Designing a blockchain-based product requires extensive planning in order to deliver a compelling set of features with the best possible user experience. Every aspect of the product matters – from the user interface to the backend logic in the codebase. However, important security and compliance vectors tend to slip through the cracks. This blog post aims to offer a new perspective on enhancing your blockchain product’s design and architecture by incorporating some key elements.

Transaction approval flows, compliance processes, and address whitelisting form the basis of vital checkpoints that ensure every transaction is legitimate, secure, and adheres to application guidelines and regulations. A structured approval process enables organizations to prevent unauthorized transactions and reduce the risk of fraud. It also allows for a detailed review of transactions according to preset criteria, such as transaction value, destination address, and anti-money laundering (AML) screening.

Approval flows also enable the segregation of duties and add an additional layer of security and accountability by ensuring that no single individual has complete control over the transaction process.

Ultimately, implementing transaction approval flows is essential for maintaining the integrity of blockchain-based products, safeguarding assets, and ensuring that operations comply with legal and ethical standards.

Transforming theoretical security, compliance, and due diligence into the bedrock of your daily operations underscores the message from our previous blog post, where we emphasized the significant role of the Blockchain Architects in thoroughly reviewing every aspect of their blockchain product during its design.

Now that we have established the importance and utility of transaction approval flows, let’s unpack it.

Download the Cheat Sheet: Navigating the Complexities of Transaction Approval and Validation Flows

What is the Transaction Approval flow?

All crypto transactions begin with a wallet. This wallet is a kind of software that holds both a private and a public key pair and keeps track of activities on its specific blockchain. Users transact by entering the destination address and amount, signing with their private key, then the wallet signs and sends it to the blockchain. This process is simple and common. However, there is often a second layer of security involved – the use of an authentication app, text messages, or email – to further ensure that the person requesting the transaction is permitted to do so.

These methods may work well for individual users, but they may not suffice for transactions on a company’s wallet.

At the point of signing a transaction and setting off a series of on-chain activities, all internal checks for the party initiating a transaction would have been completed. That’s why the entire approval process has to take place off-chain, prior to the signing of the transaction. Off-chain transactions are often lengthy, complex, and involve both automated and manual steps – these steps check for compliance with laws, adherence to company policies, security assessments, record-keeping by internal systems, and more.

Whitelisting Addresses

The whitelisting of external wallet addresses – the creation of a list of approved addresses that your wallet is permitted to send funds to – is a reliable security measure for organizations handling digital asset and crypto transactions.
This enables an organization to significantly reduce the risk of fraud and unauthorized transactions and keeps the entire system secure by preventing any unexpected or potentially harmful transactions.

Additionally, whitelisting simplifies the process of monitoring transactions and makes it easier to spot anything unusual. This practice is an essential part of managing risk and enhancing security for any organization involved in the crypto space, offering a layer of protection that helps maintain a safe and controlled transaction environment.

Whitelisting external addresses can happen either directly on or off-chain. Those opting for a decentralized approach can whitelist on-chain using a smart contract to continuously update the list of approved addresses. However, the downside of on-chain whitelisting is the cost of gas fees for every addition to the list. When it comes to restricting access, there is little difference between on and off-chain methods as both require proper access controls. An important aspect to consider with on-chain whitelisting is that it makes the list public and visible to anyone, which may not align with a business’ need to keep certain security measures private.

While adding external addresses to a whitelist is a move toward improving transaction approval flows, it is not sufficient on its own. It is wise to also implement other controls, such as limits on the amounts being sent to these external addresses.

Internal Transaction Validation and Security Approvals

Security is a key aspect of the transaction approval process as it safeguards against unauthorized access and fraud. Having a system in place that tests each transaction against a specific set of rules based on various factors – like the type of asset, the amount, who’s initiating it, where it’s going, the total amount involved, etc. – will benefit your business.

The transaction approval process can consist of simple or complex rules. An example of a simple one would be to block any transactions over $1 million in BTC value. Complex rules are those which contain multiple prerequisites. An example of a complex rule would be: An Ethereum transaction with a cumulative amount of over $500,000 within the last 24 hours can only be sent to a whitelisted address, and requires a minimum of 2 approvals from the Administrators and Risk groups.

