Restrictions
Restrictions are a set of rules applied to policies that limit the parameter values that can be passed. This ensures the vault is managed in a controlled manner and vault operators have permissioned access to perform only authorized actions.
Restrictions can be applied to NearNativeTransaction Policy and ChainSigTransaction Policy to limit parameters such as contract_id, method, and their arguments. These restrictions support various comparison operators including gte (greater than or equal), lte (less than or equal), nullable and others. They can also be applied to nested objects through path specifications.
You can find example of restrictions in the ChainSigTransaction Policy documentation.
#[near(serializers = [json, borsh])]
#[derive(Clone)]
pub struct Restriction {
pub method: String,
pub contract_id: String,
pub schema: Vec<Schema>,
// ABI (evm), IDL (svm), encoded in base 64
pub interface: String,
// for svm, the instructions have a wide range of possibility
// eg: Transferring USDC from account A to account B
// possible instructions set:
// 1. [create_account, transfer]
// 2. [transfer]
// both are valid, strategist can utilize this prop to
// skip first instruction if required
pub go_to_index_if_not_found: Option<i8>,
}
#[near(serializers = [json, borsh])]
#[derive(Clone)]
pub struct Schema {
pub path: String,
pub r#type: TypeKind,
pub eq: Option<String>, // equal
pub ne: Option<String>, // not equal
pub gte: Option<String>, // greater than or equal
pub lte: Option<String>, // lesser than or equal
pub gt: Option<String>, // greater than
pub lt: Option<String>, // lesser than
pub nullable: Option<bool>,
}
#[near(serializers = [json, borsh])]
#[derive(Clone)]
pub enum TypeKind {
// available comparator: eq, ne
String,
// available comparator: eq, ne, gte, lte, gt, lt
BigInt,
// available comparator: eq
// bool comparator value should be "true" | "false"
Boolean,
}