Optimizing Transaction Security with Custom Governance Controls

2023-02-24  •  4 min read

Our institutional crypto custody platform was built to address the complex needs of institutions looking to store and manage their digital assets securely. When signing up for an institutional crypto custody account on Ceffu, clients have the ability to set up a variety of custom rules that allow them to optimize the security of their account and transactions based on their own organizational needs. These rules, governed by our Multi-Approval Scheme (MAS) and Transaction Approval Policy (TAP) frameworks, provide added peace of mind that the movements of digital assets going in and out of their wallets have been authorized according to their own parameters.

Assigning different roles and permissions

Ceffu enables institutional clients to set specific roles for each team member with access to their crypto wallet, which, based on the assigned role, limits or grants various permissions. Organizations on Ceffu can customize those permissions within the predefined roles to suit their own needs and workflow. 

For instance, an Admin has the same level of permissions as the Creator of a wallet in that they can edit wallet settings, while Approvers can only approve transactions that they have been authorized to approve as part of the client’s MAS and TAP rules. Other roles assigned to team members do not allow them to approve transactions.

Authorizing transactions with MAS

Multi-party computation (MPC) technology requires M out of N (e.g. 3 out of 5) number of key shares to validate a transaction for signing, so our wallets ensure that the most secure measures are in place to safeguard our clients’ digital assets. In addition to our MPC, clients can set up their own MAS by assigning specific team members within their organization to the platform and distributing the approval responsibility across multiple individuals. 

For instance, while 10 team members may be added as part of a client’s Qualified Wallet, only 3 of those 10 members may be needed to approve a transaction. Once a transaction is approved within a client’s Qualified Wallet, Ceffu will sign and broadcast it on the blockchain. Institutions looking for more flexibility to define their own transaction rules and actions can enhance their governance requirements through Ceffu’s Transaction Approval Policy (TAP).

Customizing transaction and wallet rules with TAP

Ceffu’s TAP is a set of custom rules created by a user to dictate the limits and boundaries of movements of their digital assets. With a custom TAP, clients control how many users are required to move assets above or below certain amounts, what parameters are required to approve once transactions meet a certain threshold, and how transactions are approved for each individual wallet. This policy is ideal for clients operating multiple wallets and wanting to customize their security features based on those wallets.

Each rule template contains a set of parameters that collectively define the transactions to which it applies. The policy works on a “First-Match” basis. This means that for each transaction, the policy engine will scan the entire policy from top to bottom, and apply the action of the first policy rule that matches the characteristics of the transaction reflected by the collective parameters initially set up. If no such rule is found, the transaction will revert to the client’s default MAS.

With our TAP, clients optimize the security of their account and transactions with governance controls tailored to their own needs.

Securing your assets on our audited and attested platform

Since launching our institutional platform, our primary objective has remained fully committed to growing a safe and reliable environment that institutional clients can entrust with the security of their assets, as well as their data. Receiving our ISO 27001 & 27701 certifications by the British Standards Institution (BSI), as well as our SOC 2 Type 1 and SOC 2 Type 2 attestations, affirms this priority as we continue to provide and maintain the highest level of security and operational compliance. 

While users of the Ceffu platform enjoy customizable parameters to enhance the safekeeping of their digital assets through our MAS and TAP systems, clients can rest assured that the foundational levels of top-grade security and privacy protection are already in place to deliver the most robust institutional crypto asset management experience.

About Ceffu

Ceffu is a compliant, institutional-grade custody platform offering custody and liquidity solutions that are ISO 27001 & 27701 certified and SOC Type 1 & Type 2 attested. Its multi-party computation (MPC) technology, combined with a customizable multi-approval scheme, provides bespoke solutions allowing institutional clients to safely store and manage their digital assets through its insured, segregated cold storage solution, Qualified Wallet. Institutions also benefit from Ceffu’s secure gateway to a wide range of liquidity products within the Binance ecosystem as Binance’s institutional custody partner.

Stay informed
LinkedIn: Ceffu
Twitter: @CeffuGlobal