Transfer Security

Creator Token Standard contracts implement transfer security through the use of Transfer Security Levels and Lists giving creators full control over how their creations are distributed and used.

Transfer Security Levels

A collection's Transfer Security Level determines what restrictions are applied to transfers made by token owners. There are eight unique security levels with the default Recommended level being functionally equivalent to level 3 while optimizing contract initialization gas costs by leaving the storage slot as a zero value.

Level	List Type	OTC	Smart Contract Receivers
Recommended	Whitelist	Allowed	Allowed
1	None	Allowed	Allowed
2	Blacklist	Allowed	Allowed
3	Whitelist	Allowed	Allowed
4	Whitelist	Blocked	Allowed
5	Whitelist	Allowed	Blocked Using Code Length Check
6	Whitelist	Allowed	Blocked Using EOA Signature Verification
7	Whitelist	Blocked	Blocked Using Code Length Check
8	Whitelist	Blocked	Blocked Using EOA Signature Verification

Transfer security settings are applied by a Transfer Validator contract. Limit Break provides a default transfer validator for use by collections. Creators may implement their own transfer validator however it is highly recommended to use the default for user experience and gas efficiency as it provides a single EOA Registry for all collections using Creator Token Standards and will minimize user friction on collections that apply security levels 6 or 8.

Creators can manage their security settings at https://developers.freenft.com, with direct calls to their token contract (see Token Contract Functions) or direct calls to the transfer validator (see Transfer Contract Functions).

List Type

List types may be None, Blacklist or Whitelist and apply to the over-the-counter (OTC) transfer setting.

None is only applied to security level 1. There are no filter lists applied to the transfer.
Blacklist is only applied to security level 2. If the transaction caller's codehash or contract address has been added to the list the transaction will not be allowed. This type of list is easily bypassed by users that deploy the same contracts to new addresses or make small changes to the contract code to get a new codehash without significantly changing the contract logic.
Whitelist is applied to all other security levels. If the transaction caller's codehash or contract address has not been added to the list the transaction will not be allowed. This type of list allows a creator to specify exactly which contracts are allowed to transact items in the collection.

Lists

Lists contain contract addresses and codehashes curated by a list owner and are stored in the Transfer Validator that is utilized by the collection. Lists may be shared between collections. A list will be enforced during a token transfer transaction based on the security level set for the collection.

OTC

OTC may be set to Allowed or Blocked based on the security level selected. If OTC is Allowed then a token owner may transfer their tokens to another address without the transfer routing through another smart contract. If OTC is Blocked then a token owner's transfer must be routed through a smart contract.

Smart Contract Receivers

Smart Contract Receivers may be set to Allowed or Blocked with the blocked state enforcement set to Code Length Check or EOA Signature Verification. If smart contract receivers are Allowed then a token may be transferred to a smart contract. If smart contract receivers are Blocked then the transfer validator will check that the receiver is an EOA using contract code length or by requiring the receiver send a signed message to the EOA Registry to prove that their is a private key for the address.

Code length checks may be bypassed by executing transactions from a smart contract's constructor code. EOA signature verification requires additional steps and a transaction by the receiver.

Mechanisms By Which Royalties Can Be Evaded (By Security Level)

Level	Blocked Exchange	Pop-Up Exchange	OTC / Escrow	Wrapper Contracts	Trading Multi-Sig Wallets	Centralized Exchange w/EOA
1	Yes	Yes	Yes	Yes	Yes	Yes
2	No	Yes	Yes	Yes	Yes	Yes
3	No	No	Yes	Yes	Yes	Yes
4	No	No	No	Yes	Yes	Yes
5	No	No	Yes	Limited	No	Yes
6	No	No	Yes	No	No	Yes
7	No	No	No	Limited	No	Limited
8	No	No	No	No	No	Limited

Transfer Security Functions

Transfer security functions are located in two places for a token contract - the token contract itself and the transfer validator contract that the token contract has set as its transfer validator.

