Skip to main content

Best Practices

Recommendations for running secure, reliable digital asset operations with Paratro.

Security

API Key Management

  • Store API keys in environment variables or a secrets manager — never in source code
  • Use separate API keys for different environments (development, staging, production)
  • Apply the principle of least privilege — grant only the permissions each key needs
  • Rotate API keys regularly and revoke unused keys immediately
  • Enable IP allowlisting for production API keys

Wallet Security

  • Use higher thresholds (3-of-5) for high-value wallets
  • Distribute key shares across different geographic locations and custodians
  • Schedule regular key rotations (quarterly recommended)
  • Separate hot wallets (daily operations) from cold wallets (long-term storage)

Access Control

  • Assign roles based on job function — avoid granting admin access broadly
  • Require MFA/TOTP for all users with transaction approval rights
  • Review user access quarterly and remove inactive accounts
  • Use separate approver groups for different wallet tiers

Operations

Transaction Management

  • Always set up approval policies before funding wallets
  • Use address whitelists to prevent transfers to unauthorized destinations
  • Set spending limits as a safety net, even with approval policies in place
  • Monitor transaction status and set up alerts for failed or rejected transactions

Monitoring

  • Review audit logs weekly for unusual activity
  • Set up alerts for:
    • Transactions above a threshold
    • Failed signing attempts
    • New API key creation
    • Policy changes
  • Export audit logs to your SIEM for centralized monitoring

Disaster Recovery

  • Maintain encrypted backups of key share configurations
  • Document the key recovery process and test it annually
  • Keep an inventory of all wallets and their threshold configurations
  • Have a runbook for revoking compromised API keys or key shares

Integration

Error Handling

  • Implement retry logic with exponential backoff for transient errors (429, 500)
  • Handle pending_approval status gracefully — don’t treat it as an error
  • Log all API errors with request IDs for debugging with Paratro support

Webhooks

  • Validate webhook signatures to prevent spoofing
  • Process webhooks idempotently — you may receive the same event multiple times
  • Respond to webhooks quickly (under 5 seconds) and process asynchronously

Testing

  • Use a dedicated test organization for development and staging
  • Test policy configurations with small transactions before applying to production wallets
  • Verify approval flows end-to-end before going live