How to Restrict Token Transfers to Whitelisted Principals in a Dapp?

nourAhmed123 · February 4, 2025, 12:43pm

Hi everyone,

I am developing a Dapp on ICP where I want to implement a whitelist mechanism for token transfers. The goal is to restrict token transfers so that users can only send tokens to other principals that are whitelisted within the Dapp.

What is the best approach to implement this on ICP?
Is there a way to do this efficiently without modifying the token standard?

Any guidance, sample code, or best practices would be greatly appreciated!

Thanks in advance.

skilesare · February 4, 2025, 3:23pm

github.com/PanIndustrial-Org/ICRC_fungible

src/examples/Allowlist.mo

main

/////////////////////
///
/// Sample token with allowlist
///
/// This token uses the base sample token but adds functions to handle the final authorization
/// of transfers, approves, and transfers_from. The same effect could be accomplished by blocking 
/// in the public functions, but we wanted to demonstrate the ability to intercept these calls
/// as well as to update the values of the transaction.  In this instance, since everyone must be on an
/// allow list we choose to override the fee to 0 if the user is on the allowlist.  Again we could do this
/// via configuration by setting the fee to #Fixed(0) in the ICRC1 config, but we wanted to demonstrate the
/// update pattern.
///
/// New valid principals can be added by calling the admin_update_allowlist(Principal, Bool) function.  The
/// token owner is added durning initialization.
///
/// The only changes to the base code are the configuration of the can_transfer that is passed to transfer,
/// and can_approve and can_transfer_from passed to the respective functions. Those functions and supporting infrastructure
/// can be found at the end of the actor file. 
///
/////////////////////

This file has been truncated. show original

nourAhmed123 · February 5, 2025, 3:00pm

thank you but do you know How can I ensure that even if a user sends tokens to a Principal on the NNS, they will not be able to transfer those tokens to another Principal who is not whitelisted? Specifically, I want to restrict token transfers outside my dApp by enforcing whitelist checks at the ledger level.

Buriburizaemon · February 5, 2025, 5:22pm

you can’t unless you wrote the code for the token/ledger.

if you’re writing your own token code then a pre check like this will work:

if whitelisted(principal) == true{
     transfer(from, to, amount)
}else{
    return Error
}

skilesare · February 5, 2025, 5:34pm

That is literally what the code does.

Topic		Replies	Views
Restricting ICRC2 Token Transfers to Whitelisted Principals Across All Platforms Rust	7	44	February 6, 2025
How to Restrict Specific Actions in an ICRC2 Ledger to Certain Principals? Developers	4	62	February 5, 2025
Transfer ICP - anonymous principal Developers nns	1	192	June 14, 2024
Regarding the issue of whitelisted addresses Developers Functional-Programming	9	1061	October 13, 2022
How to transfer funds/tokens from a master identity to another identity / wallet Developers nns	19	685	December 21, 2023

How to Restrict Token Transfers to Whitelisted Principals in a Dapp?

Related topics