Overview Policies provide fine-grained control over blockchain operations for both projects and individual accounts. They define rules that accept or reject specific operations based on criteria like transaction value, addresses, and more.
Policy Type type Policy = { id : string ; description ?: string ; scope : "project" | "account" ; rules : Rule []; createdAt : string ; updatedAt : string ; };
Unique identifier for the policy.
Human-readable description of the policy (max 50 characters).
scope
'project' | 'account'
required
Whether the policy applies at the project level or account level. Only one project-level policy can exist at a time.
Array of rules (max 10 rules per policy).
ISO 8601 timestamp when the policy was created.
ISO 8601 timestamp when the policy was last updated.
Rule Types Policies contain rules that specify which operations to accept or reject based on criteria.
EVM Rules Sign EVM Transaction Rule type SignEvmTransactionRule = { action : "accept" | "reject" ; operation : "signEvmTransaction" ; criteria : ( | { type : "ethValue" ; ethValue : string ; operator : ">" | ">=" | "<" | "<=" } | { type : "evmAddress" ; addresses : Address []; operator : "in" | "notIn" } | { type : "tokenValue" ; tokenAddress : Address ; tokenValue : string ; operator : ">" | ">=" | "<" | "<=" } )[]; };
Send EVM Transaction Rule type SendEvmTransactionRule = { action : "accept" | "reject" ; operation : "sendEvmTransaction" ; criteria : ( | { type : "ethValue" ; ethValue : string ; operator : ">" | ">=" | "<" | "<=" } | { type : "evmAddress" ; addresses : Address []; operator : "in" | "notIn" } )[]; };
Send User Operation Rule type SendUserOperationRule = { action : "accept" | "reject" ; operation : "sendUserOperation" ; criteria : ( | { type : "ethValue" ; ethValue : string ; operator : ">" | ">=" | "<" | "<=" } | { type : "evmAddress" ; addresses : Address []; operator : "in" | "notIn" } | { type : "tokenValue" ; tokenAddress : Address ; tokenValue : string ; operator : ">" | ">=" | "<" | "<=" } )[]; };
Sign EVM Hash/Message/TypedData Rules type SignEvmHashRule = { action : "accept" | "reject" ; operation : "signEvmHash" ; criteria : []; }; type SignEvmMessageRule = { action : "accept" | "reject" ; operation : "signEvmMessage" ; criteria : []; }; type SignEvmTypedDataRule = { action : "accept" | "reject" ; operation : "signEvmTypedData" ; criteria : []; };
Solana Rules Sign Solana Transaction Rule type SignSolTransactionRule = { action : "accept" | "reject" ; operation : "signSolTransaction" ; criteria : ( | { type : "solValue" ; solValue : string ; operator : ">" | ">=" | "<" | "<=" } | { type : "solAddress" ; addresses : string []; operator : "in" | "notIn" } | { type : "splValue" ; splValue : string ; operator : ">" | ">=" | "<" | "<=" } | { type : "mintAddress" ; addresses : string []; operator : "in" | "notIn" } )[]; };
Send Solana Transaction Rule type SendSolTransactionRule = { action : "accept" | "reject" ; operation : "sendSolTransaction" ; criteria : ( | { type : "mintAddress" ; addresses : string []; operator : "in" | "notIn" } )[]; };
Sign Solana Message Rule type SignSolMessageRule = { action : "accept" | "reject" ; operation : "signSolMessage" ; criteria : []; };
PoliciesClient Methods createPolicy Creates a new policy.
scope
'project' | 'account'
required
The policy scope.
Policy description (max 50 characters).
Array of rules (1-10 rules).
Idempotency key for request.
// EVM policy example const policy = await cdp . policies . createPolicy ({ policy: { scope: "account" , description: "Limit ETH transfers to 1 ETH" , rules: [ { action: "reject" , operation: "signEvmTransaction" , criteria: [ { type: "ethValue" , ethValue: "1000000000000000000" , // 1 ETH in wei operator: ">" , }, ], }, ], }, }); // Solana policy example const solanaPolicy = await cdp . policies . createPolicy ({ policy: { scope: "account" , description: "Restrict SOL transfers" , rules: [ { action: "reject" , operation: "signSolTransaction" , criteria: [ { type: "solValue" , solValue: "1000000000" , // 1 SOL in lamports operator: ">" , }, ], }, ], }, });
listPolicies Lists all policies in the project.
