Security Best Practices

Approval threshold

Like requiring 2-of-3 board members to sign a check, your treasury requires multiple Approvers to sign off on every transaction. Even if one account is compromised, funds stay safe.

• 2-of-3.

  Any 2 of 3 Approvers can approve (recommended for small groups).

• 3-of-5.

  Any 3 of 5 Approvers can approve (recommended for larger treasuries).

Approver best practices

• Use multiple Approvers.

  Never rely on just one person. If they're unavailable, funds are stuck.

• Geographic distribution.

  Approvers in different locations reduces single-point-of- failure risk.

• Backup contact methods.

  Know how to reach Approvers outside of the platform.

• Regular Approver reviews.

  Remove Approvers who are no longer active. Add new trusted members.

Transaction verification

• Double-check addresses.

  Verify the first AND last characters of recipient addresses. Scammers use similar-looking addresses.

• Verify through a second channel.

  For large amounts, confirm the request through a different communication method.

• Question unusual requests.

  Urgency is a red flag. Legitimate transactions can wait for proper verification.

Emergency procedures

• Treasury freeze.

  Admins can pause all transactions if suspicious activity is detected. Better safe than sorry.

• Approver removal.

  If an account is compromised, other Approvers can remove it. This requires the usual threshold of approvals.

• Incident response.

  Know who to contact if something goes wrong. Document your procedures.

Regular audits

• Review transaction history monthly.
• Verify all transactions have proper documentation.
• Confirm the Approver list is current.
• Check that threshold settings are appropriate for your treasury size.