Overview

Config restrictions protect operations that change the system configuration of the vault, such as registering tokens, adding blockchain networks, or attaching cold-wallet master keys. They are one of three restriction categories alongside Transaction Restrictions and Policy Restrictions.

Unlike transaction restrictions, config restrictions carry no filters. They are all-or-nothing: if a config restriction exists, it applies to every config operation. The restriction specifies only which approver groups must sign off.

Evaluation Semantics

Config restrictions follow the same additive model as transaction restrictions:

1. Every config restriction is checked.
2. Since there are no filters, every config restriction always matches.
3. All approval requirements from all matching restrictions accumulate.
4. The operation proceeds when every accumulated requirement is satisfied.
5. If no config restriction exists, config operations are allowed without approvals.

Governed Operations

The following operations require config restriction approval when at least one config restriction is configured:

Note: Account creation is not governed by config restrictions. That is an uncategorized operation that always executes without policy approval.

Example

A single config restriction protects all asset and chain management operations:

Result:

• Registering a token requires 2 owner approvals.
• Registering a custom chain requires 2 owner approvals.
• Attaching a cold-wallet master key requires 2 owner approvals.
• Creating a new vault account requires no approval (uncategorized, not governed by config restrictions).