Ctrl+K

Create Wallet Whitelists

Overview

You can enhance security for a wallet by creating wallet-policy rules that control recipient whitelists or require admin approvals. For more complex policies, see Policy Builder Overview.

When you update a wallet policy, BitGo sends an email notification to all wallet users. However, BitGo doesn't send an email notification when you initially create a wallet policy. For your security, new wallet-policy rules lock after 48 hours and can only be unlocked by BitGo support.

Note: Wallet-policy rules for apply only to transactions that involve BitGo. Recovery transactions that use the user key and the backup key bypass any wallet policies you may have in place with BitGo. For details, see Set Up Wallet Recovery Wizard.

Prerequisites

Steps

  • SDK
  • API
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
const BitGoJS = require('../../../src/index.js');
const bitgo = new BitGoJS.BitGo({ env: 'test' });
const Promise = require('bluebird');

// Set your access token here
const accessToken = 'v2xcbe8617bd58947a9ec41cc7a92e0a9a9d81dc2780669faa59eab3016ad5792ae';
// Set your coin of choice here
const coin = 'tbtc';
// Set your wallet ID here
const walletId ='5d13ddd2ed50ae9603daa81970840e6e';

Promise.coroutine(function *() {
  bitgo.authenticateWithAccessToken({ accessToken });

  const wallet = yield bitgo.coin(coin).wallets().get({ id: walletId });

  console.log(`Setting new whitelist policy on wallet ${wallet.label()}`);
  const policy = {
              action: {
              type: 'getApproval'
    },
    condition: {
              add: {
              item: '2N7jDsDaGtZd2p6wb8anxsEZD5Zq2HBfWTT',
              type: 'address',
              metaData: {
                label: "Recipient Wallet"
              }
            },
    },
    id: 'test_policy',
    type: 'advancedWhitelist'
  };

  const result = yield wallet.createPolicyRule(policy);
  console.dir(result);
})();

Step Results

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119

{
  "admin": {
    "policy": {
      "id": "59cd72485007a239fb00282ed480da1f",
      "date": "2019-08-24T14:15:22Z",
      "label": "string",
      "latest": true,
      "rules": [
        {
          "id": "test_policy",
          "type": "advancedWhitelist",
          "action": {
            "type": "getApproval",
          },
          "condition": {
            "entries": [
              {
                "item": "2Mxep78MBmidnkDHQ4S7UrV7TSsh9strAs7",
                "type": "address",
              },
            ]
          }
       }
      ],
      "version": 0
    }
  },
  "allowBackupKeySigning": true,
  "approvalsRequired": 1,
  "balanceString": "string",
  "buildDefaults": {
    "minFeeRate": 12000
  },
  "coin": "btc",
  "coinSpecific": {
    "creationFailure": [
      "b8a828b98dbf32d9fd1875cbace9640ceb8c82626716b4a64203fdc79bb46d26"
    ],
    "pendingChainInitialization": true,
    "rootAddress": "GCTTCPH4IIDK7P72FFAEJ3ZFN6WDHJH6GGMRPHPM56ZWGIQ7B3XTIJAM",
    "stellarUsername": "foo_bar@baz.com",
    "homeDomain": "bitgo.com",
    "stellarAddress": "foo_bar@baz.com*bitgo.com"
  },
  "custodialWallet": {},
  "custodialWalletId": "59cd72485007a239fb00282ed480da1f",
  "deleted": true,
  "disableTransactionNotifications": true,
  "enterprise": "59cd72485007a239fb00282ed480da1f",
  "freeze": {
    "time": "string",
    "expires": "string"
  },
  "id": "59cd72485007a239fb00282ed480da1f",
  "isCold": true,
  "keys": [
    "585951a5df8380e0e304a553",
    "585951a5df8380e0e30d645c",
    "585951a5df8380e0e30b6147"
  ],
  "label": "My Wallet",
  "m": 2,
  "n": 3,
  "nodeId": "59cd72485007a239fb00282ed480da1f",
  "receiveAddress": {
    "id": "59cd72485007a239fb00282ed480da1f",
    "address": "2MvrwRYBAuRtPTiZ5MyKg42Ke55W3fZJfZS",
    "chain": 1,
    "index": 0,
    "coin": "string",
    "lastNonce": -1,
    "wallet": "59cd72485007a239fb00282ed480da1f",
    "coinSpecific": {
      "xlm": {
        "memoId": "2000000",
        "rootAddress": "GCTTCPH4IIDK7P72FFAEJ3ZFN6WDHJH6GGMRPHPM56ZWGIQ7B3XTIJAM"
      },
      "txlm": {
        "memoId": "2000000",
        "rootAddress": "GCTTCPH4IIDK7P72FFAEJ3ZFN6WDHJH6GGMRPHPM56ZWGIQ7B3XTIJAM"
      }
    },
    "balance": {
      "updated": "2019-08-24T14:15:22Z",
      "balance": 50000,
      "balanceString": "50000",
      "totalReceived": 0,
      "totalSent": 0,
      "confirmedBalanceString": "40000",
      "spendableBalanceString": "40000"
    },
    "label": "Bob's Hot Wallet Address",
    "addressType": "p2sh"
  },
  "recoverable": true,
  "tags": [
    "59cd72485007a239fb00282ed480da1f"
  ],
  "spendableBalanceString": "string",
  "startDate": "string",
  "type": "cold",
  "users": [
    {
      "user": "55e8a1a5df8380e0e30e20c6",
      "permissions": [
        "admin",
        "view",
        "spend"
      ]
    }
  ],
  "customChangeKeySignatures": {
    "user": "string",
    "backup": "string",
    "bitgo": "string"
  },
  "multisigType": "onchain"
}

Next

You can view the wallet policies using the Get Wallet API. For details, see API Reference: Get Wallet.

See Also

API Reference: Add Wallet-Policy Rule