Supported Criteria
On this page, you can find all the criteria supported by the Armory Policy Engine. These will be used to build policy conditions.
Have a use-case not supported? Additional criteria can be created to model nearly any scenario.
checkAction
args |
---|
signTransaction |
signRaw |
signMessage |
signUserOperation |
signTypedData |
grantPermission |
checkResource
checkPermission
This criterion applies an AND between each argument in the array
args |
---|
wallet:import |
wallet:create |
wallet:read |
checkPrincipalId
checkPrincipalRole
args |
---|
root |
admin |
member |
manager |
checkPrincipalGroup
checkAccountId
checkAccountAddress
checkAccountType
args |
---|
eoa |
4337 |
checkAccountGroup
checkAccountAssigned
checkSourceId
checkSourceAddress
checkSourceAccountType
args |
---|
eoa |
4337 |
checkSourceClassification
args |
---|
internal |
external |
counterparty |
managed |
checkDestinationId
checkDestinationAddress
checkDestinationAccountType
args |
---|
eoa |
4337 |
checkDestinationClassification
args |
---|
internal |
external |
counterparty |
managed |
checkIntentType
args |
---|
transferNative |
transferErc20 |
transferErc721 |
transferErc1155 |
approveTokenAllowance |
permit |
permit2 |
callContract |
retryTransaction |
cancelTransaction |
deployContract |
deployErc4337Account |
deploySafeAccount |
signMessage |
signRaw |
signTypedData |
userOperation |
checkIntentChainId
checkIntentAmount
Intent amount by currency is not supported yet.
currency (*optional) |
---|
fiat:usd |
fiat:eur |
operator | description |
---|---|
gt | greater than |
gte | greater than or equal |
lt | lower than |
lte | lower than or equal |
eq | equal |
ne | not equal |
checkIntentContract
checkIntentSpender
checkIntentToken
checkIntentHexSignature
checkIntentMessage
operator |
---|
eq |
contains |
checkIntentPayload
checkIntentAlgorithm
args | description |
---|---|
ES256K | secp256k1 - an Ethereum EOA |
ES256 | secp256r1 - ecdsa but not ethereum |
RS256 |
checkIntentDomain
checkErc1155TokenId
checkErc1155Transfers
operator | description |
---|---|
gt | greater than |
gte | greater than or equal |
lt | lower than |
lte | lower than or equal |
eq | equal |
ne | not equal |
checkPermitDeadline
operator | description |
---|---|
gt | greater than |
gte | greater than or equal |
lt | lower than |
lte | lower than or equal |
eq | equal |
ne | not equal |
checkGasFeeAmount
Gas fee by currency is not supported yet.
currency (*optional) |
---|
fiat:usd |
fiat:eur |
operator | description |
---|---|
gt | greater than |
gte | greater than or equal |
lt | lower than |
lte | lower than or equal |
eq | equal |
ne | not equal |
checkNonceExists
checkNonceNotExists
checkApprovals
approvalEntityType |
---|
Narval::User |
Narval::UserRole |
Narval::UserGroup |
checkSpendingLimit
Only Native Transfers and ERC20 Transfers are supported. So this criterion can only be combined with checkIntentType({"transferNative"}) OR checkIntentType({"transferErc20"})
Spending limit by currency is not supported yet.
operator | description |
---|---|
gt | greater than |
gte | greater than or equal |
lt | lower than |
lte | lower than or equal |
eq | equal |
ne | not equal |
currency (*optional) |
---|
fiat:usd |
fiat:eur |
Each timeWindow property is optional
timeWindow | values | description |
---|---|---|
type | rolling, fixed | |
period | 1d, 1m, 1y | this can be combined only with fixed type window |
value | number | time window length in seconds |
startDate | number | timestamp in ms |
endDate | number | timestamp in ms |
Each filters property is optional
filters | values | description |
---|---|---|
perPrincipal | boolean | filter spendings by principal id |
tokens | filter spendings by asset ids | |
users | filter spendings by user ids | |
resources | filter spendings by resource ids | |
destinations | CAIP-10 | filter spendings by destination ids |
chains | filter spendings by chain ids | |
userGroups | filter spendings by user group ids | |
accountGroups | filter spendings by account group ids |
checkRateLimit
Only Native Transfers and Erc20 Transfers are supported. So this criterion can only be combined with checkIntentType({"transferNative"}) OR
checkIntentType({"transferERC20"})
User Operation
checkEntryPointId
checkEntryPointAddress
checkEntryPointAccountType
args |
---|
eoa |
4337 |
checkEntryPointClassification
args |
---|
internal |
external |
counterparty |
managed |
checkUserOperationIntents
args | values |
---|---|
type | |
contract | |
token | |
spender | |
chainId | |
hexSignature | |
algorithm | |
source | id: checkSourceId address: checkSourceAddress accountType: checkSourceAccountType classification: checkSourceClassification |
destination | id: checkDestinationId address: checkDestinationAddress accountType: checkDestinationAccountType classification: checkDestinationClassification |
transfers | tokens: checkErc1155TokenId amounts: checkErc1155Transfers |
amount | |
message | |
payload | |
domain | |
deadline |
Last updated