Skip to main content

Wallet Token Filter

The wallet token filter selects the token balances of an on-chain wallet as a constraint for transaction risk control, restricting outbound movements of the wallet’s token assets.

I. Filter Positioning

The wallet token filter applies risk control to token assets held by the on-chain wallet.

Unlike the wallet balance filter, which only controls native assets, the wallet token filter specifically targets token assets to restrict:

  • Token transfers
  • Token approvals
  • Asset changes resulting from program invocations

This filter prevents token assets from being moved abnormally without consuming native coin balances.
It serves as an important complement to the wallet balance filter, forming the core security control at the token asset level.

II. Target Scope

  • All token accounts associated with the current on-chain wallet
  • Includes tokens directly held or controllable by the wallet

III. Parameters

The wallet token filter supports whitelist or blacklist-based matching strategies to determine which token assets should be included in subsequent risk control calculations.

  • Whitelist Mode (InList)

    • Tokens involved in the transaction that are on the configured list are included in subsequent risk control calculations
    • Tokens not on the list are excluded from this filter’s risk control scope

  • Blacklist Mode (NotInList)

    • Tokens involved in the transaction that are on the configured list are excluded from subsequent risk control calculations
    • Tokens not on the list are included in subsequent risk control calculations

Token lists are configured using token Mint addresses.

Whitelist and blacklist modes cannot be enabled simultaneously. Only one mode can be selected: Whitelist (InList) or Blacklist (NotInList).

IV. Typical Use Cases

  • Limit the scope of token assets included in risk control for a single transaction

    • Example: only specified tokens (whitelist) are considered for transaction amount restrictions

  • Prevent bypassing risk control rules through unauthorized tokens

    • Example: tokens in the blacklist are excluded from risk control calculations, avoiding false positives