Access Control Use-cases

Why institutions and regulated businesses need transaction and contract deployment controls.

Access control in real-world networks

In permissioned or semi-permissioned environments, “open access” is often not acceptable. Organizations may need to control who can submit transactions (“transactors”) and who can deploy contracts (“deployers”) for operational risk management and compliance.

Here are common use-cases (non-exhaustive):

  • KYC / AML gating: Only onboarded entities can transact or deploy contracts.
  • Consortium networks: A set of known participants (banks, enterprises, or agencies) share a network; membership changes over time.
  • Staged rollouts: Start with restricted access during pilot phases, then broaden access once monitoring and incident response are mature.
  • Reducing exploit surface: Limiting deployers reduces the risk of malicious contract deployments; limiting transactors mitigates spam and abuse.
  • Operational controls: Restrict privileged actions to approved operators (e.g., deployments via CI/CD wallets) and separate duties between teams.
  • Regulatory requirements: Some businesses must prove control over participants, auditability of access changes, and governance over who can run what.

In the rest of this course, we’ll implement these controls using two AllowList-based precompiles: the Transaction AllowList and the Contract Deployer AllowList.

Is this guide helpful?

Allowlist Breakdown (Admin, Manager, Enabled)

Understand the AllowList interface used by many Avalanche L1 precompiles and how its roles work.

Transaction Deployer Allowlist

Enable and understand the Transaction AllowList precompile (who can submit transactions).

On this page

Access control in real-world networks

Page Actions

Edit on GitHubReport Issue
Instructors:
Join Telegram Course Chat