Deciding which wallets these policies should apply to is the final step in setting up the approval flow. For example, a company can choose not to enable external transactions from its main “Warm wallet,” and only allow internal transactions – such as rebalancing – within the company’s “hot wallets.” Such transactions can only occur with specific approvals and by certain members of the team. This approach ensures duties are clearly divided and reduces the risk of the wallet being emptied through fraudulent activities.

Blockchain Products Compliance Flow

Anti-money laundering (AML) is a set of procedures, laws, and regulations designed to prevent criminals from disguising illegally obtained funds as legitimate income. Within the AML framework, the “Travel Rule” plays a significant role, especially in the financial and crypto sectors. It requires financial institutions to pass on certain information about transactions and their participants to the next financial institution when a transaction exceeds a specified amount. This rule adds transparency to financial transactions, making it harder for illegal funds to move unnoticed.

Know Your Transaction (KYT) flows are another important aspect of AML, particularly in the digital currency space. KYT processes involve monitoring transactions in real time to identify and report suspicious activities. This helps institutions understand the nature of the transactions they process, to ensure they are not financing terrorism or part of money laundering. Implementing AML practices can help financial and crypto businesses significantly reduce the risk of facilitating illegal financial activities.

Integrating services from AML and KYT providers like Chainalysis, Elliptic, and CipherTrace, can significantly strengthen these efforts. These measures are crucial for maintaining regulatory compliance, as failing to comply with these can result in severe legal penalties and damage to reputation. Furthermore, AML and KYT practices are instrumental in enhancing the trust and security among users, investors, and partners, demonstrating a commitment to ethical operations.

Incorporating compliance checks early in the transaction approval process not only streamlines the process but also strengthens the overall security and compliance framework of your blockchain product.

Automation

As businesses operate around the clock, relying solely on manual processes is not practical. Blockchain-based products, in particular, benefit greatly from automation. While automation helps tackle many operational challenges, it also comes with security risks that must be carefully managed.

For example, businesses that interact directly with consumers must have an automated process for withdrawals, typically executed through an API. This process presents an array of potential issues to be aware of, such as the secure management of API keys, enabling access only from pre-approved IP addresses, regular changes to the API keys, and ensuring the strict control of access permissions.

Consider a retail solution that handles a large number of withdrawals daily – these withdrawals are usually for average amounts and it’s unlikely for a customer to request a withdrawal of $1 million in a single transaction. Having checks that can spot such outliers and put necessary approvals in place, including manual ones if needed, is best practice.

Segregation of Duties

In both automated and manual processes, the principle of segregating duties plays an important role in enhancing security and control. When dealing with automated processes, dividing responsibilities between two different operators – both of whom are potentially API operators – becomes essential. One operator will initiate the process while the other completes it, ensuring all necessary approvals in between are secured. This approach significantly reduces the risk of compromising a single API key that would otherwise control the entire operation.

Similarly, in manual processes, it is important to ensure that the day-to-day operators of the business do not unilaterally approve and control the flow. Instead, tasks and decisions should be distributed among multiple individuals. For example, a transaction can be prepared by an individual, but in order to complete the process, an independent review and approval is required from a different individual who has the authority to verify its accuracy and compliance status. This segregation not only prevents errors and fraud but also reinforces accountability and oversight across all operations.

By applying the segregation of duties to both automated and manual processes, businesses can create a more secure and robust framework. This framework ensures that no single point of failure or compromise can undermine the entire system, whether it’s through an API key in automated processes or unilateral control in manual operations.

Conclusion

Navigating the complexities of transaction approval and validation in blockchain-based products requires a multifaceted approach that prioritizes security, compliance, and efficient operational processes.
From the essential practice of whitelisting addresses to the intricate layers of internal security approvals, and the critical role of compliance with AML and KYT standards, each step is designed to protect the transaction against unauthorized access, fraud, and regulatory breaches. Integrating automation and segregating duties further enhances this protective framework, allowing businesses to operate continuously while minimizing risks. These practices, along with the support of external providers and cutting-edge technologies, will help organizations ensure the integrity, trustworthiness, and reliability of their blockchain operations.

If you’re interested in learning more about the right ways to set up transaction approval and validation flows and want to know how we approach this at Fireblocks, sign up for our “Navigating the complexities of transaction approval flows” webinar.