Configure Approvals for Withdrawals

Security settings allow you to configure rules to govern outgoing transactions from your asset pools. By setting volume-based thresholds, you can require approvals for all withdrawals or those exceeding specific thresholds.

Why do you need approvals for withdrawals?

Requiring approvals for withdrawals adds a critical layer of control and oversight to your Layer1 treasury movements. This feature provides the following benefits:

Risk Mitigation.
Approvals reduce the risk of accidental, unauthorised, or malicious transfers. By introducing a review step, you can prevent large or suspicious withdrawals from being executed without scrutiny.
Customizable Control.
Teams can configure thresholds and delegate approvers, allowing necessary stakeholders or leads to stay informed about high-impact transactions while enabling routine operations to continue smoothly.
Auditability and Transparency.
All approvals (or rejections) are logged and traceable. This strengthens accountability across teams and simplifies post-transaction reviews or compliance audits.
Peace of Mind for Stakeholders.
Ultimately, this feature gives teams confidence that funds are protected by policy and oversight, not just technical safeguards—ensuring trust at both operational and executive levels.

Enable approvals for withdrawals

By default, no approvals are required for withdrawals from your Layer1 asset pools.

To enable approvals for withdrawals or to edit configurations, you must have the role approval-settings:operator.

Configure approvals for all transactions

To require approvals for all transactions of any amount, do the following:

Go to Approvals > Security Settings.
Select All Transactions.
In the All transactions require box, select the number of approvers required to sanction withdrawals.
Click Save.

Ensure you Assign approver permissions to relevant users to complete your approvals set-up.

Configure approvals for transaction ranges

To require approvals for transaction ranges, do the following:

Go to Approvals > Security Settings.
Select Transaction Ranges.
Set your first transaction range:
1. In the to field, enter the upper limit of the range. Transaction ranges must be mutually exclusive and collectively exhaustive (MECE) to avoid security setting conflicts; that's why the first range must begin with a from value of 0.
2. In the Require box, select the number of approvers required to sanction withdrawals.
Set your next transaction range:
1. Adjust the from and to fields. The form will automatically populate the from value based on the previous range to ensure the ranges are MECE.
2. In the Require box, select the number of approvers required to sanction withdrawals.
To add additional transaction ranges, click the plus icon and repeat steps 3.1-3.2.
To remove a transaction range, click the trash icon next to the unnecessary section.
Click Save.

Ensure you Assign approver permissions to relevant users to complete your approvals set-up.

Update and remove approvals configuration

To update your configuration for withdrawals, do the following:

Go to Approvals > Security Settings.
Change the approval configuration:
- Update: To update the approval configuration you have set, edit the number of approvers or transaction ranges required.
- Remove: To remove approvals for all withdrawals:
  1. Select All transactions.
  2. Set the number of required approvers to "0".
Click Save to store your updated settings.

Assign approver permissions

To update user permissions, you must have the user:operator role.

To approve withdrawals, you must have the crypto:withdrawal:approver permission.

To assign this approver permission to users, do the following:

Go to Settings > Users.
Find the user to whom you want to assign approver permissions and click the eye icon next to their name.
In the side panel, click Edit user.
In the Assign roles to user menu, click the expander arrow to find the crypto:withdrawal:approver role and assign it to the user.
Click Update.