Configurable policies, multi-level approval workflows, immutable audit logs, and military-grade encryption. Security is not a feature — it is the foundation.
Multiple layers of security work together to protect your assets, enforce compliance, and provide complete auditability.
5 configurable policy types to enforce compliance rules across your organization. Define conditions with flexible operators and apply policies to specific wallets, chains, or globally.
Transaction approval workflows with full status tracking. Threshold-based multi-sig via Safe protocol ensures no single point of failure for high-value operations.
Immutable, timestamped logs for every action across the platform. Track who did what, when, and from where. Fire-and-forget architecture ensures zero latency impact on operations.
All private keys and master seeds are encrypted with AES-256-GCM. Each encrypted record stores a separate IV and authentication tag. The master key is never stored in the database.
Four organization roles give you fine-grained control over what each team member can do. Plus a superadmin role for platform-level administration and cross-organization oversight.
Roles are enforced at the API level. Every request is authenticated, authorized, and logged. There are no shortcuts — even internal tools go through the same permission checks.
Platform-level access
Orthogonal to organization roles. The isSuperadmin flag grants cross-organization visibility and platform administration capabilities.
For self-custody wallets, private keys never touch the server. Signing requests are pushed to hardware wallets or the Ferros Signer mobile app, and signatures are submitted back via API.
Platform creates the transaction with status PENDING
Request created and push notification sent to signer device
Signer reviews TX details on mobile or hardware wallet
User authenticates and signs with Secure Enclave / Keystore
Signed payload submitted to /signing-requests/:id/signature
Threshold met. Transaction executed and confirmed
Define compliance rules programmatically. Create policies with flexible rules using operators like gt, lt, eq, in, and not_in. Apply them globally or scope to specific wallets and chains.
This example creates a spending limit policy that blocks any single transaction above 10 ETH. Policies are evaluated automatically on every transaction before execution.
curl https://api.ferros.xyz/v1/policies \ -H "X-API-Key: cv_live_..." \ -H "Content-Type: application/json" \ -d '{ "name": "Max Transaction Limit", "type": "SPENDING_LIMIT", "enabled": true, "rules": [ { "field": "amount", "operator": "gt", "value": "10", "action": "BLOCK", "message": "Transaction exceeds 10 ETH limit" } ] }'
Security is built into every Ferros product. Explore how policies and encryption protect your entire infrastructure.
Multi-chain portfolio monitoring with policy enforcement and real-time balance tracking across all wallets.
Learn moreCustodial and self-custody wallets with encrypted key storage, HD derivation, and multi-sig support.
Learn moreRESTful APIs with dual authentication, HMAC-signed webhooks, and SHA-256 hashed API key storage.
Learn moreEnterprise-grade security with zero compromise on developer experience. Start free with full policy and encryption features included.
