How Policies Modify Transactions

Understand how the Tholos Policy Engine dynamically adjusts transaction approval thresholds.

The Tholos Policy Engine dynamically adjusts transaction approval thresholds based on pre-configured policies. This document provides an overview of how the Policy Engine functions, including default thresholds, policy application, cooldown periods, and its representation in the transaction flow.

Overview

Tholos’ Policy Engine allows organizations to establish flexible conditions that impact the number of approvals required for a transaction to proceed. These conditions are defined in policies that the engine evaluates each time a transaction is initiated.

Key Features

  1. Default Thresholds: Each vault has a default approval threshold that applies to all transactions unless modified by a policy.
  2. Dynamic Threshold Adjustment: Policies can modify the required approval threshold based on specific conditions.
  3. Multiple Policy Evaluation: If multiple policies apply to a transaction, the lowest approval requirement among applicable policies is used.
  4. Cooldown Periods: After a policy is triggered, it enters a cooldown period during which it will not apply to subsequent transactions.

How Policies Work

Default Thresholds

Every vault in Tholos is configured with a default approval threshold. This threshold represents the baseline number of approvals required for transactions from the vault.

  • When no policies apply: The vault’s default threshold governs the transaction.
  • When policies apply: The default threshold is overridden by the policy with the lowest applicable threshold.

Policy Application

When a transaction is initiated, the Policy Engine evaluates all configured policies to determine which ones apply. Conditions include:

  • Transaction amount
  • Recipient information (e.g., whether the recipient is a saved Contact)

If a policy’s conditions are met, its defined threshold will apply to the transaction unless another applicable policy has a lower threshold requirement.

Cooldown Period

After a policy has been applied to a transaction, it enters a cooldown period. During this time:

  • The policy remains inactive and does not influence the approval threshold for subsequent transactions.
  • The vault’s default threshold or other applicable policies will determine the required approvals.

Best Practices

  • Default Threshold Setup: Set a vault’s default threshold to align with your organization’s baseline security requirements.
  • Policy Prioritization: Define policies with varying thresholds to accommodate different levels of transaction scrutiny.
  • Monitor Cooldowns: Regularly review cooldown periods and their impact on transaction flows.

FAQs

What happens if no policies apply?

If no policies apply, the transaction will default to the vault’s default threshold.

Can multiple policies apply simultaneously?

Yes. However, the Policy Engine will always enforce the lowest approval threshold among the applicable policies.

How do I configure or edit policies?

Policies can be managed via the Governance section of the Tholos web app. From there, you can create, disable, or enable policies as needed.

Can cooldown periods be customized?

Yes. Cooldown periods are configurable when setting up a policy. Adjust the cooldown duration to fit your organization’s needs.