Skip to content

Step 2: Add a trusted party

On the Qredo network, every transaction request undergoes custody before it can be completed. The approver user who is entitled to approve or rejects transactions is called, a trusted party. The collection of designated trusted parties forms the company's trusted network. So every company has one or more approvers that approve transactions across funds and wallets within this company.

You can always add or remove trusted parties at a later stage.

Trusted parties approve transfer out transactions

Trusted parties perform custody on all transactions that move assets out of a Qredo wallet:

  • transfer - (also transfer out) a transaction between wallets that both reside on the Qredo Network: a L2 to L2 transaction.
  • withdrawal - a transaction where assets in a Qredo wallet move to a wallet outside the Qredo Network (BTC, ETH, etc.): a L2 to L1 transaction.
  • atomic swap - a transaction where you offer a certain amount of an asset in exchange for a (transfer in) certain amount of another asset. (e.g. exchange 100000000 ETH qweis for 735601 satoshis: a L2 to L2 swap transaction). Both parties that participate have a transfer out transaction that undergoes custody with their approvers. This transaction type is discussed in more detail in the Atomic swaps section (not part of this walkthrough).

Trusted parties do not approve any inbound transactions (deposits, transfers in, or swaps in).

In this topic you will create a custody user and observe the flow you must undergo to verify the process is complete.

To complete this step, you must:

  1. Enlist (add) a trusted party using the POST /trustedparty API resource: this submits to the selected Qredo user Signing app a request to become part of your trusted network.
  2. The added trusted party must approve (authorize) their addition to your trusted network using the Qredo Signing app.
  3. Wait until the appointed user approves their addition to your trusted network. Once done, it is recommended that you verify the trusted party addition using the GET /trustedparty API resource.

Your trusted parties are not visible in Web app

Similar to the company, the trusted parties you enlist with your company will not be visible in the Web app.

1. Enlist a trusted party

This example adds a single trusted party but you can use the same API resource to add as many as you want.

Example request: POST /trustedparty

This example submits an enrollment request to add a user with email address "approver@qredouser.com" as a trusted party to your company. With this API resource, you pass company_id as a URL parameter.

curl -X POST "https://api.qredo.network/api/v1/p/company/{company_id}/trustedparty"

Request body

Specify the trusted party user by user's email address (must be the email address used with their Qredo account).

{"address": "[email protected]"}
You can add several trusted parties at once

You can supply several entries in the JSON body, for example:

{ 
 "address": "[email protected]",
 "address": "[email protected]",
 "address": "[email protected]"
}

Example response: POST /trustedparty

A successful response returns a HTTP 200 OK confirmation. The appointed user will receive a notification on their mobile device with the Qredo signing app installed. No JSON payload is passed with the response.

Enlisted trusted parties cannot perform custody yet

In this step you only add users to your trusted network. They will not be able to approve transactions until appointed to do so, as descrbed in the next walkthrough Step 3. Create a fund.

2. Wait for trusted party approval

Your appointed user will receive the enrollment request on the Qredo Signing app. They must approve (authorize) their addition to your trusted network in order for you to complete this step.

3. Verify trusted party addition

There is no way for you to know when exactly the appointed trusted party user will authorize their addition to the trusted network, unless you have control over that user. However, this is more like a test case, rather than real-world scenario. This is why it is recommended that you make sure that this process is completed.

Example request: GET /trustedparty

Retrieve a list of all trusted parties in a company so again, you need to pass the company_id as a URL parameter.

curl -X GET "https://api.qredo.network/api/v1/p/company/{company_id}/trustedparty" 

No body parameters are sent with this request.

Example response: GET /trustedparty

A successful response returns a list with trusted network members.

{
  "company_id": "<company ID>",
  "total_count": "<total number of trusted parties>",
  "list": [
     {       
        "list": {
          "trusted_entity_id": "<user's approver ID>",
          "name": "<first and last name>",        
          "address": "<email address>",
          "type": "<user type>", 
          "created": "<Epoch timestamp when user was added as a trusted entity>" 
      }
    }
  ]
}

Obviously, your trusted party must have accepted the enrollment request for this response to include. In this case the list of members will include the newly-added approver with (email) address "approver@qredouser.com".

Add approvers to a fund

Even after accepting to be part of your trusted network, trusted parties cannot perform custodial actions just yet. Before they can do so, you must create a fund with wallets and custody policies.


Last update: 2022-05-03