Documentation
Quick StartBuild AppsAvalanche L1sInteroperabilityCustom VMsNodes & ValidatorsToolingsAPI ReferencesBuilder Kit
Default Precompiles

Transaction Allowlist

Learn how to use the Transaction Allowlist Precompile to control which addresses can submit transactions on your Avalanche L1 blockchain.

The Transaction Allowlist Precompile allows you to control which addresses have permission to submit transactions on your Avalanche L1 blockchain. This is useful for creating a permissioned network where only authorized addresses can perform transactions.

Activating the Precompile

To activate this feature, you need to provide the txAllowListConfig in the genesis:

{
  "config": {
    "txAllowListConfig": {
      "blockTimestamp": 0,
      "adminAddresses": ["0x8db97C7cEcE249c2b98bDC0226Cc4C2A57BF52FC"]
    }
  }
}

By enabling this feature, you can define which addresses are allowed to submit transactions and manage these permissions over time.

Interface and Address

The Transaction Allowlist precompile is located at address 0x0200000000000000000000000000000000000002 and implements the following interface:

//SPDX-License-Identifier: MIT
pragma solidity ^0.8.24;
 
interface ITransactionAllowList {
  event RoleSet(uint256 indexed role, address indexed account, address indexed sender, uint256 oldRole);
 
  // Set [addr] to have the admin role over the precompile contract.
  function setAdmin(address addr) external;
 
  // Set [addr] to be enabled on the precompile contract.
  function setEnabled(address addr) external;
 
  // Set [addr] to have the manager role over the precompile contract.
  function setManager(address addr) external;
 
  // Set [addr] to have no role for the precompile contract.
  function setNone(address addr) external;
 
  // Read the status of [addr].
  function readAllowList(address addr) external view returns (uint256 role);
}

The Transaction Allowlist precompile uses the AllowList interface to manage permissions for transaction submission.

Role Permissions

The precompile defines several roles with different permissions:

  • Admin (2): Can add or remove any role (Admin, Manager, Enabled, None)
  • Manager (3): Can add or remove Enabled addresses
  • Enabled (1): Can submit transactions
  • None (0): Cannot submit transactions

When an address has no role or is explicitly set to None (0), any transaction from that address will be rejected by the network.

Implementation

You can find the implementation of the Transaction Allowlist precompile in the subnet-evm repository.

Is this guide helpful?

Edit on GitHub Report Issue

Previous

RewardManager

Next

WarpMessenger

On this page