Skip to main content

Overview

Conduit Treasury uses role-based access control (RBAC) to ensure that team members have the appropriate level of access to perform their duties while maintaining security.

Permission System

How It Works

Every action in Conduit Treasury requires a specific permission. When a user attempts an action:
  1. System checks user’s role in the organization
  2. System verifies if that role has the required permission
  3. Action is allowed or denied based on permission check
// Example: User tries to create an account
// System checks: Does user have "account.create" permission?
// If yes → Action proceeds
// If no → 403 Forbidden error

Roles

Owner

Owner

Full ControlThe organization creator or appointed owner has complete access to all features and can perform any action.Typical User: CEO, CFO, Founder
Permissions:
  • ✅ All account operations
  • ✅ All transaction operations
  • ✅ All workflow and trigger management
  • ✅ View and manage all allocations
  • ✅ Manage team members and roles
  • ✅ Organization settings
  • ✅ Billing and subscription

Admin

Admin

Management AccessAdmins can manage treasury operations but cannot modify team structure or billing.Typical User: Treasury Manager, Finance Director
Permissions:
  • ✅ View, create, delete accounts
  • ✅ Create and approve transactions
  • ✅ Execute transactions
  • ✅ Create, update, delete workflows
  • ✅ Create, update, delete triggers
  • ✅ View and manage allocations
  • ❌ Manage team members
  • ❌ Organization settings
  • ❌ Billing

Member

Member

Read-Only AccessMembers can view treasury data but cannot make changes.Typical User: Accountant, Auditor, Board Member
Permissions:
  • ✅ View accounts and balances
  • ✅ View transactions
  • ✅ View workflows and triggers
  • ✅ View allocations
  • ❌ Create, modify, or delete anything
  • ❌ Execute transactions
  • ❌ Approve transactions

Detailed Permission Matrix

PermissionOwnerAdminMemberDescription
Accounts
account.viewView account details and balances
account.createAdd new accounts to organization
account.deleteRemove accounts from organization
Transactions
transaction.viewView transaction history
transaction.createCreate new transactions
transaction.approveApprove pending transactions
transaction.executeExecute approved transactions on-chain
Workflows
workflow.viewView workflows
workflow.createCreate new workflows
workflow.updateModify existing workflows
workflow.deleteDelete workflows
Triggers
trigger.viewView triggers
trigger.createCreate new triggers
trigger.updateModify existing triggers
trigger.deleteDelete triggers
Allocations
allocation.viewView DeFi strategy allocations
allocation.createCreate new allocations
allocation.updateUpdate allocation values
allocation.deleteDelete allocations
Team
team.viewView team members
team.inviteInvite new team members
team.removeRemove team members
team.roleChange member roles

API Permission Handling

Authentication Required

All API endpoints require a valid session: 
// ❌ Without credentials
fetch('/api/accounts'); // Returns 401 Unauthorized

// ✅ With credentials
fetch('/api/accounts', {
  credentials: 'include'
}); // Returns data if user has permission

Permission Errors

When a user lacks permission: 
{
  "error": "Permission denied: You do not have permission to create accounts"
}
HTTP Status Codes:
  • 401 Unauthorized - No valid session
  • 403 Forbidden - Valid session but insufficient permissions

Checking Permissions

Permissions are checked server-side on every request. There’s no need to check permissions client-side beyond hiding UI elements for better UX. 
// Server-side (automatic)
export const POST = withOrganization(async ({ session, orgId }) => {
  // This function checks permission automatically
  await requirePermission(
    session.user.id,
    orgId,
    "account.create",
    "create accounts"
  );
  
  // If user lacks permission, 403 error is thrown
  // If user has permission, execution continues
});

Security Best Practices

1. Principle of Least Privilege

Give users only the permissions they need:
1

Assess Needs

Determine what each team member actually needs to do
2

Assign Minimum Role

Start with Member role, upgrade only if necessary
3

Regular Review

Audit permissions quarterly and remove unnecessary access
Example:
  • Accountant reviewing records → Member role
  • Treasury manager executing trades → Admin role
  • CFO overseeing everything → Owner role

2. Use Teams for Organization

Organize accounts and users by department: 
Organization: Acme Corp
├── Team: Treasury (Owner: CFO)
│   ├── Member: Treasury Manager (Admin)
│   ├── Member: Senior Trader (Admin)
│   └── Account: Main Treasury (Safe 3/5)
├── Team: Operations (Owner: COO)
│   ├── Member: Ops Manager (Admin)
│   └── Account: Operational Wallet (EOA)
└── Team: Finance (Owner: CFO)
    ├── Member: Controller (Admin)
    ├── Member: Accountant (Member)
    └── Account: Payroll Wallet (Safe 2/3)