Number of policies per page.
// List all policies const { policies } = await cdp . policies . listPolicies (); // Filter by scope const { policies : accountPolicies } = await cdp . policies . listPolicies ({ scope: "account" , });
getPolicyById Retrieves a specific policy by ID.
const policy = await cdp . policies . getPolicyById ({ id: "73bcaeeb-d7af-4615-b064-42b5fe83a31e" , }); console . log ( policy . description ); console . log ( policy . rules );
updatePolicy Updates an existing policy.
const updatedPolicy = await cdp . policies . updatePolicy ({ id: "73bcaeeb-d7af-4615-b064-42b5fe83a31e" , policy: { description: "Updated limits" , rules: [ { action: "reject" , operation: "signEvmTransaction" , criteria: [ { type: "ethValue" , ethValue: "500000000000000000" , // 0.5 ETH operator: ">" , }, ], }, ], }, });
deletePolicy Deletes a policy by ID.
await cdp . policies . deletePolicy ({ id: "73bcaeeb-d7af-4615-b064-42b5fe83a31e" , });
Applying Policies to Accounts EVM Account // Create account with policy const account = await cdp . evm . createAccount ({ accountPolicy: policy . id , }); // Update existing account const updatedAccount = await cdp . evm . updateAccount ({ address: account . address , update: { accountPolicy: policy . id , }, });
Solana Account // Create account with policy const account = await cdp . solana . createAccount ({ accountPolicy: policy . id , }); // Update existing account const updatedAccount = await cdp . solana . updateAccount ({ address: account . address , update: { accountPolicy: policy . id , }, });
Policy Examples Restrict High-Value Transactions const policy = await cdp . policies . createPolicy ({ policy: { scope: "account" , description: "Block transactions over 10 ETH" , rules: [ { action: "reject" , operation: "signEvmTransaction" , criteria: [ { type: "ethValue" , ethValue: "10000000000000000000" , operator: ">" , }, ], }, ], }, });
Whitelist Addresses const policy = await cdp . policies . createPolicy ({ policy: { scope: "account" , description: "Only allow specific addresses" , rules: [ { action: "accept" , operation: "signEvmTransaction" , criteria: [ { type: "evmAddress" , addresses: [ "0x4252e0c9A3da5A2700e7d91cb50aEf522D0C6Fe8" , "0x1234567890123456789012345678901234567890" , ], operator: "in" , }, ], }, { action: "reject" , operation: "signEvmTransaction" , criteria: [], }, ], }, });
Token Transfer Limits const policy = await cdp . policies . createPolicy ({ policy: { scope: "account" , description: "Limit USDC transfers" , rules: [ { action: "reject" , operation: "signEvmTransaction" , criteria: [ { type: "tokenValue" , tokenAddress: "0xA0b86991c6218b36c1d19D4a2e9Eb0cE3606eB48" , tokenValue: "1000000000" , // 1000 USDC operator: ">" , }, ], }, ], }, });
Solana Token Restrictions const policy = await cdp . policies . createPolicy ({ policy: { scope: "account" , description: "Restrict specific SPL tokens" , rules: [ { action: "reject" , operation: "signSolTransaction" , criteria: [ { type: "mintAddress" , addresses: [ "EPjFWdd5AufqSSqeM2qN1xzybapC8G4wEGGkZwyTDt1v" , // USDC ], operator: "notIn" , }, ], }, ], }, });
Validation Policies are validated using Zod schemas:
import { CreatePolicyBodySchema , UpdatePolicyBodySchema } from "@coinbase/cdp-sdk" ; // Validate before creating try { CreatePolicyBodySchema . parse ( policyData ); } catch ( error ) { console . error ( "Invalid policy:" , error ); }