Token Contract Functions

The functions in this section are implemented in the token contract.

setToDefaultSecurityPolicy

Callable by the token contract owner or any account that is assigned the default admin role to reset transfer security settings back to the Creator Token Standard defaults.

function setToDefaultSecurityPolicy() public;

setToCustomValidatorAndSecurityPolicy

Callable by the token contract owner or any account that is assigned the default admin role to set a new transfer validator, transfer security level and specify a list for blacklist/whitelist restrictions.

function setToCustomValidatorAndSecurityPolicy(
    address validator, 
    TransferSecurityLevels level, 
    uint120 listId
) public;

setToCustomSecurityPolicy

Callable by the token contract owner or any account that is assigned the default admin role to set the transfer security level and specify a list for blacklist/whitelist restrictions.

function setToCustomSecurityPolicy(
    TransferSecurityLevels level, 
    uint120 listId
) public;

setTransferValidator

Callable by the token contract owner or any account that is assigned the default admin role to set the transfer validator to a new address.

function setTransferValidator(address transferValidator_) public;

Transfer Validator Functions

The functions in this section are implemented in the transfer validator used by the token contract.

createList

Callable by any user to create a new list.

function createList(string calldata name) public returns (uint120);

createListCopy

Callable by any user to create a new list copied from an existing list.

function createListCopy(string calldata name, uint120 sourceListId) external returns (uint120);

reassignOwnershipOfList

Callable by the owner of a list to transfer ownership of the list to a new owner.

function reassignOwnershipOfList(uint120 id, address newOwner) public;

renounceOwnershipOfList

Callable by the owner of a list to renounce ownership of the list and prevent further changes.

function renounceOwnershipOfList(uint120 id) public;

addAccountsToBlacklist

Callable by the owner of a list to add the specified accounts to the list's blacklist.

function addAccountsToBlacklist(
    uint120 id, 
    address[] calldata accounts
) external;

addAccountsToWhitelist

Callable by the owner of a list to add the specified accounts to the list's whitelist.

function addAccountsToWhitelist(
    uint120 id, 
    address[] calldata accounts
) external;

addCodeHashesToBlacklist

Callable by the owner of a list to add the specified code hashes to the list's blacklist.

function addCodeHashesToBlacklist(
    uint120 id, 
    bytes32[] calldata codehashes
) external;

addCodeHashesToWhitelist

Callable by the owner of a list to add the specified code hashes to the list's whitelist.

function addCodeHashesToWhitelist(
    uint120 id, 
    bytes32[] calldata codehashes
) external;

removeAccountsFromBlacklist

Callable by the owner of a list to remove the specified accounts from the list's blacklist.

function removeAccountsFromBlacklist(
    uint120 id, 
    address[] calldata accounts
) external;

removeAccountsFromWhitelist

Callable by the owner of a list to remove the specified accounts from the list's whitelist.

function removeAccountsFromWhitelist(
    uint120 id, 
    address[] calldata accounts
) external;

removeCodeHashesFromBlacklist

Callable by the owner of a list to remove the specified code hashes from the list's blacklist.

function removeCodeHashesFromBlacklist(
    uint120 id, 
    bytes32[] calldata codehashes
) external;

removeCodeHashesFromWhitelist

Callable by the owner of a list to remove the specified code hashes from the list's whitelist.

function removeCodeHashesFromWhitelist(
    uint120 id, 
    bytes32[] calldata codehashes
) external;

setTransferSecurityLevelOfCollection

Callable by the token contract, owner of the token contract or any account that has been assigned the default admin role for the token contract to set the token's transfer security level.

function setTransferSecurityLevelOfCollection(
    address collection, 
    TransferSecurityLevels level
) external;

applyListToCollection

Callable by the token contract, owner of the token contract or any account that has been assigned the default admin role for the token contract to set the list to use when applying whitelist/blacklist transfer restrictions.

function applyListToCollection(address collection, uint120 id) public;

Transfer Security Levels​

List Type​

Lists​

OTC​

Smart Contract Receivers​

Mechanisms By Which Royalties Can Be Evaded (By Security Level)​

Transfer Security Functions​

Token Contract Functions​

setToDefaultSecurityPolicy​

setToCustomValidatorAndSecurityPolicy​

setToCustomSecurityPolicy​

setTransferValidator​

Transfer Validator Functions​

createList​

createListCopy​

reassignOwnershipOfList​

renounceOwnershipOfList​

addAccountsToBlacklist​

addAccountsToWhitelist​

addCodeHashesToBlacklist​

addCodeHashesToWhitelist​

removeAccountsFromBlacklist​

removeAccountsFromWhitelist​

removeCodeHashesFromBlacklist​

removeCodeHashesFromWhitelist​

setTransferSecurityLevelOfCollection​

applyListToCollection​