Skip to content

Step 2: Add a trusted party

On the Qredo network, every transaction request undergoes an approval process before it can be completed. The approver user is a regular Qredo user and is called, a trusted party. The collection of designated trusted parties forms the company's trusted network. Every company has one or more approvers that approve transactions across funds and wallets within this company.

You can always add or remove trusted parties at a later stage. Also, you can add yourself as a trusted party to your company.

Trusted parties approve transfer out transactions

Trusted parties perform custody on all transactions that move assets out of a Qredo wallet:

  • transfer - (also transfer out) a transaction between wallets that both reside on the Qredo Network: a L2 to L2 transaction.
  • withdrawal - a transaction where assets in a Qredo wallet move to a wallet outside the Qredo Network (BTC, ETH, etc.): a L2 to L1 transaction.
  • atomic swap - a transaction where you offer a certain amount of an asset in exchange for a certain amount of another asset. For example, exchange 100000000 ETH qweis for 735601 satoshis: a L2 to L2 swap transaction. Both parties that participate have one transfer in transaction and one transfer out transaction that undergoes custody with their respective approvers. This transaction type is discussed in more detail in the Atomic swaps section (not part of this walkthrough).

Trusted parties do not approve any inbound transactions (deposits, transfers in, or swaps in).

In this topic you will enlist a custody user and observe the flow you must undergo to verify the process is complete.

To complete this step, you must:

  1. Enlist (add) a trusted party using the POST /trustedparty API resource. This submits to the selected Qredo user Signing app a request to become part of your trusted network.
  2. The added trusted party must approve (authorize) their addition to your trusted network using the Qredo Signing app.
  3. Wait until the appointed user approves their addition to your trusted network. Once done, it is recommended that you verify the trusted party addition using the GET /trustedparty API resource.

Your trusted parties are not visible in the Qredo Web app

Similar to the company, the trusted parties you enlist with your company will not be visible in the Web app.

1. Enlist a trusted party

This example adds a single trusted party but you can use the same API resource to add as many as you want.

Example request: POST /trustedparty

This example submits an enrollment request to add a user with email address "approver@qredouser.com" as a trusted party to your company. With this API resource, you pass company_id as a URL parameter.

curl -X POST "https://api.qredo.network/api/v1/p/company/{company_id}/trustedparty"

Request body

Specify the trusted party user by user's email address (must be the email address used with their Qredo account).

{"address": "[email protected]"}
You can add several trusted parties at once

You can supply several entries in the JSON body, for example:

{ 
 "address": "[email protected]",
 "address": "[email protected]",
 "address": "[email protected]"
}

Example response: POST /trustedparty

A successful response returns a HTTP 200 OK confirmation. The appointed user will receive a notification on their mobile device with the Qredo Signing app installed.

Enlisted trusted parties cannot perform custody yet

In this step you only add users to your trusted network. They will not be able to approve transactions until appointed to do so, as described in the next walkthrough Step 3. Create a fund.

2. Wait for trusted party approval

Your appointed user will receive the enrollment request on their Qredo Signing app. They must approve (authorize) their addition to your trusted network in order for you to complete this step.

3. Verify trusted party addition

There is no way for you to know when exactly the appointed trusted party user will authorize their addition to the trusted network, unless it is you or someone in the same room as you. This is why it is recommended that you make sure that this process is completed.

Example request: GET /trustedparty

Retrieve a list of all trusted parties in a company. Again, you need to pass the company_id as a URL parameter.

curl -X GET "https://api.qredo.network/api/v1/p/company/{company_id}/trustedparty" 

No body parameters are sent with this request.

Example response: GET /trustedparty

A successful response returns a list with trusted network members.

{
  "company_id": "<company ID>",
  "total_count": "<total number of trusted parties>",
  "list": [
     {       
        "list": {
          "trusted_entity_id": "<user's approver ID>",
          "name": "<first and last name>",        
          "address": "<email address>",
          "type": "<user type>", 
          "created": "<Epoch timestamp when user was added as a trusted entity>" 
      }
    }
  ]
}

Obviously, your selcted trusted party must accept the enrollment request before you can expect this response to include them. The list of members includes the newly-added approver with (email) address "approver@qredouser.com".

Add approvers to a fund

Even after accepting to be part of your trusted network, trusted parties cannot perform custodial actions just yet. Before they can do so, you must create a fund with wallets and custody policies.


Last update: 2022-07-28