Set Policies
The transaction policy is one of Fordefi's major security features, governing how transactions are approved before being signed and broadcast to the blockchain. The policy rules can be highly granular, allowing customization based on transaction attributes such as amount, origin, destination, and user. The approval process itself is customizable - administrators can define whether transactions require approval from a minimum number of approvers or from specific combinations of approver groups, or alternatively, can configure the system to automatically approve or block transactions based on predefined criteria.
For example, an organization may want to automatically block a transaction that exceeds a specific amount, review transactions according to their origin, or block specific users from making transactions.
Policy Structure
The policy consists of an ordered list of rules. Each rule has a set of conditions and an action. When a transaction is created, the policy is evaluated according to the order of the rules. The first rule that matches the transaction is applied. Therefore, if two policy rules match a transaction but contradict each other, the policy rule higher in the the list overrides the policy rule that appears lower in the list. For example, if both Policy Rule number 4 and Policy Rule number 7 match a transaction, the rule with number 4 will be applied.
To match a rule, the transaction must satisfy all the conditions of the rule. When all the conditions are met, the rule is applied to the transaction and the preassigned action is taken. If the transaction does not satisfy all the conditions of the rule, the rule is not applied and the policy proceeds to evaluate the next rule.
The last rule in the policy is the default policy rule. The default rule is a bit different from other rules. First, it cannot be deleted or moved, and second, all its conditions are set to Any and cannot be changed. As a result, the default rule is a fallback rule that will always be applied if no other rule matches.
To enable organizations to start working quickly, Fordefi's factory policy settings require no approvals at all. Our recommendation is to modify the default rule—either block or require approval.
Basic Example
Suppose you wish to have Fordefi automatically process a transaction up to $1000 and require two approvals for any transaction that exceeds that amount. You would then create a policy that consists of two rules:
- A rule that has its "Transaction Amount" condition set to "≤ $1000" to allow transactions up to $1000.
- Below it, the default rule with its action set to "Require Approval".
Learn more: