Wallet-as-a-Service (Palisade) uses a zero-trust security model. Every new wallet is deposit-only by default. The platform blocks all outgoing transactions until you explicitly configure what is allowed. This design prevents unauthorized transfers, but it also means you must complete the steps on this page before your wallet can send anything.
Three conditions must be met before a wallet can send outgoing transactions:
- At least one transaction policy exists for the asset you want to send.
- At least one address book entry exists for the destination (required for external addresses only — not needed for transfers between wallets in your organization).
- Outgoing transactions are enabled on the wallet.
All three must be in place. If any one is missing, outgoing transactions are blocked.
A transaction policy defines the rules for what outgoing transactions are permitted from a wallet. Without a policy for the asset you want to send, the platform rejects the transaction.
- Open your wallet and go to the Policies tab.
- Click Add policy rule.
- Select the asset you want to create a policy rule for. The list shows assets currently held in the wallet.
If the asset you need isn't listed, click switch to non-standard asset and enter the blockchain, contract address, and symbol manually.
- Select a rule type:
| Rule type | What it controls | Example |
|---|---|---|
| Per transaction | Maximum amount for any single transaction | "No single transaction can exceed 10 ETH" |
| Rolling | Maximum amount within a time window | "No more than 100 ETH per 24 hours" |
| Max total value | Lifetime cap on total withdrawals | "No more than 1,000 ETH can ever leave this wallet" |
- Set the value limit for the policy rule.
- Under Apply this rule to, select the allowed destinations. Choose which counterparties or addresses can receive funds under this rule:
- All counterparties and wallets — Permits transactions to any registered address or internal wallet. This is the broadest option.
- Selected counterparties — Permits transactions only to specific counterparties and all of their registered addresses.
- Selected addresses — Permits transactions only to specific addresses from your address book.
- Selected wallets — Permits transactions only to specific wallets within your organization.
- (Optional) Add a user or API credentials restriction to control which initiator can create transactions under this rule.
- Click Add policy rule.
For sandbox testing, start with a per transaction policy with a reasonable limit and all counterparties and wallets as the destination. You can create more restrictive policies later.
The policy engine evaluates every outgoing transaction against your active policies the moment you create them. Any transaction that exceeds the policy limits or targets an unpermitted destination is blocked.
You can create multiple policies for the same asset in a wallet. When you send a transaction, the platform finds the policy that matches the transaction details. Only one matching policy is needed for the transaction to pass.
See Policies overview and Manage policies for the full reference.
If you only plan to transfer funds between wallets within your own organization, skip this step. The address book is required only for transactions to external addresses.
The address book stores information about external counterparties and their blockchain addresses. Wallet-as-a-Service (Palisade) requires every external destination to be registered in the address book before you can send to it.
The Address Book page has two tabs: Counterparties (to manage counterparties) and Addresses (to manage individual blockchain addresses).
- Navigate to the Address Book section in the console sidebar.
- Click Add counterparty.
- Select the counterparty type:
- Individual — A single person.
- Organization — A company or other business entity.
- Dapp — A decentralized application or smart contract.
- Enter the counterparty's name and description.
- After creating the counterparty, click Add address to register a blockchain address.
- Select the supported blockchains, enter the address, and add an optional label.
Make sure the address is correct and belongs to the right blockchain. Sending funds to an incorrect or wrong-chain address can result in permanent loss of those assets.
See Address book overview and Manage address book for the full reference.
By default, outgoing transactions are disabled on new wallets even after you set up policies and addresses. You must enable them explicitly.
- Open your wallet.
- Click Enable transactions.
You can disable outgoing transactions at any time from the wallet's settings (Settings > Transactions > Outgoing transactions).
Before you send your first transaction, confirm that all three conditions are met:
- Policy — Your wallet's Policies tab shows at least one active policy for the asset you want to send.
- Address book — The Address Book contains an entry for your intended destination (skip this check for internal wallet-to-wallet transfers).
- Transactions enabled — Your wallet shows that outgoing transactions are enabled.
Send your first transaction: