diff --git a/TODO.md b/TODO.md
index 9422d021..e9117cb2 100644
--- a/TODO.md
+++ b/TODO.md
@@ -99,10 +99,7 @@
 - [ ] right now we send too many getTransaction queries to the private rpc tier and i are being rate limited by some of them. change to be serial and weight by hard/soft limit.  
 - [ ] improved logging with useful instrumentation
 - [ ] Got warning: "WARN subscribe_new_heads:send_block: web3_proxy::connection: unable to get block from https://rpc.ethermine.org: Deserialization Error: expected value at line 1 column 1. Response: error code: 1015". this is cloudflare rate limiting on fetching a block, but this is a private rpc. why is there a block subscription?
-- [ ] basic transaction firewall
-  - this is part done, but we need to pick a database schema to check
 - [ ] cli for creating and editing api keys
-- [ ] cli for blocking malicious contracts with the firewall
 - [ ] Api keys need option to lock to IP, cors header, etc
 - [ ] Only subscribe to transactions when someone is listening and if the server has opted in to it
 - [ ] When sending eth_sendRawTransaction, retry errors
@@ -153,7 +150,6 @@ new endpoints for users:
   - look at average request time for getBlock? i'm not sure how good a proxy that will be for serving eth_call, but its a start
   - https://crates.io/crates/histogram-sampler
 - [ ] interval for http subscriptions should be based on block time. load from config is easy, but better to query. currently hard coded to 13 seconds
-- [ ] improve transaction firewall
 - [ ] handle user payments
 - [ ] Load testing script so we can find optimal cost servers 
 
diff --git a/migration/src/m20220101_000001_create_table.rs b/migration/src/m20220101_000001_create_table.rs
index 04e15ca2..2f488930 100644
--- a/migration/src/m20220101_000001_create_table.rs
+++ b/migration/src/m20220101_000001_create_table.rs
@@ -69,29 +69,6 @@ impl MigrationTrait for Migration {
             )
             .await?;
 
-        // block list for the transaction firewall
-        manager
-            .create_table(
-                Table::create()
-                    .table(BlockList::Table)
-                    .col(
-                        ColumnDef::new(BlockList::Id)
-                            .big_integer()
-                            .not_null()
-                            .auto_increment()
-                            .primary_key(),
-                    )
-                    .col(
-                        ColumnDef::new(BlockList::Address)
-                            .binary_len(20)
-                            .not_null()
-                            .unique_key(),
-                    )
-                    .col(ColumnDef::new(BlockList::Description).string())
-                    .to_owned(),
-            )
-            .await?;
-
         // api keys
         manager
             .create_table(
@@ -151,9 +128,6 @@ impl MigrationTrait for Migration {
         manager
             .drop_table(Table::drop().table(SecondaryUser::Table).to_owned())
             .await?;
-        manager
-            .drop_table(Table::drop().table(BlockList::Table).to_owned())
-            .await?;
         manager
             .drop_table(Table::drop().table(UserKeys::Table).to_owned())
             .await?;
@@ -190,15 +164,6 @@ enum SecondaryUser {
     Role,
 }
 
