The wallet policy defined at the creation of the wallet determines:
- which users have the ability to initiate a withdrawal from that wallet
- which users have the ability to approve the transaction
- user-specific spending limits per day
- user-specific transactions limited per day
- which outgoing addresses are allowed by that wallet
- maximum spending limits of the wallet per day
- maximum number of outgoing transactions the wallet can allow per day
Insider fraud would require a user to add a new outgoing address, which would then have to be approved by all users in the approval chain via the Thresh0ld authentication app. When wallet policy actions bring higher risk to the system (such as adding new outgoing addresses or changing approvers), Thresh0ld implements a 72-hour freeze-time during which funds cannot leave the wallet to stop bad actors trying to steal funds. If the wallet policy change is not malicious, all other approvers (who are immediately notified of any policy change) can approve and the freeze-time is overridden. If no approvers take action, the wallet policy change goes through after freeze-time. Approvers have freeze-time to determine and act on whether a wallet policy change is suspicious or not, therefore removing insider risk.
If a new outgoing address is added after freeze-time, the bad actor would have to initiate a withdrawal transaction from the desktop platform, which would then have to be verified by approvers on the wallet policy, thus providing another layer of risk reduction.
