Please ensure the following security suggestions are followed during the configuration process to maximize the safety and integrity of your organization’s operations.

To request a more comprehensive security assessment of your organization’s configuration, please contact our customer support team.

Risk controls

Cobo Portal offers a variety of risk control mechanisms designed to address the challenges in storing, managing, and transferring digital assets.

User roles and permissions

User roles consist of predefined sets of rules that enable you to assign specific permissions to designated members within your organization.

  • Configure at least two Admins to ensure cross-verification and mutual backup. Other roles can be assigned appropriately based on actual needs.
  • It is not recommended to assign multiple roles to the same member.

For more details, see User roles and permissions.

Transaction policies

You can effortlessly create and edit both on-chain and off-chain transaction policies, and automate how each transaction will be handled by setting up an approval action.

On-chain transaction policies are governed by smart contracts on the blockchain networks, and only applies to Smart Contract Wallets. Off-chain transaction policies, on the other hand, are managed by the backend system of Cobo Portal and apply to all wallet types.

It is recommended to strictly configure transaction policies, especially for large withdrawal scenarios. Particular attention should be given to token transfer policies in off-chain transaction policies to avoid high-risk situations, such as:

  • having no transaction policies
  • having transactions that are not covered by a transaction policy
  • automatically approving all transactions
  • allowing the same role to both withdraw and approve transactions

For more details, see Introduction to transaction policies.

Governance policies

Governance policies determine the approval rules under which an operation will be approved or rejected.

The following list includes crucial operations in Cobo Portal, and it is recommended to configure two or more Admins for their approval.

  • Invite members
  • Change members’ user roles
  • Edit governance policies
  • Authorize Cobo Portal apps
  • Change Cobo Portal apps’s permissions
  • Change Cobo Portal apps’s workflows
  • Manage transaction policies
  • Manage addresses in Address List
  • Manage API keys
  • Edit custom user roles

For more details, see Introduction to governance policies.

Admin authentication

To enhance security and reduce the risk of account compromise, it is strongly recommended that all Admins enable at least two authentication methods, with Cobo Guard as one of them.

Recommended combinations include:

  • Cobo Guard and Google Authenticator (GA)
  • Cobo Guard and security key
Install GA on a different device than Cobo Guard to prevent loss of access if one device is lost.

API key settings

Admins and Operators can register API keys on the Developer Console and assign specific user roles, permissions, and IP whitelists.

  • Use permanent API keys, set up the IP whitelist and configure the callback endpoint.
  • Assign the wallet scope properly, and avoid selecting any type wallet.

For more details, see Register API Key.

Key share holder groups

With MPC technology, private key shares are individually generated within separate secure environments, encrypted, and divided amongst multiple parties. A set of key share holders is referred to as a holder group.

  • To ensure the safety and recoverability of your assets, create at least one Signing Group and one Recovery Group in addition to the Main Group.
  • For Main and Recovery Groups, choose high-ranking executives in your organization as key share holders, preferably with Viewer roles to minimize their involvement in daily operations. For Signing Groups, key share holders can be selected from various organizational levels based on operational needs and security considerations.
  • The same private key share holder (the same TSS Node ID) should not belong to different types of key share holder groups simultaneously, such as both the Main Group and the Signing Group. If this situation occurs, please ensure that there is more than one Signing Group.

For more details, see Holder group overview.

Key share backup and recovery

After you have successfully generated a key share, you can back it up to ensure its safety and recoverability. Securely store the recovery phrase and encrypted database password for key share backup. If lost, you will need to recover the key shares using the Recovery Group, if one has been set up.

For more details, see Mobile signer backup key share instructions and Server signer backup key share instructions.