By now you should be aware that Vaultody`s mission is the provision of custodial services which give you full control on your funds, with second to none security and privacy levels. The integration of the numerous features and technologies into our MPC wallet solution are taking care of preserving your privacy and are adding extra layers (yes, not one, but many additional layers) of security to take down to a minimum risks of potential breaches, brutal-force attacks, hacks, vulnerabilities and others.

In this post, we will introduce you to some of the key features that are responsible for ensuring Vaultody`s wallet security management. We`ll share insights on how they work, what level of flexibility and control they provide, and how you can set them up to get the most out of each of them.

Team Roles & Approval Chains

We are assuming that you already completed the creation process of your own Vaultody MPC wallet. Once you are ready with this step, you can assign different roles and grant access to the wallet to as many of your team members as you wish. However, please be aware that if you are on our trial plan, you will be able to assign roles to up to 3 team members, as of the time of publishing this piece. For any specific needs and exact number of team members that you would like to assign, our team will create a custom plan, based on your organizational requirements. 

The idea behind team roles is to have a certain degree of control on transactions within your organization. What is the degree of control is decided by you, the wallet owner. This depends on the rules that you create. All rules and policies can be introduced through our approval chains feature. Without the input of all assigned to the wallet team members, none of the transactions will go through unless approved. 

To simplify it further, for the sake of this blog post we will provide a visualization along with an example of how organizations can set up their approval chains and team roles.

In the image above, an internal rule was set via approval chains by the wallet owner. There are two levels of approval - level 1, which could be set for small amounts of funds, and level 2 which will be for higher amounts. Only wallet owners can assign team roles, introduce policies and rules, and decide which team members will be level 1 or level 2 in the approval chains configuration. In terms of requesting new changes, everyone can make requests, but only the wallet owner is authorized to approve them. 

Transaction Policy

The transaction policy feature allows wallet owners to create rules which are associated with the total value of transactions, based on their USD value limit over a 24-hour period, resetting daily at 00:00 UTC. Wallet owners have full control on what type of transaction policies they introduce, as well as the limits that will be set. 

If we refer back to the image above, you can see that an internal rule was already created. We are aware which of the team members are part of the Level 1 approval chain, as well those team members (in this case it's just Daniel) who are part of Level 2. 

Let's assume that the introduced limit in this case requires authorization from Level 1 team members on transactions which total value, regardless of the total number of transactions that will be placed, is equal or less than $50,000 USD in value per day. This means that Robert, Peter and Jennifer must all approve one transaction or numerous transactions below thе daily limit in order for the transaction(s) to go through. Daniel`s input is not necessary until transaction(s) stay within the set limit. 

However, If the daily limit is surpassed, the first transaction to go over $50k USD (again, this can be a single transaction with value exceeding the limit, or one transaction which is part of multiple/batch transactions) will require all level 1 team members approval, and then - all level 2 members must take part in the approval process as well. Of course, limits and rules can vary from one wallet to another as both play the role of variables which can be adjusted in accordance with the wallet owner's needs.  

If you look at the image that we provided, you will see an example of a transaction that has already passed level 1 approval and is due to be approved or rejected by level 2 members. This is the transaction type that requires the input of members across both levels, based on how the wallet owner created their transaction rules.  

Vaultody Approver & System Actions

How does the approval process happen? We have deliberately separated actions that can be performed on desktop from those that are specifically created for mobile. The reason here is to ensure that unauthorized or unwished approvals are not being performed by another party, which does not have an assigned role in the wallet.

The Vaultody approver is our mobile application which is used for two main purposes. The first purpose is to approve and reject all transactions associated with the wallet, in which scenario the Vaultody Approver functions as a 2FA mechanism. Our mobile app is secured with PIN and biometrics data, to ensure constant 24/7 control over your wallet. The second purpose is to approve system actions and make important decisions on the go. 

During the transaction approval process, all requests and transaction policy introductions to the wallet are made only from desktop. When it comes to giving a green or red light on the requested amounts, this happens only through the Vaultody approver. If the wallet owner wishes to create rules and policies which will not require approval - this can be done too. 

In regards to system actions, all team members can ask for approval from the wallet owner for activating their accounts and assigning them to the wallet. Аll changes associated with the team member`s accounts, such as changing their email address, adding or removing them from a wallet, changing their wallet role and etc. is being done through System Actions, which can be found in the Vaultody Approver application.

Our team is always available to help you understand what features and mechanisms we have in place for the provision of robust and flexible wallet security management. If you would like to learn more and if you need help with your onboarding, please do not hesitate to reach out to us via our contact form or by writing to us in our live chat.