-// TODO: creation time?
-#[derive(Iden)]
-enum BlockList {
-    Table,
-    Id,
-    Address,
-    Description,
-}
-
 /*
 -- TODO: foreign keys
 -- TODO: index on api_key
diff --git a/web3_proxy/src/app.rs b/web3_proxy/src/app.rs
index 7153795b..41c72329 100644
--- a/web3_proxy/src/app.rs
+++ b/web3_proxy/src/app.rs
@@ -32,7 +32,6 @@ use tracing::{info, info_span, instrument, trace, warn, Instrument};
 use crate::bb8_helpers;
 use crate::config::AppConfig;
 use crate::connections::Web3Connections;
-use crate::firewall::check_firewall_raw;
 use crate::jsonrpc::JsonRpcForwardedResponse;
 use crate::jsonrpc::JsonRpcForwardedResponseEnum;
 use crate::jsonrpc::JsonRpcRequest;
@@ -887,27 +886,13 @@ impl Web3ProxyApp {
             }
             // TODO: eth_sendBundle (flashbots command)
             // broadcast transactions to all private rpcs at once
-            "eth_sendRawTransaction" => match &request.params {
-                Some(serde_json::Value::Array(params)) => {
-                    // parsing params like this is gross. make struct and use serde to do all these checks and error handling
-                    if params.len() != 1 || !params[0].is_string() {
-                        return Err(anyhow::anyhow!("invalid request"));
-                    }
-
-                    let raw_tx = Bytes::from_str(params[0].as_str().unwrap())?;
-
-                    if check_firewall_raw(&raw_tx).await? {
-                        return self
-                            .private_rpcs
-                            .try_send_all_upstream_servers(request, None)
-                            .instrument(span)
-                            .await;
-                    } else {
-                        return Err(anyhow::anyhow!("transaction blocked by firewall"));
-                    }
-                }
-                _ => return Err(anyhow::anyhow!("invalid request")),
-            },
+            "eth_sendRawTransaction" => {
+                return self
+                    .private_rpcs
+                    .try_send_all_upstream_servers(request, None)
+                    .instrument(span)
+                    .await;
+            }
             "eth_syncing" => {
                 // TODO: return a real response if all backends are syncing or if no servers in sync
                 json!(false)
diff --git a/web3_proxy/src/firewall.rs b/web3_proxy/src/firewall.rs
deleted file mode 100644
index f6584165..00000000
--- a/web3_proxy/src/firewall.rs
+++ /dev/null
@@ -1,68 +0,0 @@
-//! transaction firewall
-//!
-//! block any transactions interacting with known malicious contracts
-//!
-//! this could be fancy and fetch abis and actually look for dangerous addresses
-//! for now, it just checks a few commonly abused functions
-
-use ethers::prelude::{Bytes, Transaction};
-use ethers::utils::rlp;
-use std::str::FromStr;
-
-pub async fn check_firewall_raw(raw: &Bytes) -> anyhow::Result<bool> {
-    let tx = rlp::decode(raw.as_ref())?;
-
-    let is_allowed = check_firewall(tx).await;
-
-    Ok(is_allowed)
-}
-
-pub async fn check_firewall(tx: Transaction) -> bool {
-    match tx.to {
-        None => return true,
-        Some(to) => {
-            // TODO: check our database for known malicious addresses
-            if false {
-                return false;
-            }
-        }
-    }
-
-    // TODO: do this better
-    let approve_method = Bytes::from_str("0x9999999999").unwrap();
-    let transfer_method = Bytes::from_str("0xa9059cbb").unwrap();
-    let transfer_from_method = Bytes::from_str("0x9999999999").unwrap();
-    let transfer_ownership_method = Bytes::from_str("0x9999999999").unwrap();
-
-    match &tx.input.as_ref()[..4] {
-        x if x == approve_method.as_ref() => {
-            // TODO: decode the calldata
-            if false {
-                return false;
-            }
-            true
-        }
-        x if x == transfer_method.as_ref() => {
-            // TODO: decode the calldata
-            if false {
-                return false;
-            }
-            true
-        }
-        x if x == transfer_from_method.as_ref() => {
-            // TODO: decode the calldata
-            if false {
-                return false;
-            }
-            true
-        }
-        x if x == transfer_ownership_method.as_ref() => {
-            // TODO: decode the calldata
-            if false {
-                return false;
-            }
-            true
-        }
-        _ => true,
-    }
-}
diff --git a/web3_proxy/src/lib.rs b/web3_proxy/src/lib.rs
index 22318914..1e2b5eaf 100644
--- a/web3_proxy/src/lib.rs
+++ b/web3_proxy/src/lib.rs
@@ -3,7 +3,6 @@ pub mod bb8_helpers;
 pub mod config;
 pub mod connection;
 pub mod connections;
-pub mod firewall;
 pub mod frontend;
 pub mod jsonrpc;
 pub mod users;