refactor(all): remove term whitelist and blacklist (#1994)

2026-06-19 13:21:37 +00:00 · 2026-02-10 19:39:21 +08:00 · 2026-02-10 19:39:21 +08:00 · 50210d90e3
commit 50210d90e3
parent 85f2bebfd1
27 changed files with 172 additions and 171 deletions
--- a/cmd/XDC/main.go
+++ b/cmd/XDC/main.go
@ -61,8 +61,8 @@ var (
 		utils.IdentityFlag,
 		utils.UnlockedAccountFlag,
 		utils.PasswordFileFlag,
-		utils.PeersWhitelistFlag,
-		utils.PeersBlacklistFlag,
+		utils.PeersAllowlistFlag,
+		utils.PeersDenylistFlag,
 		utils.BootnodesFlag,
 		utils.BootnodesV4Flag,
 		utils.BootnodesV5Flag,
--- a/cmd/puppeth/module_ethstats.go
+++ b/cmd/puppeth/module_ethstats.go
@ -157,7 +157,7 @@ func checkEthstats(client *sshClient, network string) (*ethstatsInfos, error) {
 	if port != 80 && port != 443 {
 		config += fmt.Sprintf(":%d", port)
 	}
-	// Retrieve the IP blacklist
+	// Retrieve the IP denylist
 	banned := strings.Split(infos.envvars["BANNED"], ",")

 	// Run a sanity check to see if the port is reachable
--- a/cmd/puppeth/wizard_ethstats.go
+++ b/cmd/puppeth/wizard_ethstats.go
@ -63,20 +63,20 @@ func (w *wizard) deployEthstats() {
 		fmt.Printf("What should be the secret password for the API? (default = %s)\n", infos.secret)
 		infos.secret = w.readDefaultString(infos.secret)
 	}
-	// Gather any blacklists to ban from reporting
+	// Gather any denylist to ban from reporting
 	if existed {
 		fmt.Println()
-		fmt.Printf("Keep existing IP %v blacklist (y/n)? (default = yes)\n", infos.banned)
+		fmt.Printf("Keep existing IP %v denylist (y/n)? (default = yes)\n", infos.banned)
 		if w.readDefaultString("y") != "y" {
 			// The user might want to clear the entire list, although generally probably not
 			fmt.Println()
-			fmt.Printf("Clear out blacklist and start over (y/n)? (default = no)\n")
+			fmt.Printf("Clear out denylist and start over (y/n)? (default = no)\n")
 			if w.readDefaultString("n") != "n" {
 				infos.banned = nil
 			}
 			// Offer the user to explicitly add/remove certain IP addresses
 			fmt.Println()
-			fmt.Println("Which additional IP addresses should be blacklisted?")
+			fmt.Println("Which additional IP addresses should be denylisted?")
 			for {
 				if ip := w.readIPAddress(); ip != "" {
 					infos.banned = append(infos.banned, ip)
@ -85,7 +85,7 @@ func (w *wizard) deployEthstats() {
 				break
 			}
 			fmt.Println()
-			fmt.Println("Which IP addresses should not be blacklisted?")
+			fmt.Println("Which IP addresses should not be denylisted?")
 			for {
 				if ip := w.readIPAddress(); ip != "" {
 					for i, addr := range infos.banned {
--- a/cmd/utils/flags.go
+++ b/cmd/utils/flags.go
@ -629,15 +629,15 @@ var (
 		Value:    30303,
 		Category: flags.NetworkingCategory,
 	}
-	PeersWhitelistFlag = &cli.StringFlag{
-		Name:     "peers-whitelist",
-		Usage:    "Comma separated NodeID or enode URLs for peer whitelist (only connect to them)",
+	PeersAllowlistFlag = &cli.StringFlag{
+		Name:     "peers-allowlist",
+		Usage:    "Comma separated NodeID or enode URLs for peer allowlist (only connect to them)",
 		Value:    "",
 		Category: flags.NetworkingCategory,
 	}
-	PeersBlacklistFlag = &cli.StringFlag{
-		Name:     "peers-blacklist",
-		Usage:    "Comma separated NodeID or enode URLs for peer blacklist (will not connect to them)",
+	PeersDenylistFlag = &cli.StringFlag{
+		Name:     "peers-denylist",
+		Usage:    "Comma separated NodeID or enode URLs for peer denylist (will not connect to them)",
 		Value:    "",
 		Category: flags.NetworkingCategory,
 	}
@ -918,66 +918,66 @@ func setNodeUserIdent(ctx *cli.Context, cfg *node.Config) {
 	}
 }

-func setWhiteBlackListPeers(ctx *cli.Context, cfg *p2p.Config) {
-	flags.CheckExclusive(ctx, PeersWhitelistFlag, PeersBlacklistFlag)
+func setAllowlistAndDenylistForPeers(ctx *cli.Context, cfg *p2p.Config) {
+	flags.CheckExclusive(ctx, PeersAllowlistFlag, PeersDenylistFlag)

