AssetGuard
The AssetGuard contract maintains a whitelist of ERC-20 tokens that are permitted to enter the Specter privacy vault. It prevents unauthorized or malicious tokens from being deposited and tracks tokens deployed by authorized factories.
Deployed address: 0x12d5a4d9Db0607312Fc8F8eE51FDf18D40794aD1
Functions
authorizeToken
function authorizeToken(address token) external
Adds a token to the whitelist, allowing it to be deposited into the CommitRevealVault.
Parameters:
| Name | Type | Description |
|---|---|---|
token | address | The ERC-20 token contract address to authorize. |
Access control: Only the contract admin can call this function.
Reverts if:
- Caller is not the admin.
- Token is already authorized.
tokenis the zero address.
deauthorizeToken
function deauthorizeToken(address token) external
Removes a token from the whitelist. Tokens already deposited in the vault remain withdrawable, but no new deposits of this token will be accepted.
Parameters:
| Name | Type | Description |
|---|---|---|
token | address | The ERC-20 token contract address to deauthorize. |
Access control: Only the contract admin can call this function.
Reverts if:
- Caller is not the admin.
- Token is not currently authorized.
isAuthorized
function isAuthorized(address token) external view returns (bool)
Checks whether a token is on the whitelist.
Parameters:
| Name | Type | Description |
|---|---|---|
token | address | The ERC-20 token contract address to check. |
Returns:
| Name | Type | Description |
|---|---|---|
| (unnamed) | bool | true if the token is authorized, false otherwise. |
recordDeployment
function recordDeployment(address token, address factory) external
Records that a token was deployed by an authorized factory. This function is called by GhostERC20Factory during token creation to automatically register the new token.
Parameters:
| Name | Type | Description |
|---|---|---|
token | address | The newly deployed token address. |
factory | address | The factory contract that deployed the token. |
Access control: Only authorized factory contracts can call this function.
Behavior:
- Validates that
factoryis an authorized factory. - Marks
tokenas authorized. - Records the
token => factorymapping for provenance tracking.
Reverts if:
- Caller is not an authorized factory.
- Token is already registered.
Storage
mapping(address => bool) public authorized;
Maps token addresses to their authorization status.
mapping(address => address) public deployedBy;
Maps token addresses to the factory that deployed them (zero if manually authorized by admin).
mapping(address => bool) public authorizedFactories;
Maps factory addresses to their authorization status.
Usage Examples
Admin: Authorizing an External Token
// Authorize an existing ERC-20 token for vault deposits
AssetGuard(guardAddress).authorizeToken(usdcAddress);
// Later, if needed, remove it
AssetGuard(guardAddress).deauthorizeToken(usdcAddress);
Checking Authorization (used by CommitRevealVault)
// The vault checks before accepting a deposit
require(
AssetGuard(guardAddress).isAuthorized(tokenAddress),
"Token not authorized"
);
Factory: Automatic Registration
// GhostERC20Factory calls this during deployToken():
AssetGuard(guardAddress).recordDeployment(newTokenAddress, address(this));
// The token is now authorized for vault deposits without admin intervention.
Security Notes
- Deauthorizing a token does not affect existing deposits. Users can still reveal (withdraw) previously committed funds for that token.
- The
recordDeploymentpathway allows theGhostERC20Factoryto register tokens without requiring a separate admin transaction, streamlining the token creation flow. - Only the admin can directly authorize or deauthorize tokens. Factory-based registration is restricted to pre-approved factory contracts.