# Address Block List

Source: https://docs.settlemint.com/docs/compliance-security/compliance/address-block-list
Block specific EVM wallet addresses from sending or receiving a regulated token, without requiring an OnchainID identity.



Use the Address Block List compliance module when a rule must target a specific EVM wallet. The platform rejects a transfer when either the sender or recipient appears on the stored list.

Choose Address Block List for wallet-level blocking. If a rule must follow an investor across wallets, use [Identity lists](/docs/compliance-security/compliance/identity-lists). If a rule is jurisdiction-based, use [Country restrictions](/docs/compliance-security/compliance/country).

For broader policy design, see [Asset policy](/docs/architecture/concepts/asset-policy), [Compliance overview](/docs/compliance-security/compliance), and [Asset creation](/docs/operators/asset-creation/create-asset).

## Where this module applies [#where-this-module-applies]

| Concern          | Behavior                                         |
| ---------------- | ------------------------------------------------ |
| Minting          | Checks the recipient address.                    |
| Transfers        | Checks both sender and recipient addresses.      |
| Burns            | No address block check in the destroy hook.      |
| Forced transfers | No separate forced-transfer rule in this module. |

## Module behaviour [#module-behaviour]

| Module               | Granularity | Purpose                                      | Configuration                  |
| -------------------- | ----------- | -------------------------------------------- | ------------------------------ |
| **AddressBlockList** | Per wallet  | Block configured wallets from participating. | Array of EVM wallet addresses. |

AddressBlockList stores an array of blocked EVM addresses. During a transfer check, the module compares the sender and recipient against that list. If either address is blocked, the check fails with the reason `Address blocked`.

## When to use address blocking [#when-to-use-address-blocking]

Use AddressBlockList to block wallets at the address level. Common cases:

* A wallet that appears on a sanctions, fraud, or incident-response list.
* A compromised wallet that must not send or receive an asset.
* A counterparty address you need to stop without touching identity-level policy.

When a restriction must follow an investor across wallets, use [Identity Lists](/docs/compliance-security/compliance/identity-lists) instead.

AddressBlockList is wallet-specific. A new wallet address sits outside the block list until you add it explicitly.

## Interface capabilities [#interface-capabilities]

| Capability     | Who can call                      | Inputs                                | On-chain effect                            | Emits | Notes                         |
| -------------- | --------------------------------- | ------------------------------------- | ------------------------------------------ | ----- | ----------------------------- |
| `updateConfig` | Compliance engine or module admin | ABI-encoded array of wallet addresses | Replaces the stored blocked-address list.  | None  | Empty list blocks none.       |
| `canTransfer`  | Compliance engine                 | Token, sender, recipient, amount      | Rejects if sender or recipient is blocked. | None  | Fails with `Address blocked`. |
| `transferred`  | Compliance engine                 | Token, sender, recipient, amount      | No state change.                           | None  | Lifecycle hook only.          |
| `created`      | Compliance engine                 | Token, recipient, amount              | No state change.                           | None  | Lifecycle hook only.          |
| `destroyed`    | Compliance engine                 | Token, holder, amount                 | No state change.                           | None  | Lifecycle hook only.          |

## Configuration [#configuration]

Configure the module with the EVM addresses to block for this asset. The contract stores the list as an array.

Each update replaces the full stored list. Include every address that must remain blocked in the new payload. An empty list is valid and blocks no addresses.

```json
["0x742d35Cc6634C0532925a3b844Bc9e7595f6eD2"]
```

For API-style configuration, use the address block list compliance type with an array of addresses as `values`.

```json
{
  "typeId": "address-block-list-v2",
  "values": ["0x742d35Cc6634C0532925a3b844Bc9e7595f6eD2"],
  "module": "0x71C7656EC7ab88b098defB751B7401B5f6d8976F"
}
```

Before you submit an update, decide whether the restriction belongs at the wallet level or identity level:

| Policy decision                                 | Use AddressBlockList? | Better fit                                                            |
| ----------------------------------------------- | --------------------- | --------------------------------------------------------------------- |
| Block one compromised wallet                    | Yes                   | Address Block List                                                    |
| Block a sanctions-listed wallet address         | Yes                   | Address Block List                                                    |
| Block an investor across all registered wallets | No                    | [Identity Lists](/docs/compliance-security/compliance/identity-lists) |
| Block a jurisdiction                            | No                    | [Country Restrictions](/docs/compliance-security/compliance/country)  |

## Key invariants [#key-invariants]

* AddressBlockList checks wallet addresses directly. It does not resolve or inspect an OnchainID identity.
* The platform rejects a transfer when either the sender or the recipient appears in the blocked-address list.
* Each configuration update replaces the module's stored address list.
* An empty address block list blocks no transfers.
* When you enable multiple compliance modules, they combine with AND semantics: every enabled module must pass before a transaction succeeds.

## Operational signals [#operational-signals]

The module does not emit dedicated events. To detect blocked-address failures, monitor failed transactions for the `Address blocked` reason, which appears when a blocked sender or recipient attempts to transfer.

## Failure modes and edge cases [#failure-modes-and-edge-cases]

* Blocking one wallet does not block other wallets the same investor controls. Use identity-level blocking when the policy must follow the investor across wallets.
* Adding a wallet after it received tokens does not burn or freeze the balance. The platform blocks the wallet when it tries to send, or when another address tries to send to it.
* Address-level blocking works without identity lookup, so you can apply it to wallets that have no registered identity.

## See also [#see-also]

* [Compliance Overview](/docs/compliance-security/compliance): module architecture and policy selection
* [Identity Lists](/docs/compliance-security/compliance/identity-lists): identity-level allow and block lists
* [Country Restrictions](/docs/compliance-security/compliance/country): jurisdiction-level controls
* [Create Asset](/docs/operators/asset-creation/create-asset): selecting compliance modules during asset creation