-	// setup whitelist for peers
-	if ctx.IsSet(PeersWhitelistFlag.Name) {
-		urls := SplitAndTrim(ctx.String(PeersWhitelistFlag.Name))
-		cfg.WhitePeers = make(map[discover.NodeID]struct{}, len(urls))
+	// setup allowlist for peers
+	if ctx.IsSet(PeersAllowlistFlag.Name) {
+		urls := SplitAndTrim(ctx.String(PeersAllowlistFlag.Name))
+		cfg.AllowPeers = make(map[discover.NodeID]struct{}, len(urls))
 		for _, url := range urls {
 			if url != "" {
 				node1, err1 := discover.HexID(url)
 				if err1 == nil {
-					cfg.WhitePeers[node1] = struct{}{}
-					log.Info("Add peer to whitelist", "id", node1)
+					cfg.AllowPeers[node1] = struct{}{}
+					log.Info("Add peer to allowlist", "id", node1)
 					continue
 				}
 				node2, err2 := discover.ParseNode(url)
 				if err2 == nil {
-					cfg.WhitePeers[node2.ID] = struct{}{}
-					log.Info("Add peer to whitelist", "enode", url, "id", node2.ID)
+					cfg.AllowPeers[node2.ID] = struct{}{}
+					log.Info("Add peer to allowlist", "enode", url, "id", node2.ID)
 					continue
 				}
-				log.Crit("Invalid peer id for whitelist", "url", url, "err1", err1, "err2", err2)
+				log.Crit("Invalid peer id for allowlist", "url", url, "err1", err1, "err2", err2)
 			}
 		}
 	}

-	// setup blacklist for peers
-	if ctx.IsSet(PeersBlacklistFlag.Name) {
-		urls := SplitAndTrim(ctx.String(PeersBlacklistFlag.Name))
-		cfg.BlackPeers = make(map[discover.NodeID]struct{}, len(urls))
+	// setup denylist for peers
+	if ctx.IsSet(PeersDenylistFlag.Name) {
+		urls := SplitAndTrim(ctx.String(PeersDenylistFlag.Name))
+		cfg.DenyPeers = make(map[discover.NodeID]struct{}, len(urls))
 		for _, url := range urls {
 			if url != "" {
 				node1, err1 := discover.HexID(url)
 				if err1 == nil {
-					cfg.BlackPeers[node1] = struct{}{}
-					log.Info("Add peer to blacklist", "id", node1)
+					cfg.DenyPeers[node1] = struct{}{}
+					log.Info("Add peer to denylist", "id", node1)
 					continue
 				}
 				node2, err2 := discover.ParseNode(url)
 				if err2 == nil {
-					cfg.BlackPeers[node2.ID] = struct{}{}
-					log.Info("Add peer to blacklist", "enode", url, "id", node2.ID)
+					cfg.DenyPeers[node2.ID] = struct{}{}
+					log.Info("Add peer to denylist", "enode", url, "id", node2.ID)
 					continue
 				}
-				log.Crit("Invalid peer id for blacklist", "url", url, "err1", err1, "err2", err2)
+				log.Crit("Invalid peer id for denylist", "url", url, "err1", err1, "err2", err2)
 			}
 		}
 	}
 }

-// removeBlackPeers removes bootstrap nodes which is in peers blacklist
-func removeBlackPeers(cfg *p2p.Config) {
-	if len(cfg.BlackPeers) == 0 {
+// removeDenylistedPeers removes bootstrap nodes which is in peers denylist
+func removeDenylistedPeers(cfg *p2p.Config) {
+	if len(cfg.DenyPeers) == 0 {
 		return
 	}

 	filteredNodes := make([]*discover.Node, 0, len(cfg.BootstrapNodes))
 	for _, node := range cfg.BootstrapNodes {
-		if _, ok := cfg.BlackPeers[node.ID]; ok {
-			log.Info("Remove black peer", "enode", node, "id", node.ID)
+		if _, ok := cfg.DenyPeers[node.ID]; ok {
+			log.Info("Remove denylisted peer", "enode", node, "id", node.ID)
 			continue
 		}
 		filteredNodes = append(filteredNodes, node)
@ -1280,8 +1280,8 @@ func SetP2PConfig(ctx *cli.Context, cfg *p2p.Config) {
 	setNAT(ctx, cfg)
 	setListenAddress(ctx, cfg)
 	setBootstrapNodes(ctx, cfg)
-	setWhiteBlackListPeers(ctx, cfg)
-	removeBlackPeers(cfg)
+	setAllowlistAndDenylistForPeers(ctx, cfg)
+	removeDenylistedPeers(cfg)
 	// setBootstrapNodesV5(ctx, cfg)

 	if ctx.IsSet(MaxPeersFlag.Name) {
--- a/common/constants.all.go
+++ b/common/constants.all.go
@ -38,9 +38,9 @@ var (
 )

 type constant struct {
-	chainID           uint64
-	blackListHFNumber uint64
-	maxMasternodesV2  int // Last v1 masternodes
+	chainID          uint64
+	denylistHFNumber uint64
+	maxMasternodesV2 int // Last v1 masternodes

 	tip2019Block           *big.Int
 	tipSigning             *big.Int
@ -75,13 +75,13 @@ type constant struct {

 	ignoreSignerCheckBlockArray map[uint64]struct{}

-	blacklist map[Address]struct{}
+	denylist map[Address]struct{}
 }

 // variables for specific networks, copy values from mainnet constant to pass tests
 var (
-	BlackListHFNumber = MainnetConstant.blackListHFNumber
-	MaxMasternodesV2  = MainnetConstant.maxMasternodesV2 // Last v1 masternodes
+	DenylistHFNumber = MainnetConstant.denylistHFNumber
+	MaxMasternodesV2 = MainnetConstant.maxMasternodesV2 // Last v1 masternodes

