Create Wallet Policies
Overview
You can enhance security for your wallets by creating wallet policies. Policy rules control the conditions under which outgoing transactions can occur. When you configure wallet policies, you can:
- Add wallet admins.
- Create recipient whitelists.
- Require admin approval.
- Set spending limits.
- Specify final approvers.
Note: For your security, new policy rules lock after 48 hours and can only be unlocked by BitGo support.
When a wallet policy updates, BitGo sends an email notification to all wallet users. However, BitGo doesn't send an email notification for the initial policy creation.
Prerequisites
Steps
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31
const BitGoJS = require('../../../src/index.js'); const bitgo = new BitGoJS.BitGo({ env: 'test' }); const Promise = require('bluebird'); // Set your access token here const accessToken = 'v2xcbe8617bd58947a9ec41cc7a92e0a9a9d81dc2780669faa59eab3016ad5792ae'; // Set your coin of choice here const coin = 'tbtc'; // Set your wallet ID here const walletId ='5d13ddd2ed50ae9603daa81970840e6e'; Promise.coroutine(function *() { bitgo.authenticateWithAccessToken({ accessToken }); const wallet = yield bitgo.coin(coin).wallets().get({ id: walletId }); console.log(`Setting new velocity limit policy on wallet ${wallet.label()}`); const policy = { action: { type: 'getApproval' }, condition: { add: '2N7jDsDaGtZd2p6wb8anxsEZD5Zq2HBfWTT' }, id: 'test_policy', type: 'coinAddressWhitelist' }; const result = yield wallet.createPolicyRule(policy); console.dir(result); })();
Step Results
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128
{ "admin": { "policy": { "id": "59cd72485007a239fb00282ed480da1f", "date": "2019-08-24T14:15:22Z", "label": "string", "latest": true, "rules": [ { "id": "string", "lockDate": "2019-08-24T14:15:22Z", "mutabilityConstraint": "managed", "coin": "btc", "type": "advancedWhitelist", "condition": { "amountString": "2000000", "timeWindow": 2678400, "groupTags": [ "59cd72485007a239fb00282ed480da1f" ], "excludeTags": [ "59cd72485007a239fb00282ed480da1f" ] }, "action": { "type": "deny", "approvalsRequired": 1, "userIds": [ "59cd72485007a239fb00282ed480da1f" ] } } ], "version": 0 } }, "allowBackupKeySigning": true, "approvalsRequired": 1, "balanceString": "string", "buildDefaults": { "minFeeRate": 12000 }, "coin": "btc", "coinSpecific": { "creationFailure": [ "b8a828b98dbf32d9fd1875cbace9640ceb8c82626716b4a64203fdc79bb46d26" ], "pendingChainInitialization": true, "rootAddress": "GCTTCPH4IIDK7P72FFAEJ3ZFN6WDHJH6GGMRPHPM56ZWGIQ7B3XTIJAM", "stellarUsername": "foo_bar@baz.com", "homeDomain": "bitgo.com", "stellarAddress": "foo_bar@baz.com*bitgo.com" }, "custodialWallet": {}, "custodialWalletId": "59cd72485007a239fb00282ed480da1f", "deleted": true, "disableTransactionNotifications": true, "enterprise": "59cd72485007a239fb00282ed480da1f", "freeze": { "time": "string", "expires": "string" }, "id": "59cd72485007a239fb00282ed480da1f", "isCold": true, "keys": [ "585951a5df8380e0e304a553", "585951a5df8380e0e30d645c", "585951a5df8380e0e30b6147" ], "label": "My Wallet", "m": 2, "n": 3, "nodeId": "59cd72485007a239fb00282ed480da1f", "receiveAddress": { "id": "59cd72485007a239fb00282ed480da1f", "address": "2MvrwRYBAuRtPTiZ5MyKg42Ke55W3fZJfZS", "chain": 1, "index": 0, "coin": "string", "lastNonce": -1, "wallet": "59cd72485007a239fb00282ed480da1f", "coinSpecific": { "xlm": { "memoId": "2000000", "rootAddress": "GCTTCPH4IIDK7P72FFAEJ3ZFN6WDHJH6GGMRPHPM56ZWGIQ7B3XTIJAM" }, "txlm": { "memoId": "2000000", "rootAddress": "GCTTCPH4IIDK7P72FFAEJ3ZFN6WDHJH6GGMRPHPM56ZWGIQ7B3XTIJAM" } }, "balance": { "updated": "2019-08-24T14:15:22Z", "balance": 50000, "balanceString": "50000", "totalReceived": 0, "totalSent": 0, "confirmedBalanceString": "40000", "spendableBalanceString": "40000" }, "label": "Bob's Hot Wallet Address", "addressType": "p2sh" }, "recoverable": true, "tags": [ "59cd72485007a239fb00282ed480da1f" ], "spendableBalanceString": "string", "startDate": "string", "type": "cold", "users": [ { "user": "55e8a1a5df8380e0e30e20c6", "permissions": [ "admin", "view", "spend" ] } ], "customChangeKeySignatures": { "user": "string", "backup": "string", "bitgo": "string" }, "multisigType": "onchain" }
Next Steps
You can view the wallet policies using the Get Wallet API. For details, see API Reference: Get Wallet.