Accounts
Tempo Zones enforce account privacy at two complementary layers: the EVM execution level and the RPC access control level. Neither is sufficient alone.
- Execution alone is insufficient. Without RPC restrictions, a caller could use
eth_getStorageAtto read TIP-20 balance mapping slots directly, bypassingbalanceOfaccess control. - RPC alone is insufficient. Without execution-level changes, a caller could use
eth_callto invoke a contract that reads another account's balance and returns it, bypassing RPC-level filtering.
This page covers the execution-level protections. For the RPC layer, see the RPC specification.
Private Balances
On Tempo Mainnet, anyone can read any account's balance. On a Tempo Zone, balanceOf(address) enforces caller restrictions for TIP-20s:
- If
msg.sender == account, the call succeeds and returns the balance. - If
msg.senderis the sequencer, the call succeeds (required for block production and fee accounting). - Otherwise, the call reverts with
Unauthorized().
Enforcing this at the contract level (not just the RPC layer) ensures that even onchain composition cannot leak balances. A contract on the Tempo Zone cannot read and emit another account's balance.
Private Allowances
The allowance(owner, spender) function is similarly restricted:
- If
msg.sender == ownerormsg.sender == spender, the call succeeds. - If
msg.senderis the sequencer, the call succeeds. - Otherwise, the call reverts with
Unauthorized().
A non-zero allowance reveals that owner has interacted with spender, a relationship that should be private. Restricting reads to the two parties involved preserves standard TIP-20 (ERC-20) approval flows without leaking relationship information.
Public views like totalSupply(), name(), symbol(), and decimals() remain unrestricted.
Related Specifications
Tempo Zones also charge fixed gas costs for TIP-20 operations to prevent gas-based side channels. See Execution & Gas for details.
Tempo Zones currently disable contract creation (CREATE and CREATE2). See Execution & Gas for details.
Was this helpful?