 	TIP2019Block           = MainnetConstant.tip2019Block
 	TIPSigning             = MainnetConstant.tipSigning
@ -114,7 +114,7 @@ var (
 	LendingRegistrationSMC = MainnetConstant.lendingRegistrationSMC

 	ignoreSignerCheckBlockArray = MainnetConstant.ignoreSignerCheckBlockArray
-	blacklist                   = MainnetConstant.blacklist
+	denylist                    = MainnetConstant.denylist
 )

 func IsIgnoreSignerCheckBlock(blockNumber uint64) bool {
@ -122,11 +122,11 @@ func IsIgnoreSignerCheckBlock(blockNumber uint64) bool {
 	return ok
 }

-func IsInBlacklist(address *Address) bool {
+func IsInDenylist(address *Address) bool {
 	if address == nil {
 		return false
 	}
-	_, ok := blacklist[*address]
+	_, ok := denylist[*address]
 	return ok
 }

@ -147,7 +147,7 @@ func CopyConstants(chainID uint64) {
 	}

 	MaxMasternodesV2 = c.maxMasternodesV2
-	BlackListHFNumber = c.blackListHFNumber
+	DenylistHFNumber = c.denylistHFNumber
 	TIP2019Block = c.tip2019Block
 	TIPSigning = c.tipSigning
 	TIPRandomize = c.tipRandomize
@ -181,6 +181,6 @@ func CopyConstants(chainID uint64) {
 	clear(ignoreSignerCheckBlockArray)
 	maps.Copy(ignoreSignerCheckBlockArray, c.ignoreSignerCheckBlockArray)

-	clear(blacklist)
-	maps.Copy(blacklist, c.blacklist)
+	clear(denylist)
+	maps.Copy(denylist, c.denylist)
 }
--- a/common/constants.devnet.go
+++ b/common/constants.devnet.go
@ -6,9 +6,9 @@ import (
 )

 var DevnetConstant = constant{
-	chainID:           551,
-	blackListHFNumber: 0,
-	maxMasternodesV2:  108,
+	chainID:          551,
+	denylistHFNumber: 0,
+	maxMasternodesV2: 108,

 	tip2019Block:           big.NewInt(0),
 	tipSigning:             big.NewInt(0),
@ -48,7 +48,7 @@ var DevnetConstant = constant{
 		28270800: {},
 	},

-	blacklist: map[Address]struct{}{
+	denylist: map[Address]struct{}{
 		HexToAddress("0x5248bfb72fd4f234e062d3e9bb76f08643004fcd"): {},
 		HexToAddress("0x5ac26105b35ea8935be382863a70281ec7a985e9"): {},
 		HexToAddress("0x09c4f991a41e7ca0645d7dfbfee160b55e562ea4"): {},
--- a/common/constants.local.go
+++ b/common/constants.local.go
@ -6,9 +6,9 @@ import (
 )

 var localConstant = constant{
-	chainID:           5151,
-	maxMasternodesV2:  108,
-	blackListHFNumber: 0,
+	chainID:          5151,
+	maxMasternodesV2: 108,
+	denylistHFNumber: 0,

 	tip2019Block:           big.NewInt(0),
 	tipSigning:             big.NewInt(0),
@ -43,5 +43,5 @@ var localConstant = constant{

 	ignoreSignerCheckBlockArray: map[uint64]struct{}{},

-	blacklist: map[Address]struct{}{},
+	denylist: map[Address]struct{}{},
 }
--- a/common/constants.mainnet.go
+++ b/common/constants.mainnet.go
@ -6,9 +6,9 @@ import (
 )

 var MainnetConstant = constant{
-	chainID:           50,
-	blackListHFNumber: 38383838,
-	maxMasternodesV2:  108,
+	chainID:          50,
+	denylistHFNumber: 38383838,
+	maxMasternodesV2: 108,

 	tip2019Block:           big.NewInt(1),
 	tipSigning:             big.NewInt(3000000),
@ -48,7 +48,7 @@ var MainnetConstant = constant{
 		28270800: {},
 	},

-	blacklist: map[Address]struct{}{
+	denylist: map[Address]struct{}{
 		HexToAddress("0x5248bfb72fd4f234e062d3e9bb76f08643004fcd"): {},
 		HexToAddress("0x5ac26105b35ea8935be382863a70281ec7a985e9"): {},
 		HexToAddress("0x09c4f991a41e7ca0645d7dfbfee160b55e562ea4"): {},
--- a/common/constants.testnet.go
+++ b/common/constants.testnet.go
@ -6,9 +6,9 @@ import (
 )

 var TestnetConstant = constant{
-	chainID:           51,
-	blackListHFNumber: 23779191,
-	maxMasternodesV2:  15,
+	chainID:          51,
+	denylistHFNumber: 23779191,
+	maxMasternodesV2: 15,

 	tip2019Block:           big.NewInt(1),
 	tipSigning:             big.NewInt(3000000),
@ -48,7 +48,7 @@ var TestnetConstant = constant{
 		28270800: {},
 	},

