Policy Management
Policies let you control how transfers are handled before signing and broadcast. Use them to automatically approve low-risk activity, require manual approval for sensitive transfers, reject prohibited destinations, or throttle repeated activity.What Policies Do
In Paratro, policies act as transaction guardrails. They are evaluated when a transfer is created and decide whether the transfer should continue automatically, wait for approval, be rejected, or be rate limited. This makes policies useful for:- treasury allowlists
- spending controls
- business-hour enforcement
- high-frequency transfer protection
How Policy Evaluation Works
Paratro evaluates active policies during transfer creation.- Active policies for the client and wallet are loaded.
- Policies are evaluated by
priority, from highest to lowest. - The first matching policy decides the action.
- If no active policies exist, the transfer proceeds with
AUTO_APPROVE. - If policies exist but none match, the transfer falls back to
REQUIRE_APPROVAL.
Supported Policy Types
| Policy type | What it checks | Common use |
|---|---|---|
TRANSFER_LIMIT | Single-transfer or daily amount thresholds | Require approval for large transfers |
TIME_RESTRICTION | Allowed days, hours, and timezone windows | Block or escalate activity outside business hours |
VELOCITY_LIMIT | Number of transfers within a time window | Slow down repeated transfer attempts |
WHITELIST | Approved destination addresses | Auto-approve transfers to known treasury or exchange addresses |
BLACKLIST | Blocked or sensitive destination addresses | Reject or escalate transfers to prohibited destinations |
Supported Actions
| Action | Result |
|---|---|
AUTO_APPROVE | Transfer continues without manual approval |
REQUIRE_APPROVAL | Transfer is created and waits for approvers |
AUTO_REJECT | Transfer is blocked immediately |
RATE_LIMIT | Transfer is rejected because activity exceeded the configured rate limit |
Basic Usage Flow
- Create a policy for the wallet or tenant you want to protect.
- Choose the policy type and the action that should happen when it matches.
- Set a clear
priorityso rule order is intentional. - Enable the policy and test it with a low-risk transfer.
- Review the resulting transaction status and Audit Logs.
Example Scenarios
- Use
WHITELISTwithAUTO_APPROVEfor known internal treasury addresses. - Use
TRANSFER_LIMITwithREQUIRE_APPROVALfor transfers above an operating threshold. - Use
TIME_RESTRICTIONwithAUTO_REJECToutside approved hours. - Use
VELOCITY_LIMITwithRATE_LIMITto slow repeated transfer attempts from the same wallet.
Operational Tips
- Keep policy sets small and easy to reason about.
- Assign explicit priorities instead of relying on creation order.
- Test new policies with small transfers before production rollout.
- Review approval behavior and audit trails regularly.
- Update policies when wallet tiers, approver groups, or operating hours change.