Please ensure the following security suggestions are followed during the configuration process to maximize the safety and integrity of your organization’s operations.
Cobo Portal offers a variety of risk control mechanisms designed to address the challenges in storing, managing, and transferring digital assets.
User roles consist of predefined sets of rules that enable you to assign specific permissions to designated members within your organization.
For more details, see User roles and permissions.
You can effortlessly create and edit both on-chain and off-chain transaction policies, and automate how each transaction will be handled by setting up an approval action.
It is recommended to strictly configure transaction policies, especially for large withdrawal scenarios. Particular attention should be given to token transfer policies in off-chain transaction policies to avoid high-risk situations, such as:
For more details, see Introduction to transaction policies.
Governance policies determine the approval rules under which an operation will be approved or rejected.
The following list includes crucial operations in Cobo Portal, and it is recommended to configure two or more Admins for their approval.
For more details, see Introduction to governance policies.
To enhance security and reduce the risk of account compromise, it is strongly recommended that all Admins enable at least two authentication methods, with Cobo Guard as one of them.
Recommended combinations include:
Admins and Operators can register API keys on the Developer Console and assign specific user roles, permissions, and IP whitelists.
For more details, see Register API Key.
With MPC technology, private key shares are individually generated within separate secure environments, encrypted, and divided amongst multiple parties. A set of key share holders is referred to as a holder group.
For more details, see Holder group overview.
After you have successfully generated a key share, you can back it up to ensure its safety and recoverability. Securely store the recovery phrase and encrypted database password for key share backup. If lost, you will need to recover the key shares using the Recovery Group, if one has been set up.
For more details, see Mobile signer backup key share instructions and Server signer backup key share instructions.
Please ensure the following security suggestions are followed during the configuration process to maximize the safety and integrity of your organization’s operations.
Cobo Portal offers a variety of risk control mechanisms designed to address the challenges in storing, managing, and transferring digital assets.
User roles consist of predefined sets of rules that enable you to assign specific permissions to designated members within your organization.
For more details, see User roles and permissions.
You can effortlessly create and edit both on-chain and off-chain transaction policies, and automate how each transaction will be handled by setting up an approval action.
It is recommended to strictly configure transaction policies, especially for large withdrawal scenarios. Particular attention should be given to token transfer policies in off-chain transaction policies to avoid high-risk situations, such as:
For more details, see Introduction to transaction policies.
Governance policies determine the approval rules under which an operation will be approved or rejected.
The following list includes crucial operations in Cobo Portal, and it is recommended to configure two or more Admins for their approval.
For more details, see Introduction to governance policies.
To enhance security and reduce the risk of account compromise, it is strongly recommended that all Admins enable at least two authentication methods, with Cobo Guard as one of them.
Recommended combinations include:
Admins and Operators can register API keys on the Developer Console and assign specific user roles, permissions, and IP whitelists.
For more details, see Register API Key.
With MPC technology, private key shares are individually generated within separate secure environments, encrypted, and divided amongst multiple parties. A set of key share holders is referred to as a holder group.
For more details, see Holder group overview.
After you have successfully generated a key share, you can back it up to ensure its safety and recoverability. Securely store the recovery phrase and encrypted database password for key share backup. If lost, you will need to recover the key shares using the Recovery Group, if one has been set up.
For more details, see Mobile signer backup key share instructions and Server signer backup key share instructions.