-	blacklist: map[Address]struct{}{
+	denylist: map[Address]struct{}{
 		HexToAddress("0x5248bfb72fd4f234e062d3e9bb76f08643004fcd"): {},
 		HexToAddress("0x5ac26105b35ea8935be382863a70281ec7a985e9"): {},
 		HexToAddress("0x09c4f991a41e7ca0645d7dfbfee160b55e562ea4"): {},
--- a/core/blockchain.go
+++ b/core/blockchain.go
@ -1581,8 +1581,8 @@ func (bc *BlockChain) insertChain(chain types.Blocks, verifySeals bool) (int, []
 		}
 		// If the header is a banned one, straight out abort
 		if BadHashes[block.Hash()] {
-			bc.reportBlock(block, nil, ErrBlacklistedHash)
-			return it.index, events, coalescedLogs, ErrBlacklistedHash
+			bc.reportBlock(block, nil, ErrDenylistedHash)
+			return it.index, events, coalescedLogs, ErrDenylistedHash
 		}
 		// Retrieve the parent block and it's state to execute on top
 		start := time.Now()
@ -1942,12 +1942,12 @@ func (bc *BlockChain) getResultBlock(block *types.Block, verifiedM2 bool) (*Resu
 	// If the chain is terminating, stop processing blocks
 	if bc.insertStopped() {
 		log.Debug("Premature abort during blocks processing")
-		return nil, ErrBlacklistedHash
+		return nil, errInsertionInterrupted
 	}
 	// If the header is a banned one, straight out abort
 	if BadHashes[block.Hash()] {
-		bc.reportBlock(block, nil, ErrBlacklistedHash)
-		return nil, ErrBlacklistedHash
+		bc.reportBlock(block, nil, ErrDenylistedHash)
+		return nil, ErrDenylistedHash
 	}
 	// Wait for the block's verification to complete
 	bstart := time.Now()
--- a/core/blockchain_test.go
+++ b/core/blockchain_test.go
@ -475,8 +475,8 @@ func testBadHashes(t *testing.T, full bool) {

 		_, err = blockchain.InsertHeaderChain(headers, 1)
 	}
-	if !errors.Is(err, ErrBlacklistedHash) {
-		t.Errorf("error mismatch: have: %v, want: %v", err, ErrBlacklistedHash)
+	if !errors.Is(err, ErrDenylistedHash) {
+		t.Errorf("error mismatch: have: %v, want: %v", err, ErrDenylistedHash)
 	}
 }

--- a/core/error.go
+++ b/core/error.go
@ -26,8 +26,8 @@ var (
 	// ErrKnownBlock is returned when a block to import is already known locally.
 	ErrKnownBlock = errors.New("block already known")

-	// ErrBlacklistedHash is returned if a block to import is on the blacklist.
-	ErrBlacklistedHash = errors.New("blacklisted hash")
+	// ErrDenylistedHash is returned if a block to import is on the denylist.
+	ErrDenylistedHash = errors.New("denylisted hash")

 	// ErrNoGenesis is returned when there is no Genesis Block.
 	ErrNoGenesis = errors.New("genesis not found in chain")
@ -38,7 +38,7 @@ var (
 // error should be returned which is defined here.
 //
 // - If the pre-checking happens in the miner, then the transaction won't be packed.
-// - If the pre-checking happens in the block processing procedure, then a "BAD BLOCk"
+// - If the pre-checking happens in the block processing procedure, then a "BAD BLOCK"
 // error should be emitted.
 var (
 	// ErrNonceTooLow is returned if the nonce of a transaction is lower than the
--- a/core/headerchain.go
+++ b/core/headerchain.go
@ -258,7 +258,7 @@ func (hc *HeaderChain) ValidateHeaderChain(chain []*types.Header, checkFreq int)
 		}
 		// If the header is a banned one, straight out abort
 		if BadHashes[header.Hash()] {
-			return i, ErrBlacklistedHash
+			return i, ErrDenylistedHash
 		}
 		// Otherwise wait for headers checks and ensure they pass
 		if err := <-results; err != nil {
--- a/core/state_processor.go
+++ b/core/state_processor.go
@ -102,15 +102,15 @@ func (p *StateProcessor) Process(block *types.Block, statedb *state.StateDB, tra

 	// Iterate over and process the individual transactions
 	for i, tx := range block.Transactions() {
-		// check black-list txs after hf
-		if block.Number().Uint64() >= common.BlackListHFNumber {
-			// check if sender is in black list
-			if common.IsInBlacklist(tx.From()) {
-				return nil, nil, 0, fmt.Errorf("block contains transaction with sender in black-list: %v", tx.From().Hex())
+		// check denylist txs after hf
+		if block.Number().Uint64() >= common.DenylistHFNumber {
+			// check if sender is in denylist
+			if common.IsInDenylist(tx.From()) {
+				return nil, nil, 0, fmt.Errorf("block contains transaction with sender in denylist: %v", tx.From().Hex())
 			}
-			// check if receiver is in black list
-			if common.IsInBlacklist(tx.To()) {
-				return nil, nil, 0, fmt.Errorf("block contains transaction with receiver in black-list: %v", tx.To().Hex())
+			// check if receiver is in denylist
+			if common.IsInDenylist(tx.To()) {
+				return nil, nil, 0, fmt.Errorf("block contains transaction with receiver in denylist: %v", tx.To().Hex())
 			}
 		}
 		// validate minFee slot for XDCZ
@ -206,15 +206,15 @@ func (p *StateProcessor) ProcessBlockNoValidator(cBlock *CalculatedBlock, stated
 	// Iterate over and process the individual transactions
 	receipts = make([]*types.Receipt, block.Transactions().Len())
 	for i, tx := range block.Transactions() {
-		// check black-list txs after hf
-		if block.Number().Uint64() >= common.BlackListHFNumber {
-			// check if sender is in black list
-			if common.IsInBlacklist(tx.From()) {
-				return nil, nil, 0, fmt.Errorf("block contains transaction with sender in black-list: %v", tx.From().Hex())
+		// check denylist txs after hf
+		if block.Number().Uint64() >= common.DenylistHFNumber {
+			// check if sender is in denylist
+			if common.IsInDenylist(tx.From()) {
+				return nil, nil, 0, fmt.Errorf("block contains transaction with sender in denylist: %v", tx.From().Hex())
 			}
-			// check if receiver is in black list
-			if common.IsInBlacklist(tx.To()) {
-				return nil, nil, 0, fmt.Errorf("block contains transaction with receiver in black-list: %v", tx.To().Hex())
+			// check if receiver is in denylist
+			if common.IsInDenylist(tx.To()) {
+				return nil, nil, 0, fmt.Errorf("block contains transaction with receiver in denylist: %v", tx.To().Hex())
 			}
 		}
 		// validate minFee slot for XDCZ
@ -306,7 +306,7 @@ func ApplyTransactionWithEVM(msg *Message, config *params.ChainConfig, gp *GasPo
 	txContext := NewEVMTxContext(msg)
 	evm.Reset(txContext, tracingStateDB)

