Skip to main content
Policies are a programmable set of safeguards behind all actions on the DFNS infrastructure. You can configure them to validate actions taken in your organization. For more details, please read the dedicated section: policy-engine
Pro tip: initial policies you should createWe recommend setting up three initial Policies in order to lock down your organization:
  1. Permission Assignment: requiring quorum approval before assigning permissions to any user. This way a rogue admin cannot create fake users with elevated permissions by himself.
  2. Permission Modification: ensure permission sets cannot be modified without quorum approval, to prevent a rogue actor to elevate existing roles by whitelisting extra actions.
  3. Policy Modification: a policy preventing to change policies. That’s to make sure your established policies stay in place and a quorum approval is required for modifications. Those are actually the first 3 options available when you follow the policy creation flow on the dashboard.
In this example, we are going to control transactions whitelisting specific recipient addresses, and requiring approvals for others.
1

Create a new Policy

On the dashboard, head to Org > Policies (direct link: https://app.dfns.io/policies) and click ➕ Create Policy. The wizard opens on the Name step: give your policy a descriptive name, then click “Continue”.
Policies page with the Create Policy button highlighted
2

Select the targeted activity

What should the policy apply on? For our example, select “Wallet usage (transfer, transaction, signature)”. You can leave the optional “Entity Filter” step empty to apply the policy to all wallets.
Policy wizard Activity step with Wallet usage highlighted
3

Select the criteria to evaluate

In which case should the policy trigger? For our example, select “Transaction recipient whitelist”, then click “Add Addresses” and paste the whitelisted destination wallet address. All transactions to this wallet address will go through, while all others will trigger the policy.
Policy wizard Rule step with a whitelisted address configured
4

Select the action to take

When a transaction triggers the policy filters, then there are different actions you can take. In our case, we’ll request approval from another employee. Select “Request Approval”, name the approval group, and set the quorum (the number of approvals required, here 1). By default all employees can approve; you can narrow this to specific employees in the “Add Employee” field.
The user triggering the action can never approve it himself. Make sure the approvers are not the same users who will issue the requests!
Policy wizard Action step with Request Approval and an approval group
5

Finish the configuration

Continue to the Summary step, review the policy, then click Save and 🔑 sign the request with your passkey.
Policy wizard Summary step with the Save button highlighted
Congratulation! you have created a policy requesting approval from your coworker when a transaction is requested, unless it’s for transferring to the designated wallet. You can refine these rules and add as many as you need to match your internal policies and safeguards.
From there, your organization is already well configured, you are good to start really using DFNS! Next step is to create wallets and use them! Depending on what you want to do, you can use different routes here:

Keep using the dashboard

Create wallets that you (or your team) will manage manually.

Integrate DFNS into your application

Manage wallets and the DFNS platform programmatically.

Offer delegated wallets to your customers

Get started with delegated wallets.
Last modified on June 8, 2026