CKB Transaction Firewall
Block transactions to blacklisted addresses at consensus — regardless of what your application code does.
What it does
Section titled “What it does”The firewall is an outgoing payment filter. It prevents a CKB wallet cell from being spent in a transaction that creates outputs pointing to blacklisted lock or type args. It does not block incoming payments, does not screen counterparties, and does not affect cells that don’t use the firewall lock.
When application code is compromised — a hijacked agent runtime, a prompt injection, a forked payout path that skips the check — the on-chain lock still runs. CKB nodes enforce the blacklist rule at consensus for every transaction that tries to spend a firewall-protected cell.
Components
Section titled “Components”| Component | What it does |
|---|---|
firewall-lock | CKB lock script that runs at consensus on every node when a protected cell is spent. Enforces the blacklist regardless of what application code does. |
| Registry cell | Live CKB cell whose data is a BLKL v2 binary payload — a sorted, versioned blacklist maintained by governance. |
@ckb-firewall/sdk / ckb-transaction-firewall-sdk | Off-chain pre-flight check in TypeScript or Rust. Runs the same logic as the lock before signing — fast feedback, structured errors. |
@ckb-firewall/cli | CLI for inspecting the live registry, testing addresses, and running the full governance lifecycle. |
| Governance | Signed, time-locked, multi-party process for adding and removing blacklist entries. Enforced at consensus via on-chain proposal cells. |
Choose your path
Section titled “Choose your path” Integration developer Add blacklist pre-flight checking to a TypeScript or Rust application.
Governance validator Review and vote on blacklist proposals using the CLI.
Registry operator Deploy a private blacklist registry with treasury-lock and governance.
Auditor / evaluator Trust assumptions, guarantees, and what governance key compromise means.