-	// Bypass blacklist address
+	// Bypass denylist address
 	maxBlockNumber := new(big.Int).SetInt64(9147459)
 	if blockNumber.Cmp(maxBlockNumber) <= 0 {
 		addrMap := make(map[string]string)
@ -448,7 +448,7 @@ func ApplyTransactionWithEVM(msg *Message, config *params.ChainConfig, gp *GasPo
 			}
 		}
 	}
-	// End Bypass blacklist address
+	// End Bypass denylist address

 	// Apply the transaction to the current state (included in the env)
 	result, err := ApplyMessage(evm, msg, gp, coinbaseOwner)
--- a/core/txpool/legacypool/lending_pool.go
+++ b/core/txpool/legacypool/lending_pool.go
@ -622,9 +622,9 @@ func (pool *LendingPool) validateLending(tx *types.LendingTransaction) error {
 // validateTx checks whether a transaction is valid according to the consensus
 // rules and adheres to some heuristic limits of the local node (price and size).
 func (pool *LendingPool) validateTx(tx *types.LendingTransaction, local bool) error {
-	// check if sender is in black list
-	if common.IsInBlacklist(tx.From()) {
-		return fmt.Errorf("reject transaction with sender in black-list: %v", tx.From().Hex())
+	// check if sender is in denylist
+	if common.IsInDenylist(tx.From()) {
+		return fmt.Errorf("reject transaction with sender in denylist: %v", tx.From().Hex())
 	}
 	// Heuristic limit, reject transactions over 32KB to prevent DOS attacks
 	if tx.Size() > 32*1024 {
@ -657,7 +657,7 @@ func (pool *LendingPool) validateTx(tx *types.LendingTransaction, local bool) er
 // so outer code doesn't uselessly call promote.
 //
 // If a newly added transaction is marked as local, its sending account will be
-// whitelisted, preventing any associated transaction from being dropped out of
+// allowlisted, preventing any associated transaction from being dropped out of
 // the pool due to pricing constraints.
 func (pool *LendingPool) add(tx *types.LendingTransaction, local bool) (bool, error) {
 	// If the transaction is already known, discard it
--- a/core/txpool/legacypool/order_pool.go
+++ b/core/txpool/legacypool/order_pool.go
@ -524,9 +524,9 @@ func (pool *OrderPool) validateOrder(tx *types.OrderTransaction) error {
 // validateTx checks whether a transaction is valid according to the consensus
 // rules and adheres to some heuristic limits of the local node (price and size).
 func (pool *OrderPool) validateTx(tx *types.OrderTransaction, local bool) error {
-	// check if sender is in black list
-	if common.IsInBlacklist(tx.From()) {
-		return fmt.Errorf("reject transaction with sender in black-list: %v", tx.From().Hex())
+	// check if sender is in denylist
+	if common.IsInDenylist(tx.From()) {
+		return fmt.Errorf("reject transaction with sender in denylist: %v", tx.From().Hex())
 	}
 	// Heuristic limit, reject transactions over 32KB to prevent DOS attacks
 	if tx.Size() > 32*1024 {
@ -559,7 +559,7 @@ func (pool *OrderPool) validateTx(tx *types.OrderTransaction, local bool) error
 // so outer code doesn't uselessly call promote.
 //
 // If a newly added transaction is marked as local, its sending account will be
-// whitelisted, preventing any associated transaction from being dropped out of
+// allowlisted, preventing any associated transaction from being dropped out of
 // the pool due to pricing constraints.
 func (pool *OrderPool) add(tx *types.OrderTransaction, local bool) (bool, error) {
 	// If the transaction is already known, discard it
--- a/core/txpool/validation.go
+++ b/core/txpool/validation.go
@ -243,15 +243,15 @@ func ValidateTransactionWithState(tx *types.Transaction, signer types.Signer, op
 		}
 	}

-	// Ensure sender and receiver are not in black list
-	if number == nil || number.Cmp(new(big.Int).SetUint64(common.BlackListHFNumber)) >= 0 {
-		// check if sender is in black list
-		if common.IsInBlacklist(tx.From()) {
-			return fmt.Errorf("reject transaction with sender in black-list: %v", tx.From().Hex())
+	// Ensure sender and receiver are not in denylist
+	if number == nil || number.Cmp(new(big.Int).SetUint64(common.DenylistHFNumber)) >= 0 {
+		// check if sender is in denylist
+		if common.IsInDenylist(tx.From()) {
+			return fmt.Errorf("reject transaction with sender in denylist: %v", tx.From().Hex())
 		}
-		// check if receiver is in black list
-		if common.IsInBlacklist(to) {
-			return fmt.Errorf("reject transaction with receiver in black-list: %v", to.Hex())
+		// check if receiver is in denylist
+		if common.IsInDenylist(to) {
+			return fmt.Errorf("reject transaction with receiver in denylist: %v", to.Hex())
 		}
 	}

