High-risk tools in Baozi Bet
38 of the 76 tools in Baozi Bet are classified as high risk. This page profiles those tools specifically, with recommended policy actions and the attack patterns that target them.
Every operation listed below is an action PolicyLayer recommends controlling at the transport layer. Open any tool to see the full profile, risk score, and YAML policy snippet.
Tools at high risk
-
build_add_to_race_whitelist_transactionExecuteBuild transaction to add user to race market whitelist.
-
build_add_to_whitelist_transactionExecuteBuild transaction to add user to private market whitelist.
-
build_batch_claim_transactionExecuteBuild single transaction to claim multiple positions at once.
-
build_bet_transactionExecuteBuild unsigned transaction for placing a bet on a boolean (YES/NO) market.
-
build_cancel_market_transactionExecuteBuild transaction to cancel a boolean market. All bettors can claim refunds after cancellation. Only creator or admin can cancel.
-
build_cancel_race_transactionExecuteBuild transaction to cancel a race market. All bettors can claim refunds after cancellation.
-
build_change_council_vote_race_transactionExecuteBuild transaction for council member to change their vote on a race market dispute.
-
build_change_council_vote_transactionExecuteBuild transaction for council member to change their vote on a boolean market dispute.
-
build_claim_affiliate_transactionExecuteBuild unsigned transaction to claim affiliate earnings.
-
build_claim_creator_transactionExecuteBuild transaction to claim accumulated creator fees from sol_treasury.
-
build_claim_race_winnings_transactionExecuteBuild unsigned transaction to claim winnings from a resolved race market.
-
build_claim_winnings_transactionExecuteBuild unsigned transaction to claim winnings from a resolved market.
-
build_close_market_transactionExecuteBuild transaction to close betting on a market.
-
build_close_race_market_transactionExecuteBuild transaction to close betting on a race market.
-
build_create_creator_profile_transactionExecuteBuild transaction to create on-chain creator profile.
-
build_create_lab_market_transactionExecuteBuild unsigned transaction to create a Lab (community) market. Validates against v7.2 rules. IMPORTANT: You MUST provide market_type and the corresponding timing field (event_ti...
-
build_create_private_market_transactionExecuteBuild unsigned transaction to create a Private (invite-only) market.
-
build_create_race_market_transactionExecuteBuild unsigned transaction to create a Race (multi-outcome) market with 2-10 outcomes.
-
build_create_race_whitelist_transactionExecuteBuild transaction to create whitelist for private race market.
-
build_extend_market_transactionExecuteADMIN ONLY: Build transaction to extend market deadline. Requires protocol admin signature.
-
build_extend_race_market_transactionExecuteADMIN ONLY: Build transaction to extend race market deadline. Requires protocol admin signature.
-
build_flag_dispute_transactionExecuteBuild transaction to challenge a proposed resolution with a bond.
-
build_flag_race_dispute_transactionExecuteBuild transaction to dispute a race market resolution.
-
build_propose_race_resolution_transactionExecuteBuild transaction to propose race market outcome.
-
build_propose_resolution_transactionExecuteBuild transaction for creator to propose market outcome.
-
build_race_bet_transactionExecuteBuild unsigned transaction for placing a bet on a race (multi-outcome) market.
-
build_register_affiliate_transactionExecuteBuild unsigned transaction to register as an affiliate with a unique code.
-
build_remove_from_race_whitelist_transactionExecuteBuild transaction to remove user from race whitelist.
-
build_remove_from_whitelist_transactionExecuteBuild transaction to remove user from whitelist.
-
build_resolve_market_transactionExecuteBuild transaction to directly resolve a market.
-
build_resolve_race_transactionExecuteBuild transaction to directly resolve a race market.
-
build_toggle_affiliate_transactionExecuteADMIN ONLY: Build transaction to activate/deactivate affiliate. Requires protocol admin signature.
-
build_update_creator_profile_transactionExecuteBuild transaction to update creator profile. Both display_name and default_fee_bps are required.
-
build_vote_council_race_transactionExecuteBuild transaction for council to vote on race dispute.
-
build_vote_council_transactionExecuteBuild transaction for council member to vote on dispute.
-
format_affiliate_linkExecuteFormat an affiliate referral link for sharing.
-
simulate_transactionExecuteSimulate a transaction before signing to check for errors.
-
suggest_affiliate_codesExecuteGenerate suggested affiliate codes based on agent name.
Attacks that target this class
High-risk tools in any server share these documented attack patterns. Each links to the full case and the defensive policy.