abstract val whitelist: ClassWhitelist
A whitelist that contains (mostly for security purposes) which classes are authorised to be deserialized. A secure implementation will not instantiate any object which is not either whitelisted or annotated with CordaSerializable when deserializing. To catch classes missing from the whitelist as early as possible it is HIGHLY recommended to also check this whitelist when serializing (as well as deserializing) objects.