--- a/miner/worker.go
+++ b/miner/worker.go
@ -978,16 +978,16 @@ func (w *Work) commitTransactions(mux *event.TypeMux, balanceFee map[common.Addr
 	// first priority for special Txs
 	for _, tx := range specialTxs {
 		to := tx.To()
-		if w.header.Number.Uint64() >= common.BlackListHFNumber {
+		if w.header.Number.Uint64() >= common.DenylistHFNumber {
 			from := tx.From()
-			// check if sender is in black list
-			if common.IsInBlacklist(from) {
-				log.Debug("Skipping transaction with sender in black-list", "sender", from.Hex())
+			// check if sender is in denylist
+			if common.IsInDenylist(from) {
+				log.Debug("Skipping transaction with sender in denylist", "sender", from.Hex())
 				continue
 			}
-			// check if receiver is in black list
-			if common.IsInBlacklist(to) {
-				log.Debug("Skipping transaction with receiver in black-list", "receiver", to.Hex())
+			// check if receiver is in denylist
+			if common.IsInDenylist(to) {
+				log.Debug("Skipping transaction with receiver in denylist", "receiver", to.Hex())
 				continue
 			}
 		}
@ -1091,17 +1091,17 @@ func (w *Work) commitTransactions(mux *event.TypeMux, balanceFee map[common.Addr
 		}
 		tx := warped.Tx
 		to := tx.To()
-		if w.header.Number.Uint64() >= common.BlackListHFNumber {
+		if w.header.Number.Uint64() >= common.DenylistHFNumber {
 			from := tx.From()
-			// check if sender is in black list
-			if common.IsInBlacklist(from) {
-				log.Debug("Skipping transaction with sender in black-list", "sender", from.Hex())
+			// check if sender is in denylist
+			if common.IsInDenylist(from) {
+				log.Debug("Skipping transaction with sender in denylist", "sender", from.Hex())
 				txs.Pop()
 				continue
 			}
-			// check if receiver is in black list
-			if common.IsInBlacklist(to) {
-				log.Debug("Skipping transaction with receiver in black-list", "receiver", to.Hex())
+			// check if receiver is in denylist
+			if common.IsInDenylist(to) {
+				log.Debug("Skipping transaction with receiver in denylist", "receiver", to.Hex())
 				txs.Shift()
 				continue
 			}
--- a/node/api.go
+++ b/node/api.go
@ -65,14 +65,14 @@ func (api *adminAPI) AddPeer(url string) (bool, error) {
 	if err != nil {
 		return false, fmt.Errorf("invalid enode: %v", err)
 	}
-	// only accept the node which is in peer whitelist if the list is not empty
-	if len(server.WhitePeers) > 0 {
-		if _, ok := server.WhitePeers[node.ID]; !ok {
-			return false, fmt.Errorf("peer is not in whitelist: %v, ID: %s", url, node.ID)
+	// only accept the node which is in peer allowlist if the list is not empty
+	if len(server.AllowPeers) > 0 {
+		if _, ok := server.AllowPeers[node.ID]; !ok {
+			return false, fmt.Errorf("peer is not in allowlist: %v, ID: %s", url, node.ID)
 		}
 	}
 	// reject the node which is in peer blacklist
-	if _, ok := server.BlackPeers[node.ID]; ok {
+	if _, ok := server.DenyPeers[node.ID]; ok {
 		return false, fmt.Errorf("peer is in blacklist: %v, ID: %s", url, node.ID)
 	}
 	server.AddPeer(node)
@ -106,14 +106,14 @@ func (api *adminAPI) AddTrustedPeer(url string) (bool, error) {
 	if err != nil {
 		return false, fmt.Errorf("invalid enode: %v", err)
 	}
-	// only accept the node which is in peer whitelist if the list is not empty
-	if len(server.WhitePeers) > 0 {
-		if _, ok := server.WhitePeers[node.ID]; !ok {
-			return false, fmt.Errorf("trusted peer is not in whitelist: %v, ID: %s", url, node.ID)
+	// only accept the node which is in peer allowlist if the list is not empty
+	if len(server.AllowPeers) > 0 {
+		if _, ok := server.AllowPeers[node.ID]; !ok {
+			return false, fmt.Errorf("trusted peer is not in allowlist: %v, ID: %s", url, node.ID)
 		}
 	}
 	// reject the node which is in peer blacklist
-	if _, ok := server.BlackPeers[node.ID]; ok {
+	if _, ok := server.DenyPeers[node.ID]; ok {
 		return false, fmt.Errorf("trusted peer is in blacklist: %v, ID: %s", url, node.ID)
 	}
 	server.AddTrustedPeer(node)
--- a/node/rpcstack.go
+++ b/node/rpcstack.go
@ -307,7 +307,7 @@ func (h *httpServer) enableRPC(apis []rpc.API, config httpConfig) error {
 	if config.httpBodyLimit > 0 {
 		srv.SetHTTPBodyLimit(config.httpBodyLimit)
 	}
-	if err := RegisterApisFromWhitelist(apis, config.Modules, srv); err != nil {
+	if err := RegisterApis(apis, config.Modules, srv); err != nil {
 		return err
 	}
 	h.httpConfig = config
@ -344,7 +344,7 @@ func (h *httpServer) enableWS(apis []rpc.API, config wsConfig) error {
 	if config.httpBodyLimit > 0 {
 		srv.SetHTTPBodyLimit(config.httpBodyLimit)
 	}
-	if err := RegisterApisFromWhitelist(apis, config.Modules, srv); err != nil {
+	if err := RegisterApis(apis, config.Modules, srv); err != nil {
 		return err
 	}
 	h.wsConfig = config
@ -630,20 +630,20 @@ func (is *ipcServer) stop() error {
 	return err
 }

