PolicyManager
Abstract contract providing EIP-7201 namespaced policy storage.
Functions
_policyStore
Returns the namespaced policy store.
function _policyStore() private pure returns (PolicyRegistry.Store storage $);_storePolicy
Stores a policy blob via SSTORE2.
Stored policies are trusted at enforcement time without semantic validation. Access to this function is the primary security boundary for enforcement integrity.
function _storePolicy(bytes memory policy) internal returns (bytes32 policyHash, address pointer);Parameters
| Name | Type | Description |
|---|---|---|
policy | bytes | The encoded policy blob. |
Returns
| Name | Type | Description |
|---|---|---|
policyHash | bytes32 | The keccak256 hash of the policy. |
pointer | address | The SSTORE2 pointer address. |
_bindPolicy
Binds a policy to a (target, selector) pair.
Binding a policy activates it for enforcement on the given target. Restrict access as tightly as policy storage itself.
function _bindPolicy(address target, bytes4 selector, bytes32 policyHash) internal;Parameters
| Name | Type | Description |
|---|---|---|
target | address | The contract address to bind the policy to. |
selector | bytes4 | The function selector. |
policyHash | bytes32 | The policy hash (must already be stored). |
_unbindPolicy
Unbinds a policy from a (target, selector) pair.
function _unbindPolicy(address target, bytes4 selector) internal;Parameters
| Name | Type | Description |
|---|---|---|
target | address | The contract address. |
selector | bytes4 | The function selector. |
_storeAndBindPolicy
Stores a policy and binds it to targets in one call.
Stored policies are trusted at enforcement time without semantic validation, and binding activates them immediately. Access to this function is the primary security boundary.
function _storeAndBindPolicy(address[] calldata targets, bytes memory policy)
internal
returns (bytes32 policyHash);Parameters
| Name | Type | Description |
|---|---|---|
targets | address[] | Target addresses to bind to. Use address(0) for default. |
policy | bytes | The encoded policy blob. |
Returns
| Name | Type | Description |
|---|---|---|
policyHash | bytes32 | The policy hash. |
_storeAndBindPolicy
Stores a policy and binds it to a single target.
Stored policies are trusted at enforcement time without semantic validation, and binding activates them immediately. Access to this function is the primary security boundary.
function _storeAndBindPolicy(address target, bytes memory policy) internal returns (bytes32 policyHash);Parameters
| Name | Type | Description |
|---|---|---|
target | address | The target address. Use address(0) for default. |
policy | bytes | The encoded policy blob. |
Returns
| Name | Type | Description |
|---|---|---|
policyHash | bytes32 | The policy hash. |
_resolvePolicy
Resolves and loads the policy for a (target, selector) pair.
function _resolvePolicy(address target, bytes4 selector) internal view returns (bytes memory);Parameters
| Name | Type | Description |
|---|---|---|
target | address | The contract address. |
selector | bytes4 | The function selector. |
Returns
| Name | Type | Description |
|---|---|---|
<none> | bytes | The policy blob, or empty bytes if none bound. |
_policyHashFor
Returns the policy hash for a (target, selector) pair.
function _policyHashFor(address target, bytes4 selector) internal view returns (bytes32);Parameters
| Name | Type | Description |
|---|---|---|
target | address | The contract address. |
selector | bytes4 | The function selector. |
Returns
| Name | Type | Description |
|---|---|---|
<none> | bytes32 | The policy hash, or bytes32(0) if none bound. |
_loadPolicy
Loads a policy blob by its hash.
function _loadPolicy(bytes32 policyHash) internal view returns (bytes memory);Parameters
| Name | Type | Description |
|---|---|---|
policyHash | bytes32 | The policy hash. |
Returns
| Name | Type | Description |
|---|---|---|
<none> | bytes | The policy blob, or empty bytes if not found. |
_policyExists
Checks if a policy exists in storage.
function _policyExists(bytes32 policyHash) internal view returns (bool);Parameters
| Name | Type | Description |
|---|---|---|
policyHash | bytes32 | The policy hash to check. |
Returns
| Name | Type | Description |
|---|---|---|
<none> | bool | True if the policy exists. |
_policyPointerOf
Returns the SSTORE2 pointer for a policy hash.
function _policyPointerOf(bytes32 policyHash) internal view returns (address);Parameters
| Name | Type | Description |
|---|---|---|
policyHash | bytes32 | The policy hash. |
Returns
| Name | Type | Description |
|---|---|---|
<none> | address | The pointer address, or address(0) if not found. |