Zero Hash offers various User Roles and functional controls that allow customers to configure safeguards as well as establish separation of duties.
1. User Roles
Users may have any combination of the following user roles.
Admins manage user privileges, fund transfers, fund withdrawals, and API keys for a participant.
1.2 Authorized Signers
Authorized Signers are a special type of Admin that can sign on behalf of the participant. This user role is used in onboarding and the signing of any legal documentation.
Feel free to manually assign this privilege to users in the Certification environment, but please note that adding or removing Authorized Signers in production must be done by support (please contact support at firstname.lastname@example.org).
1.2.1 Control Person
A Control Person is defined as a single individual with significant responsibility to control, manage, or direct a legal entity customer, including an executive officer or senior manager (e.g., a Chief Executive Officer, Chief Financial Officer, Chief Operating Officer, Managing Member, General Partner, President, Vice President, or Treasurer); or any other individual who regularly performs similar functions. Only one Control Person needs to be identified.
1.3 Trade Submitter
Enables a user to submit trades & loans for settlement on Zero Hash.
User Role Summary Table
|Action||Authorized Signer||Admin||Trade Submitter|
|Setup / Remove Users||Yes||Yes||No|
|Submit Trades & Loans||No||No||Yes|
|Create API Keys||Yes*||Yes*||No|
|Allowlist Withdrawal Address||Yes*||Yes*||No|
|Retrieve Deposit Addresses||Yes||Yes||Yes|
*See below for setting up multiple approver requirements.
Please note that the default setting is that a single Admin may create a withdrawal account and submit a withdrawal request, i.e. 0 approvals are required from other Admin.
Reach out to email@example.com to establish the requirement for multiple approvers for the following actions:
- Create API Keys
- Allowlist Withdrawal Addresses
- Submit Withdrawals
2. Best Practices
All withdrawals must be made to allowlisted addresses. You must first add a withdrawal address and have it approved by another Admin (if you account requires multiple Admin Approvers) before you may request a withdrawal to it. Please refer to our FAQ for more info withdrawal addresses: How are withdrawal accounts set up?
Note: You acknowledge that Zero Hash LLC and its affiliates are not liable for withdrawals made to incorrectly entered wallet addresses. Be sure to double check that you have entered the correct wallet address for the type of digital asset being withdrawn. On-chain transactions may be irreversible.
2.4 API KEY APPROVALS
- When generating API keys on the portal, you now have the ability to set a required number of approvals amount.
- By default, each participants' has been set to zero. If you would like this changed, please get in touch with a Zero Hash representative so that they can make the configuration change.
- Until an API Key is officially approved, no calls can be made by that newly created key.
- You can view the API Key status via the "status" column:
- You can also view the audit history via the "details" button, including who on your team has already created or approved a key:
2.4.1 API KEY EXPIRATIONS
- When creating new keys (after clicking "Add API Key"), you can set an expiration date. After the expiry, the key will no longer be functional.
- If you would not like the key to expire, simply leave the field blank.
- This mechanism can help force your organization to implement frequent key change-outs.