Overview

Fireblocks allows you to create contract call transactions for calling specific functions of contracts on EVM blockchains. You can configure Transaction Authorization Policy (TAP) rules with the Contract call operation type to control which users can call smart contract functions and under which circumstances.

Using the Contract call methods parameter, you can define which specific functions in the smart contract are allowed to be called. This allows you to have more control over your Web3 and Decentralized Finance (DeFi) operations as well as the smart contracts you manage from your workspace.

Contract call decoding

Contract call details are recorded as hexadecimal encoded strings. To determine the details of a contract and which functions are being called, Fireblocks decodes contract calls using the contract’s Application Binary Interface (ABI) which is verified on the relevant block explorer. This also allows the appropriate TAP rules to be applied.

If a contract doesn’t have a verified ABI, calls to it will not be decoded. If you have your own contract that’s not verified and want to upload its ABI to Fireblocks, contact Fireblocks Support.

Creating a TAP rule for a specific method

1. Whitelist the smart contract’s address using the Contract type.
2. Create a TAP rule using the Contract call operation type. Specify the relevant whitelisted contract address as the destination.
3. For the Contract call methods parameter, select Specific methods and enter the functions you want this rule to apply to. You can apply the rule to any function you enter or to the exact list of functions.
4. Configure the remainder of the TAP rule as necessary.

Either or Exact list

Some contract calls can call more than one function in the same transaction. This could be for calling two different functions or as part of a more complicated logic. For example, some contracts use a function named multicall that calls additional functions. In order to whitelist specific functions in this contract, both multicall and the other desired function should be defined in your TAP rule.

When entering multiple functions for a TAP rule, you can choose how the rule should be applied to them.

• Either: the rule applies for any call that is made to ANY of the chosen functions
• Exact list: the rule only applies if all of the functions (and no other functions) are part of the call

In the example above:

• if a call is made to function execute(bytes,bytes[]), the rule will apply.
• if a call is made to function execute(bytes,bytes[],uint256), the rule will apply.
• if a call is made to both functions, the rule will not apply.

In the example above:

• if a call is made to function execute(bytes,bytes[]), the rule will not apply.
• if a call is made to function execute(bytes,bytes[],uint256), the rule will not apply.
• if a call is made to both functions and also mint(address,uint256), the rule will not apply.
• if a call is made to both functions, the rule will apply.

Using contract call methods for tokenization

Configuring TAP rules for contract call methods can also be helpful for tokenization. The Fireblocks Tokenization feature allows you to deploy and manage contracts for your custom tokens. When managing your tokens, you can call specific functions, such as minting tokens, pausing the contract, transferring ownership, and other functions, directly from the Fireblocks Console.

Using the Contract call methods parameter when creating TAP rules gives you more granular control over these complex operations. You can determine which users are allowed to call which functions, create user groups for more sensitive operations, and manage your risk profile accordingly.