App Operators
App Operators
Application operators control the exploit detection algorithms run by the Safe Sequencer for their contracts. They can toggle on or off the generic detection algorithms, deploy new application-specific algorithms, and mark blocked transactions as false positives to enable their inclusion in a block.
When a new contract is deployed on the network, the application operator is automatically set to the deployer of the contract. This role can be transferred to a new address other than the deployer if desired.
Communicating with the Safe Sequencer
Application operators update their settings in the Safe Sequencer by sending transactions onchain. These transactions are read by the Safe Sequencer and used to update its state.
Application operators can use the protect dashboard or construct transactions themselves using the spec below.
Spec
The sender of app operator transactions must always be the appropriate app operator address for the contract you are managing. The app operator address for a contract is initially set to it's deployer.
Every app operator transaction must use the following address as the receiver of the transaction:
APP_OPERATOR_TO = 0x520000000000000000000000000000000000ffFF
The calldata of the app operator transaction must follow this logic:
| 1 byte | 1 byte | 20 bytes | variable number of bytes |
|---|---|---|---|
| version number | operation | contract address | payload |
Version
Version number is just one byte representing the version of the app operator spec. Initially it is set to version 0: 0x00.
Operations
add-false-positive: 0x00- add a sender address and related tx hash to the false positive list
remove-false-positive: 0x01- remove a sender address (and related tx hash) from the false positive list
set-app-operator-address: 0x02- set an app operator address for this contract
set-detection-algorithm: 0x03- set all detection algorithms that are going to be applied to the contract
Contract Address
The contract address (always 20 bytes) you’re managing with this app operator.
Payload
- 52 bytes: when it represents an address + tx hash, in the following operations:
add-false-positive
- 20 bytes: when it represents an address, in the following operations:
remove-false-positiveset-app-operator-address
- variable amount of bytes for:
set-detection-algorithm
Set Detection Algorithm
The payload for this operation is a list of detection algorithms to be run by the Safe Sequencer for the contract. Each detection algorithm can be identified through 1 byte. We allow the same detection algorithm to be listed more than once in the same payload, but this is a waste of calldata.
Detection Algorithms
ReentrancyGuard: 0x00AccessGuard: 0x01StandaloneXG: 0x02
Examples
Set app operator address:- 0x00: version 0
- 0x02: operation SetAppOperatorAddress
- 0x{contract_addr}: address of the contract to whom apply this app operator tx
- 0x{app_operator_addr}: the address you want to set as app operator for the contract
---> calldata = 0x0002{contract_addr}{app_operator_addr}- 0x00: version 0
- 0x03: operation SetDetectionAlgorithm
- 0x{contract_addr}: address of the contract to whom apply this app operator tx
- 0x00: detection algos [ReentrancyGuard 0x00]
---> calldata = 0x0003{contract_addr}00- 0x00: version 0
- 0x03: operation SetDetectionAlgorithm
- 0x{contract_addr}: address of the contract to whom apply this app operator tx
- 0x0002: detection algos [ReentrancyGuard 0x00, StandaloneXG 0x02]
---> calldata = 0x0003{contract_addr}0002- 0x00: version 0
- 0x00: operation AddFalsePositive
- 0x{contract_addr}: address of the contract to whom apply this app operator tx
- 0x{sender_addr}: address of the sender of the false positive tx hash
- 0x{tx_hash}: tx hash of the false positive tx
---> calldata = 0x0000{contract_addr}{sender_addr}{tx_hash}- 0x00: version 0
- 0x01: operation RemoveFalsePositive
- 0x{contract_addr}: address of the contract to whom apply this app operator tx
- 0x{sender_addr}: address of the sender of the false positive tx hash
---> calldata = 0x0001{contract_addr}{sender_addr}