You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: src/pages/protocol/tip20/overview.mdx
+1-1Lines changed: 1 addition & 1 deletion
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -16,7 +16,7 @@ Existing tokens continue to work unchanged. See the [T4 → T5 migration appendi
16
16
:::
17
17
18
18
:::info[Coming with T6]
19
-
The [T6 network upgrade](/protocol/upgrades/t6) adds account-level receive policies for TIP-20 transfers and mints ([TIP-1028](https://tips.sh/1028)). A receiver can choose which tokens and senders they accept. If a receive policy blocks delivery, the transfer or mint still succeeds, but funds are redirected to `ReceivePolicyGuard` so they can be claimed later.
19
+
The [T6 network upgrade](/protocol/upgrades/t6) adds account-level receive policies for TIP-20 transfers and mints ([TIP-1028](https://tips.sh/1028)). A receiver can choose which tokens and senders they accept, helping wallets and deposit addresses avoid unsupported assets, unwanted counterparties, and wrong-token deposits. If a receive policy blocks delivery, the transfer or mint still succeeds, but funds are redirected to `ReceivePolicyGuard` so they can be claimed later.
20
20
21
21
See the [T5 → T6 migration appendix on the TIP-20 spec](/protocol/tip20/spec#t5--t6-migration) for the TIP-20 surface area.
Copy file name to clipboardExpand all lines: src/pages/protocol/upgrades/t6.mdx
+7-3Lines changed: 7 additions & 3 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -35,6 +35,8 @@ T6 is mostly additive. The notes below cover behaviors that integrators, indexer
35
35
36
36
Receivers can declare which TIP-20 tokens they accept and which senders may send those tokens to them. Both controls live on the TIP-403 precompile as a per-address policy, set via `setReceivePolicy(...)` and enforced via `validateReceivePolicy(...)`. The token's existing TIP-403 policy still runs first and still reverts on failure.
37
37
38
+
This gives wallets, fintechs, orchestrators, and exchanges receiver-side control without requiring every token issuer or application to build custom allowlist logic. For example, an internal treasury wallet can avoid receiving unsupported assets, and a deposit wallet can accept only the stablecoin it is meant to handle.
39
+
38
40
When a receive policy blocks an inbound `transfer`, `transferFrom`, `transferWithMemo`, `transferFromWithMemo`, `systemTransferFrom`, `mint`, or `mintWithMemo`, **the call still succeeds** and delivery is redirected to a new precompile, `ReceivePolicyGuard`, at `RECEIVE_POLICY_GUARD_ADDRESS`. The guard records a receipt for the blocked transfer that the receiver-designated recovery authority (either the originator or a recovery address picked by the receiver) can claim later.
39
41
40
42
- Senders observing a successful `Transfer` event from the host TIP-20 to `RECEIVE_POLICY_GUARD_ADDRESS` should not assume the receiver was credited. Wallets and accounting systems must read the guard receipt to track funds that were redirected.
@@ -66,10 +68,12 @@ T6-compatible SDK releases will be listed here as they ship.
66
68
67
69
[TIP-1028](https://tips.sh/1028) extends [TIP-403](/protocol/tip403/spec) with per-address receive policies that let a receiver control which TIP-20 tokens they accept and who can send those tokens to them. When an inbound transfer or mint is blocked by a receive policy, delivery is redirected to a new protocol precompile, `ReceivePolicyGuard`, where it is recorded as a receipt and can be claimed later by the originator or by a recovery address designated by the receiver. The token's TIP-403 policy still runs first and still reverts on failure; only receive-policy failures redirect.
68
70
69
-
This addresses two practical receiver-side problems:
71
+
This addresses practical receiver-side problems:
70
72
71
-
- A regulated entity may want to accept only KYC'ed senders without those senders' transactions reverting.
72
-
- Orchestrators and exchanges may want to accept only specific tokens at deposit addresses to prevent unrecoverable funds without locking up the sender.
73
+
- A regulated entity may want to accept only approved counterparties or block known-risk counterparties.
74
+
- Fintechs may want to prevent internal wallets or customer wallets from holding unsupported or undesirable tokens.
75
+
- Orchestrators and exchanges may want deposit addresses to accept only the tokens they support, reducing wrong-token deposit mistakes.
76
+
- Wallets and support teams get a recovery path for blocked transfers instead of treating every policy mismatch as an unrecoverable delivery problem.
0 commit comments