Skip to main content
Multi-Layer Security Wallet has a shared set of platform concepts and API/SDK resources. Every action in the web application can be performed via the API and SDK.

Platform concepts

These concepts describe how assets and governance are organized in the platform:
  • Organizations are the entities that own accounts and define governance.
  • Members are people and API members (programmatic identities) in an organization.
  • Groups are collections of members (for example, a Finance team).
  • Accounts hold funds and execute on-chain transactions.
  • Policies describe which transactions are allowed and who can approve them.
  • Admins are privileged members that can change organization configuration.
  • Transactions move value or interact with smart contracts from an account.

API and SDK building blocks

The API and SDK expose the platform concepts as resources and operations:
  • Resources represent organizations, members, groups, accounts, policies, and transactions.
  • Operations are proposed changes that require signatures before execution.
  • Signatures are collected to approve or reject an operation.
  • Execution applies the proposed change on-chain or within the organization.

Signing keys

A signing key is the cryptographic key that authorizes an API member to sign operations on behalf of your organization. You control how your API member signing keys are generated, stored, and used. Key generation, storage, and signing should align with your use case, security requirements, and the policy permissions granted to the API member associated with the signing key. Common signing setups include:
  • Cloud Key Management Services (e.g. AWS KMS, Azure Key Vault, Google Cloud KMS, etc)
  • Dedicated Hardware Security Modules (HSMs)
  • Cold storage or air-gapped on-premise devices
  • Secrets manager environment variables
Contact the Den team for implementation advice tailored to your environment.

Operation types

The platform exposes two types of operations. Account transactions handle on-chain activity from a specific account, while organization operations handle governance changes. Each type uses different signer roles and approval rules.
TypeDescriptionGoverned By
Account TransactionsValue movement and contract interactions for a specific accountPolicy rules
Organization OperationsGovernance changes like members, groups, policies, and adminsAdmin threshold

Account transactions

Account transactions are on-chain actions initiated from an account and governed by a policy. Examples include token transfers, smart contract configuration, and DeFi interactions. The lifecycle is:
  1. Propose the transaction with a policy.
  2. Collect signatures (approve or reject).
  3. Execute once the policy threshold is met.
Key rules:
  • A policy must be selected at transaction creation.
  • An initiator signature is required to authorize the transaction.
  • The initiator signature is distinct from approval or rejection signatures. It must come before other signatures and does not express a decision.

Organization operations

Organization operations are governance changes such as modifying members, groups, policies, or admins. The lifecycle is:
  1. Propose the change.
  2. Collect signatures (approve or reject).
  3. Execute once the admin threshold is met.
Key rules:
  • Only admins can propose, sign, and execute.
  • Unlike account transactions, no initiator signature exists.

Blockchain transaction fees

Blockchain transaction fees are the network costs required to execute transactions on-chain. These fees are sometimes called gas. Den covers these fees. Each plan includes a default fee allowance, and any usage beyond that allowance is billed as overages.