Skip to main content

Policies

The Policy Engine enables you to define rules that control transaction behavior, enforce compliance, and manage risk.

Policy Types

Address Whitelist

Restrict transactions to approved addresses only. 
{
  "name": "Whitelist Only",
  "rule": {
    "addressWhitelist": {
      "enabled": true,
      "allowedAddresses": [
        "0x1234567890123456789012345678901234567890",
        "0xabcdef1234567890abcdef1234567890abcdef12"
      ],
      "denyAll": true
    }
  }
}
FieldDescription
enabledActivate this rule
allowedAddressesList of permitted addresses
denyAllBlock all non-whitelisted addresses

Amount Limits

Set daily and per-transaction spending limits. 
{
  "name": "Spending Limits",
  "rule": {
    "amountLimit": {
      "enabled": true,
      "dailyLimit": "100000",
      "perTxLimit": "10000",
      "currency": "USD"
    }
  }
}
FieldDescription
dailyLimitMaximum daily spend (USD)
perTxLimitMaximum per transaction (USD)
currencyLimit currency (USD, EUR, etc.)

Approval Flow

Require human approval for high-value transactions. 
{
  "name": "High Value Approval",
  "rule": {
    "approvalFlow": {
      "enabled": true,
      "threshold": "50000",
      "approvers": ["usr_cfo", "usr_ceo"],
      "requiredApprovals": 1
    }
  }
}
FieldDescription
thresholdAmount triggering approval (USD)
approversList of approver user IDs
requiredApprovalsNumber of approvals needed

Policy Priority

Policies are evaluated in priority order (highest first). The first matching policy determines the outcome. 
{
  "name": "Block Suspicious",
  "priority": 100,
  "rule": { "addressWhitelist": { "denyAll": true } }
}

{
  "name": "Allow Known",
  "priority": 50,
  "rule": { "addressWhitelist": { "allowedAddresses": [...] } }
}

Policy Evaluation

Creating Policies

POST /v1/policy-engine/policies
{
  "tenantId": "ten_abc123",
  "projectId": "proj_abc123",
  "name": "Production Policy",
  "description": "Whitelist + limits + approval",
  "rule": {
    "addressWhitelist": {
      "enabled": true,
      "allowedAddresses": ["0x..."],
      "denyAll": true
    },
    "amountLimit": {
      "enabled": true,
      "dailyLimit": "100000",
      "perTxLimit": "10000",
      "currency": "USD"
    },
    "approvalFlow": {
      "enabled": true,
      "threshold": "25000",
      "approvers": ["usr_admin"],
      "requiredApprovals": 1
    }
  },
  "priority": 100,
  "enabled": true
}

Checking Transactions

Before signing, check if a transaction is allowed: 
POST /v1/policy-engine/check-transaction
{
  "tenantId": "ten_abc123",
  "projectId": "proj_abc123",
  "fromAddress": "0x...",
  "toAddress": "0x...",
  "amount": "50000000000000000000000",
  "chainReference": "eip155:1"
}
Response: 
{
  "allowed": true,
  "requiresApproval": true,
  "approvalRequestId": "apr_abc123",
  "reason": "Amount exceeds $25,000 threshold"
}

Approval Workflow

When approval is required:
  1. Transaction is held in PENDING_APPROVAL state
  2. Approvers are notified (webhook/email)
  3. Approver reviews and approves/rejects
  4. Transaction proceeds or is cancelled

Best Practices

Begin with strict policies and relax as needed:
  • Enable address whitelist
  • Set conservative limits
  • Require approval for large amounts
Use multiple policies with different priorities:
  • High priority: Block known bad actors
  • Medium priority: Enforce limits
  • Low priority: Default allow
  • Review policy hits regularly
  • Adjust thresholds based on usage
  • Add addresses to whitelist as needed