Contracts Repository
View the Operator Allowlist source code
Why It’s Required
The Operator Allowlist protects game studios from:- Vampire attacks: Unauthorized marketplaces bypassing royalties
- Protocol fee evasion: Trading outside Immutable’s ecosystem
- Revenue loss: Transactions that don’t pay creator royalties
Non-Compliance Consequences
- Forfeit any token grants received
- Passport users see warnings that your collection may be counterfeit
- Exclusion from ecosystem marketplaces (TokenTrove, GameStop NFT, etc.)
How It Works
The allowlist is a registry of approved operator addresses:Enforcement Flows
Approvals (approve, setApprovalForAll):
Transfers (
transferFrom, safeTransferFrom):
Implementation
Using Preset Contracts
All Immutable preset contracts and contracts deployed via Hub include Operator Allowlist protection by default.Custom Contracts
For custom contracts, inherit fromOperatorAllowlistEnforced.sol:
Operator Allowlist Addresses
Get the current address from the Immutable API:Immutable manages the allowlist with pre-approved addresses including Seaport and smart contract wallet deployments. Use this instead of deploying your own.
Request Allowlist Addition
To add your contract to the Operator Allowlist:1
Verify Contract
Verify your contract on Immutable Explorer. See the verification guide.
2
Link Contract
In Hub, go to Contracts and click Link Contract.
3
Request OAL Addition
On your contract’s detail page, click Add to OAL and follow the instructions.
4
Wait for Approval
- Testnet: Typically seconds (automated)
- Mainnet: Up to one week (manual review)
Pre-Approved Operators
The following are already on the Operator Allowlist:- Immutable Orderbook
- Immutable smart contract wallets
- Major ecosystem marketplaces
Interface
TheIOperatorAllowlist interface provides:
Royalties
Configure royalty payments
Deploy Contract
Deploy a compliant contract