Set Policies
Policies automate the process of approvals for allowing transactions, blocking transactions, or sending transactions.
Policies provide organizations with essential protection by enabling the organization to specify who is allowed to move funds, perform transactions, set amount limitations, and more.
For example, an organization may want to automatically block a transaction that exceeds a specific amount. Likewise, the same organization may wish to review transactions according to their origin, or block specific users from making transactions.
Learn more by studying these sample policies.
Workflow for policy rule creation
The workflow for creating a new policy rule is as follows:
- A draft of the new policy rules is created in the Fordefi web console.
- The draft of the new policy rules is submitted to the Admin Quorum for their approval.
- The Admin Quorum are notified on their mobile devices about the draft of the new policy rules.
- When the required number of admins approve the draft, the new policy rules are created and added to the system.
Note
- For security reasons, only admins are permitted to create or discard policy rules.
- Only one draft of policy rules is permitted at any time.
Policy rules and conditions
A policy rule is made up of conditions. When all the conditions are met, the policy rule is applied to the transaction.
Example
Assume a condition within a policy rule declares that any transactions over $1000 are blocked. If an attempt is made to make a transaction exceeding $1000, the system establishes that the condition is met, the policy rule is applied, and the transaction is blocked.
When you create a rule, the following conditions on a transaction can be added:
| Condition | Outcome |
|---|---|
| User | The user initiating the transaction. |
| Origin | The vault the transaction is sent from. |
| Transaction type | Can be a transfer, a contract call, an allowance (that is, a token approval), a message signature, or a black-box signature. |
| Recipient | For transfers, this is the recipient of the transfer. For allowances, this is the address that receives the token allowance (that is, the spender). For contract calls, this is the destination address of the contract call. You can specify the recipient as an address, a name in the Address Book, a vault, or the name of a DApp from the given list. |
| Token | The token or tokens that the transaction is sending. For a rule to match a transaction, each of the outgoing (that is, sent) tokens in the transaction must appear in the list of tokens in the rule. For example, when swapping MATIC for USDC (that is, send 1 MATIC, get back 1.5 USDC), a rule that specifies MATIC would match the transaction, whereas a rule that specifies USDC would not. |
| Max amount | The amount of funds that the transaction is sending. When the rule lists only one token, you can denominate the amount in either units of the token or in fiat (USD). If the rule lists multiple tokens, you can only specify the amount in fiat (USD). |
Actions
After you set up a rule's conditions, specify the action that should be taken if all the conditions of the rule are fulfilled.
There are three action options:
- Approve a transaction.
- Block a transaction.
- Require a transaction be approved by the relevant admin before proceeding.
Note
If a policy has multiple rules, they are applied in the order in which they appear in the list of rules.
Updated 3 months ago