Proxy RPC API
In a standard rollup, there is a standard RPC API that provides full access to transaction data for users. With Prividium, the Proxy RPC is an additional layer in between end users and the chain's standard RPC API.
The purpose of the Proxy RPC API is to filter blockchain transactions and wallet interactions. It serves as an intermediary between web apps/wallets and blockchain data while enforcing transaction-level access control.
Access to the standard RPC should remain private. We highly recommend implementing a secure firewall around the standard RPC API. Only the Proxy RPC API endpoint should be publicly shared.
Setting up the Proxy
To set up the legacy Proxy, you can follow the instructions in the local setup guide.
The new implementation of the Proxy is not yet publicly available.
Limitations
Multicall contract methods
Currently, multicall contract methods cannot be used in any access policy, as it would enable bypassing the other access policy rules.
L1-L2 transactions
L1-L2 transactions, also known as forced transactions, originate from Ethereum (the L1) and can be force included on the L2 chain. In a public chain, this mechanism helps ensure censorship resistance for users, and allows them to retain full control of their assets.
For ZKsync Prividium chains though, forced transactions can also be a vector for deploying arbitrary contracts, performing arbitrary contract writes, and leaking data through blind attacks. The ZKsync protocol contracts have a way to request arbitrary transaction to be executed from Ethereum, and it can be used to bypass the privacy configuration of a ZKsync Prividium chain.
Currently L1-L2 transactions are not automatically disabled in ZKsync Prividium chains. ZKsync Prividium chain operators can be protected against malicious use of these forced transactions by implementing transaction filtering. Note that for users, this means that the chain has the ability to censor transactions. It is the responsibility of the chain operator to decide how to implement this filtering.