Policy Management Guide
Last updated
Last updated
Creating strong policy rules is a vital step in maintaining control over your transaction outflows. Owner and admin can set the policies rules, such as whitelisting addresses to prevent unauthorized transactions and setting spending limits for both the entire wallet and individual transactions.
Only approvers are allowed to edit/change a wallet's policy. (both tiers & settings)
Our governance layer which we call "Transaction Policy", is defined per wallet, meaning each wallet can have its own custom policy settings.
The organization owner and his admins are the ones allowed to edit/change a wallet's policy settings.
Do note that every change in a wallet's policy setting will require the owner's approval via the mobile application.
You can view the list of wallets and their policies in the Policy tab.
Clicking on a wallet from the list will open the tiers tab first by default, you can then switch to the "Wallet Settings" tab.
Currently, there are two settings that can be changed within a wallet's policy:
Allowance to send funds exclusively to saved addresses that the user defines.
Allowance to perform off-ramp transfers from the wallet.
This policy setting is selected by default and allows you to send a wallet's funds to specific addresses that are saved (whitelisted) within the dedicated whitelist addresses list.
You can add/remove saved addresses directly through the wallet policy settings interface, as well as decide if you'd like to disable this setting (by toggling off the button).
This policy setting is also selected by default and defines wether the wallet's funds can be used for off ramp transfers or not.
Reminder - Each change made on the wallet settings / policy tiers will require the account's owner mobile approval.
Wallet policy tiers are essentially an advanced policy setting that can be enabled on a wallet to apply an additional layer of security to govern your wallets assets.
There are three fields you can set according to your liking in a policy tier:
Transaction amount range.
Dedicated transaction approvers.
Minimum amount of approvals. (Taken from the dedicated transaction approvers)
Note that changing a wallet's policy tiers can only be done by a signer or above. (applicable approver - Signer/Admin/Owner).
In addition, any change on the policy will require the account's owner mobile approval.
The default policy tier is essentially the default transaction policy set upon creation of an inabit wallet. There's a difference between the default policy tier of a standard inabit wallet and an API wallet.
Here's a table explaining the differences:
Regular Wallet
Owner is the sole approver for any tx amount, and transacted only to whitelisted addresses.
API Wallet
API Signer is the sole approver for any tx amount, and transacted only to whitelisted addresses.
Do note that the policy default tier cannot be removed, but can be changed. You can still decide on the approvers and the minimum required approvals of a policy rule.
Once a change request has been made, the wallet's policy status will be changed to Pending
.
Afterwards the account owner will receive a mobile request.
Anyone can still view the policy settings and tiers of a wallet's policy that's pending approval by visiting the policy page and clicking on the wallet for its policy details.
You will notice that when a wallet's in Pending
status, you will be able to review the changes that are waiting for an approval, as well as what's the current rule settings that are set, by switching through the toggle shown above.
The owner of the account can also view the changes and the current state of the wallet policy settings before approving on his/her mobile device:
If the owner rejected the changes, they will have the option to undo the rejection for a duration of 3 seconds after the rejection was made, on their mobile screen.
When a rejection was set, the rule changes back to Live
status and the old settings of the wallet are still applicable. When approved -> the new changes take place.
If you have any further questions regarding the wallet's policy (governance) feature, don't hesitate to contact us at: support@inabit.com.
You can dispose of a previous tier by clicking on the trash icon on the right hand side of the tier -