# Unlock outgoing transactions

Why can't I send transactions?
Wallet-as-a-Service (Palisade) uses a zero-trust security model. Every new wallet is **deposit-only** by default. The platform blocks all outgoing transactions until you explicitly configure what is allowed. This design prevents unauthorized transfers, but it also means you must complete the steps on this page before your wallet can send anything.

Three conditions must be met before a wallet can send outgoing transactions:

1. **At least one transaction policy** exists for the asset you want to send.
2. **At least one address book entry** exists for the destination (required for external addresses only — not needed for transfers between wallets in your organization).
3. **Outgoing transactions are enabled** on the wallet.


All three must be in place. If any one is missing, outgoing transactions are blocked.

## Step 1: Create a transaction policy

A transaction policy defines the rules for what outgoing transactions are permitted from a wallet. Without a policy for the asset you want to send, the platform rejects the transaction.

1. Open your wallet and go to the **Policies** tab.
2. Click **Add policy rule**.
3. Select the **asset** you want to create a policy rule for. The list shows assets currently held in the wallet.


Non-standard assets
If the asset you need isn't listed, click **switch to non-standard asset** and enter the blockchain, contract address, and symbol manually.

1. Select a **rule type**:


| Rule type | What it controls | Example |
|  --- | --- | --- |
| Per transaction | Maximum amount for any single transaction | "No single transaction can exceed 10 ETH" |
| Rolling | Maximum amount within a time window | "No more than 100 ETH per 24 hours" |
| Max total value | Lifetime cap on total withdrawals | "No more than 1,000 ETH can ever leave this wallet" |


1. Set the **value limit** for the policy rule.
2. Under **Apply this rule to**, select the allowed destinations. Choose which counterparties or addresses can receive funds under this rule:
  - **All counterparties and wallets** — Permits transactions to any registered address or internal wallet. This is the broadest option.
  - **Selected counterparties** — Permits transactions only to specific counterparties and all of their registered addresses.
  - **Selected addresses** — Permits transactions only to specific addresses from your address book.
  - **Selected wallets** — Permits transactions only to specific wallets within your organization.
3. (Optional) Add a **user** or **API credentials** restriction to control which initiator can create transactions under this rule.
4. Click **Add policy rule**.


Recommended first policy
For sandbox testing, start with a **per transaction** policy with a reasonable limit and **all counterparties and wallets** as the destination. You can create more restrictive policies later.

Policies take effect immediately
The policy engine evaluates every outgoing transaction against your active policies the moment you create them. Any transaction that exceeds the policy limits or targets an unpermitted destination is blocked.

You can create multiple policies for the same asset in a wallet. When you send a transaction, the platform finds the policy that matches the transaction details. Only one matching policy is needed for the transaction to pass.

See [Policies overview](/products/wallet/user-interface/policies/policies-overview) and [Manage policies](/products/wallet/user-interface/policies/policies-manage) for the full reference.

## Step 2: Add an address book entry

Internal transfers only?
If you only plan to transfer funds between wallets within your own organization, skip this step. The address book is required only for transactions to external addresses.

The address book stores information about external counterparties and their blockchain addresses. Wallet-as-a-Service (Palisade) requires every external destination to be registered in the address book before you can send to it.

The Address Book page has two tabs: **Counterparties** (to manage counterparties) and **Addresses** (to manage individual blockchain addresses).

1. Navigate to the **Address Book** section in the console sidebar.
2. Click **Add counterparty**.
3. Select the **counterparty type**:
  - **Individual** — A single person.
  - **Organization** — A company or other business entity.
  - **Dapp** — A decentralized application or smart contract.
4. Enter the counterparty's **name** and **description**.
5. After creating the counterparty, click **Add address** to register a blockchain address.
6. Select the **supported blockchains**, enter the **address**, and add an optional **label**.


Verify the address and blockchain
Make sure the address is correct and belongs to the right blockchain. Sending funds to an incorrect or wrong-chain address can result in permanent loss of those assets.

See [Address book overview](/products/wallet/user-interface/address-book/address-book-overview) and [Manage address book](/products/wallet/user-interface/address-book/address-book-manage) for the full reference.

## Step 3: Enable outgoing transactions

By default, outgoing transactions are disabled on new wallets even after you set up policies and addresses. You must enable them explicitly.

1. Open your wallet.
2. Click **Enable transactions**.


You can disable outgoing transactions at any time from the wallet's settings (**Settings** > **Transactions** > **Outgoing transactions**).

## Verify your setup

Before you send your first transaction, confirm that all three conditions are met:

- **Policy** — Your wallet's **Policies** tab shows at least one active policy for the asset you want to send.
- **Address book** — The **Address Book** contains an entry for your intended destination (skip this check for internal wallet-to-wallet transfers).
- **Transactions enabled** — Your wallet shows that outgoing transactions are enabled.


## Next step

Send your first transaction:

- [Send your first transaction](/products/wallet/getting-started/send-your-first-transaction)