-// RegisterApisFromWhitelist checks the given modules' availability, generates a whitelist based on the allowed modules,
+// RegisterApis checks the given modules' availability, generates an allowlist based on the allowed modules,
 // and then registers all of the APIs exposed by the services.
-func RegisterApisFromWhitelist(apis []rpc.API, modules []string, srv *rpc.Server) error {
+func RegisterApis(apis []rpc.API, modules []string, srv *rpc.Server) error {
 	if bad, available := checkModuleAvailability(modules, apis); len(bad) > 0 {
 		log.Error("Unavailable modules in HTTP API list", "unavailable", bad, "available", available)
 	}
-	// Generate the whitelist based on the allowed modules
-	whitelist := make(map[string]bool)
+	// Generate the allowlist based on the allowed modules
+	allowlist := make(map[string]bool)
 	for _, module := range modules {
-		whitelist[module] = true
+		allowlist[module] = true
 	}
 	// Register all the APIs exposed by the services
 	for _, api := range apis {
-		if whitelist[api.Namespace] || len(whitelist) == 0 {
+		if allowlist[api.Namespace] || len(allowlist) == 0 {
 			if err := srv.RegisterName(api.Namespace, api.Service); err != nil {
 				return err
 			}
--- a/p2p/dial.go
+++ b/p2p/dial.go
@ -195,7 +195,7 @@ func (s *dialstate) newTasks(nRunning int, peers map[discover.NodeID]*Peer, now
 	for id, t := range s.static {
 		err := s.checkDial(t.dest, peers)
 		switch err {
-		case errNotWhitelisted, errSelf:
+		case errNotAllowlisted, errSelf:
 			log.Warn("Removing static dial candidate", "id", t.dest.ID, "addr", &net.TCPAddr{IP: t.dest.IP, Port: int(t.dest.TCP)}, "err", err)
 			delete(s.static, t.dest.ID)
 		case nil:
@ -257,7 +257,7 @@ var (
 	errAlreadyDialing   = errors.New("already dialing")
 	errAlreadyConnected = errors.New("already connected")
 	errRecentlyDialed   = errors.New("recently dialed")
-	errNotWhitelisted   = errors.New("not contained in netrestrict whitelist")
+	errNotAllowlisted   = errors.New("not contained in netrestrict allowlist")
 )

 func (s *dialstate) checkDial(n *discover.Node, peers map[discover.NodeID]*Peer) error {
@ -273,7 +273,7 @@ func (s *dialstate) checkDial(n *discover.Node, peers map[discover.NodeID]*Peer)
 	case s.ntab != nil && n.ID == s.ntab.Self().ID:
 		return errSelf
 	case s.netrestrict != nil && !s.netrestrict.Contains(n.IP):
-		return errNotWhitelisted
+		return errNotAllowlisted
 	case s.hist.contains(n.ID):
 		return errRecentlyDialed
 	}
--- a/p2p/discover/udp.go
+++ b/p2p/discover/udp.go
@ -134,7 +134,7 @@ func (t *udp) nodeFromRPC(sender *net.UDPAddr, rn rpcNode) (*Node, error) {
 		return nil, err
 	}
 	if t.netrestrict != nil && !t.netrestrict.Contains(rn.IP) {
-		return nil, errors.New("not contained in netrestrict whitelist")
+		return nil, errors.New("not contained in netrestrict allowlist")
 	}
 	n := NewNode(rn.ID, rn.IP, rn.UDP, rn.TCP)
 	err := n.validateComplete()
@ -224,7 +224,7 @@ type Config struct {
 	// These settings are optional:
 	AnnounceAddr *net.UDPAddr      // local address announced in the DHT
 	NodeDBPath   string            // if set, the node database is stored at this filesystem location
-	NetRestrict  *netutil.Netlist  // network whitelist
+	NetRestrict  *netutil.Netlist  // network allowlist
 	Bootnodes    []*Node           // list of bootstrap nodes
 	Unhandled    chan<- ReadPacket // unhandled packets are sent on this channel

--- a/p2p/discv5/net.go
+++ b/p2p/discv5/net.go
@ -734,7 +734,7 @@ func (net *Network) internNodeFromNeighbours(sender *net.UDPAddr, rn rpcNode) (n
 		// We haven't seen this node before.
 		n, err = nodeFromRPC(sender, rn)
 		if net.netrestrict != nil && !net.netrestrict.Contains(n.IP) {
-			return n, errors.New("not contained in netrestrict whitelist")
+			return n, errors.New("not contained in netrestrict allowlist")
 		}
 		if err == nil {
 			n.state = unknown
--- a/p2p/peer_error.go
+++ b/p2p/peer_error.go
@ -72,8 +72,8 @@ const (
 	DiscSelf
 	DiscReadTimeout
 	DiscPairPeerStop
-	DiscNonWhitelistedPeer
-	DiscBlacklistedPeer
+	DiscNonAllowlistedPeer
+	DiscDenylistedPeer
 	DiscSubprotocolError = DiscReason(0x10)
 )

@ -91,8 +91,8 @@ var discReasonToString = [...]string{
 	DiscSelf:                "connected to self",
 	DiscReadTimeout:         "read timeout",
 	DiscPairPeerStop:        "pair peer connection stop",
-	DiscNonWhitelistedPeer:  "disconnect non-whitelisted peer",
-	DiscBlacklistedPeer:     "disconnect blacklisted peer",
+	DiscNonAllowlistedPeer:  "disconnect non-allowlisted peer",
+	DiscDenylistedPeer:      "disconnect denylisted peer",
 	DiscSubprotocolError:    "subprotocol error",
 }

--- a/p2p/server.go
+++ b/p2p/server.go
@ -89,10 +89,11 @@ type Config struct {
 	// Name sets the node name of this server.
 	Name string `toml:"-"`

-	// Whitelist for peers
-	WhitePeers map[discover.NodeID]struct{}
-	// Blacklist for peers.
-	BlackPeers map[discover.NodeID]struct{}
+	// Allowlist for peers
+	AllowPeers map[discover.NodeID]struct{}
+
+	// Denylist for peers.
+	DenyPeers map[discover.NodeID]struct{}

 	// BootstrapNodes are used to establish connectivity
 	// with the rest of the network.
@ -323,8 +324,8 @@ func (srv *Server) RemovePeer(node *discover.Node) {
 	}
 }

-// AddTrustedPeer adds the given node to a reserved whitelist which allows the
-// node to always connect, even if the slot are full.
+// AddTrustedPeer adds the given node to a reserved allowlist which allows the
+// node to always connect, even if the slots are full.
 func (srv *Server) AddTrustedPeer(node *discover.Node) {
 	select {
 	case srv.addtrusted <- node:
@ -847,7 +848,7 @@ func (srv *Server) listenLoop() {
 		// Reject connections that do not match NetRestrict.
 		if srv.NetRestrict != nil {
 			if tcp, ok := fd.RemoteAddr().(*net.TCPAddr); ok && !srv.NetRestrict.Contains(tcp.IP) {
-				srv.log.Debug("Rejected conn (not whitelisted in NetRestrict)", "addr", fd.RemoteAddr())
+				srv.log.Debug("Rejected conn (not allowlisted in NetRestrict)", "addr", fd.RemoteAddr())
 				fd.Close()
 				slots <- struct{}{}
 				continue
@ -899,15 +900,15 @@ func (srv *Server) setupConn(c *conn, flags connFlag, dialDest *discover.Node) e
 		return err
 	}
 	clog := srv.log.New("id", c.id.String(), "addr", c.fd.RemoteAddr(), "conn", c.flags)
-	if len(srv.WhitePeers) > 0 {
-		if _, ok := srv.WhitePeers[c.id]; !ok {
-			clog.Debug("Reject non-whitelisted peer")
-			return DiscNonWhitelistedPeer
+	if len(srv.AllowPeers) > 0 {
+		if _, ok := srv.AllowPeers[c.id]; !ok {
+			clog.Debug("Reject non-allowlisted peer")
+			return DiscNonAllowlistedPeer
 		}
 	}
-	if _, ok := srv.BlackPeers[c.id]; ok {
+	if _, ok := srv.DenyPeers[c.id]; ok {
 		clog.Debug("Reject blacklisted peer")
-		return DiscBlacklistedPeer
+		return DiscDenylistedPeer
 	}
 	// For dialed connections, check that the remote public key matches.
 	if dialDest != nil && c.id != dialDest.ID {
--- a/params/config.go
+++ b/params/config.go
@ -950,7 +950,7 @@ func (c *ChainConfig) Description() string {
 	banner += fmt.Sprintf("  - TIPSigning:                  %-8v\n", common.TIPSigning)
 	banner += fmt.Sprintf("  - TIPRandomize:                %-8v\n", common.TIPRandomize)
 	banner += fmt.Sprintf("  - TIPIncreaseMasternodes:      %-8v\n", common.TIPIncreaseMasternodes)
-	banner += fmt.Sprintf("  - BlackListHFNumber:           %-8v\n", common.BlackListHFNumber)
+	banner += fmt.Sprintf("  - DenylistHFNumber:            %-8v\n", common.DenylistHFNumber)
 	banner += fmt.Sprintf("  - TIPNoHalvingMNReward:        %-8v\n", common.TIPNoHalvingMNReward)
 	banner += fmt.Sprintf("  - TIPXDCX:                     %-8v\n", common.TIPXDCX)
 	banner += fmt.Sprintf("  - TIPXDCXLending:              %-8v\n", common.TIPXDCXLending)
--- a/rpc/websocket.go
+++ b/rpc/websocket.go
@ -97,7 +97,7 @@ func wsHandshakeValidator(allowedOrigins []string) func(*http.Request) bool {
 		if _, ok := req.Header["Origin"]; !ok {
 			return true
 		}
-		// Verify origin against allow list.
+		// Verify origin against allowlist.
 		origin := strings.ToLower(req.Header.Get("Origin"))
 		if allowAllOrigins || originIsAllowed(origins, origin) {
 			return true