What you’ll need
- Understanding of permissions
- Understanding of policies
- Wallets created in your organization
Components to configure
Permission roles
Create role-based permissions that follow the principle of least privilege. Common roles include:| Role | Purpose |
|---|---|
| Treasury Operator | Initiate transactions, view wallets |
| Treasury Approver | Approve transactions, view only |
| Auditor | Read-only access to all data |
Wallet tags
Tags let you organize and filter wallets. Use them for:- Filtering wallets in the dashboard
- Targeting policies to specific wallet groups
- Organizing wallets by purpose, team, or risk level
Separation of duties
Combine permissions and policies to enforce dual control:- Operators can initiate transactions but cannot approve
- Approvers can approve but cannot initiate
- Policies require approver sign-off for operator-initiated transactions
By default, the initiator cannot approve their own transactions. This enforces dual control automatically.
Organization patterns
By function
| Tag | Purpose |
|---|---|
treasury | Core treasury holdings |
operations | Day-to-day operational wallets |
payroll | Employee payment wallets |
vendor-payments | Vendor disbursement wallets |
By risk level
| Tag | Purpose | Typical policies |
|---|---|---|
cold-storage | Long-term holdings | Strict multi-sig, low velocity |
warm-wallet | Intermediate storage | Moderate limits |
hot-wallet | Active operations | Higher velocity, lower single-tx limits |
By network
| Tag | Purpose |
|---|---|
eth-mainnet | Ethereum mainnet wallets |
polygon | Polygon wallets |
testnet | Test network wallets |
Example permission sets
Treasury Operator
Permissions for team members who initiate transactions:Wallets:Read- View wallet details and balancesWallets:Transfers:Create- Initiate transfer requestsWallets:Transfers:Read- View transfer historyWallets:Transactions:Create- Sign and broadcast transactionsWallets:Transactions:Read- View transaction history
Treasury Approver
Permissions for team members who approve transactions:Wallets:Read- View wallet detailsWallets:Transfers:Read- View transfer detailsWallets:Transactions:Read- View transaction details- Approval permissions for assigned policies
Auditor (read-only)
Permissions for external auditors or compliance:Wallets:Read- View all walletsWallets:Transfers:Read- View all transfersWallets:Transactions:Read- View all transactionsPolicies:Read- View policy configurationsAuth:Logs:Read- View audit logs
Related solutions
Treasury policies
Multi-signature and spending controls
End-user wallets
Delegated wallet management
Compliance
Audit trails and reporting