bool

Tests for !=. The default implementation is almost always sufficient, and should not be overridden without very good reason.
Source§

impl Serialize for PolicyConfig

Source§

fn serialize<__S>( &self, __serializer: __S, ) -> Result<<__S as Serializer>::Ok, <__S as Serializer>::Error>
where __S: Serializer,

Serialize this value into the given Serde serializer. Read more
Source§

impl Eq for PolicyConfig

Source§

impl StructuralPartialEq for PolicyConfig

Auto Trait Implementations§

Blanket Implementations§

Source§

impl<T> Any for T
where T: 'static + ?Sized,

Source§

fn type_id(&self) -> TypeId

Gets the TypeId of self. Read more
Source§

impl<T> Borrow<T> for T
where T: ?Sized,

Source§

fn borrow(&self) -> &T

Immutably borrows from an owned value. Read more
Source§

impl<T> BorrowMut<T> for T
where T: ?Sized,

Source§

fn borrow_mut(&mut self) -> &mut T

Mutably borrows from an owned value. Read more
Source§

impl<T> CloneToUninit for T
where T: Clone,

Source§

unsafe fn clone_to_uninit(&self, dest: *mut u8)

🔬This is a nightly-only experimental API. (clone_to_uninit)
Performs copy-assignment from self to dest. Read more
Source§

impl<Q, K> Equivalent<K> for Q
where Q: Eq + ?Sized, K: Borrow<Q> + ?Sized,

Source§

fn equivalent(&self, key: &K) -> bool

Checks if this value is equivalent to the given key. Read more
Source§

impl<Q, K> Equivalent<K> for Q
where Q: Eq + ?Sized, K: Borrow<Q> + ?Sized,

Source§

fn equivalent(&self, key: &K) -> bool

Compare self to key and return true if they are equal.
Source§

impl<T> From<T> for T

Source§

fn from(t: T) -> T

Returns the argument unchanged.

Source§

impl<T, U> Into<U> for T
where U: From<T>,

Source§

fn into(self) -> U

Calls U::from(self).

That is, this conversion is whatever the implementation of From<T> for U chooses to do.

Source§

impl<T> ToOwned for T
where T: Clone,

Source§

type Owned = T

The resulting type after obtaining ownership.
Source§

fn to_owned(&self) -> T

Creates owned data from borrowed data, usually by cloning. Read more
Source§

fn clone_into(&self, target: &mut T)

Uses borrowed data to replace owned data, usually by cloning. Read more
Source§

impl<T, U> TryFrom<U> for T
where U: Into<T>,

Source§

type Error = Infallible

The type returned in the event of a conversion error.
Source§

fn try_from(value: U) -> Result<T, <T as TryFrom<U>>::Error>

Performs the conversion.
Source§

impl<T, U> TryInto<U> for T
where U: TryFrom<T>,

Source§

type Error = <U as TryFrom<T>>::Error

The type returned in the event of a conversion error.
Source§

fn try_into(self) -> Result<U, <U as TryFrom<T>>::Error>

Performs the conversion.
Source§

impl<T> DeserializeOwned for T
where T: for<'de> Deserialize<'de>,