3. Transaction Approval Workflow

Implement maker-checker controls: 
// Maker: Junior staff creates transaction
const tx = await createTransaction({
  accountId: 'treasury',
  type: 'transfer',
  amount: '50000',
  description: 'Vendor payment'
});

// Checker: Senior staff approves
await approveTransaction(tx.id);

// Executor: Another senior staff executes
await executeTransaction(tx.id, txHash);

4. Audit Trail

All actions are logged with:
  • Who performed the action
  • What action was performed
  • When it occurred
  • What resources were affected
// Example audit log entry
{
  "timestamp": "2026-01-15T10:30:00Z",
  "userId": "user_123",
  "userName": "Alice Smith",
  "action": "transaction.create",
  "resourceType": "transaction",
  "resourceId": "tx_789",
  "organizationId": "org_456",
  "details": {
    "amount": "50000",
    "token": "usdc",
    "type": "transfer"
  }
}

5. Regular Security Reviews

  • Review all team members
  • Verify roles are still appropriate
  • Remove departed team members
  • Check for unused accounts
  • Review all workflows and triggers
  • Audit transaction history
  • Check for anomalous activity
  • Update security policies
  • Full team access review
  • Wallet security assessment
  • Strategy risk evaluation
  • Disaster recovery testing

Managing Team Members

Inviting Users

// Only Owners can invite users
await fetch('/api/team/invite', {
  method: 'POST',
  headers: { 'Content-Type': 'application/json' },
  credentials: 'include',
  body: JSON.stringify({
    email: '[email protected]',
    role: 'member',  // or 'admin'
    teamId: 'team_123' // optional
  })
});

Changing Roles

// Only Owners can change roles
await fetch(`/api/team/members/${userId}`, {
  method: 'PATCH',
  headers: { 'Content-Type': 'application/json' },
  credentials: 'include',
  body: JSON.stringify({
    role: 'admin'  // Promote to admin
  })
});

Removing Users

// Only Owners can remove users
await fetch(`/api/team/members/${userId}`, {
  method: 'DELETE',
  credentials: 'include'
});

Common Permission Scenarios

Scenario 1: New Hire

Junior Treasury Analyst joins the team:
  1. Owner invites with Member role
  2. User can view all data but not make changes
  3. After 3 months of training, promote to Admin
  4. User can now manage workflows and transactions

Scenario 2: External Auditor

Accounting firm needs to review records:
  1. Create temporary Member account
  2. Auditor can view all transactions and balances
  3. Auditor cannot make any changes
  4. Remove access after audit completes

Scenario 3: Emergency Response

Treasury Manager is unavailable, urgent transfer needed:
  1. Owner or another Admin can approve/execute
  2. Multiple Admins provide redundancy
  3. All actions are logged in audit trail
  4. Review incident afterwards

Scenario 4: Intern Access

Finance intern needs limited access:
  1. Create Member account
  2. Optionally restrict to specific team
  3. Intern can generate reports but not transact
  4. Remove access at end of internship

Security Incidents

If an Account is Compromised

1

Immediate Action

  1. Pause all workflows
  2. Lock affected accounts
  3. Change authentication credentials
2

Assessment

  1. Review audit logs
  2. Identify unauthorized actions
  3. Determine scope of breach
3

Remediation

  1. Revoke compromised user access
  2. Review and approve pending transactions
  3. Move funds to secure accounts if necessary
4

Post-Incident

  1. Document what happened
  2. Update security procedures
  3. Notify relevant parties
  4. Implement additional controls

Suspicious Activity Alerts

Watch for:
  • Unusual transaction amounts
  • Transactions to unknown addresses
  • Rapid succession of operations
  • Access from unusual locations
  • Permission elevation requests
  • Bulk data exports

Best Practices Summary

Security Checklist

✅ Use principle of least privilege✅ Regular access reviews (monthly)✅ Enable multi-sig for large transactions✅ Implement maker-checker workflows✅ Monitor audit logs regularly✅ Use teams to organize access✅ Remove access for departed team members immediately✅ Test incident response procedures✅ Document security policies✅ Train team on security practices

Next Steps

Core Concepts

Understand organization structure

Workflows & Automation

Learn about automated workflows

API Reference

Explore API documentation

Quickstart

Get started guide