User Roles in Hex Safe¶
Hex Safe Enterprises are managed by several distinct user roles, each with specific responsibilities and permissions.
Overview of User Roles¶
There are seven primary user roles:
- Admin
- Admin Approver
- Initiator
- Approver
- Auditor
- Trader (API Only)
- Trade Viewer
General Roles Permissions¶
| Action/Role | Admin | Admin Approver | Initiator | Approver | Auditor |
|---|---|---|---|---|---|
| Create/Edit Vaults | ✓ | ✗ | ✗ | ✗ | ✗ |
| Initiate transactions | ✗ | ✗ | ✓ | ✗ | ✗ |
| Approve transactions | ✗ | ✗ | ✗ | ✓ | ✗ |
| Manage Counterparty Book | ✓ | ✗ | ✓ | ✗ | ✗ |
| Approve Counterparty Book changes | ✗ | ✓ | ✗ | ✗ | ✗ |
| View Counterparty Book | ✓ | ✓ | ✓ | ✓ | ✓ |
| Manage Counterparty Book Whitelisting | ✓ | ✗ | ✓ | ✗ | ✗ |
| Approve Counterparty Book Whitelisting | ✗ | ✓ | ✗ | ✗ | ✗ |
| View Counterparty Book Whitelisting | ✓ | ✓ | ✓ | ✓ | ✓ |
| View Enterprise user information | ✓ | ✓ | ✗ | ✗ | ✗ |
| Add & Remove Users | ✓ | ✓ | ✗ | ✗ | ✗ |
| Changing the Admin Quorum | ✓ | ✓ | ✗ | ✗ | ✗ |
| Create, update transaction policies | ✓ | ✓ | ✗ | ✗ | ✗ |
| Reset users' 2FA authentication | ✓ | ✓ | ✗ | ✗ | ✗ |
| Enable and update Gas Station | ✓ | ✗ | ✗ | ✗ | ✗ |
Admin can perform actions; Admin Approvers must approve.
E-Trading Roles Permissions¶
| Action/Role | Trader (API Only) | Trade Viewer | Initiator | Approver |
|---|---|---|---|---|
| Initiate withdrawals from Trading Vault | ✗ | ✗ | ✓ | ✗ |
| Approve withdrawals from Trading Vault | ✗ | ✗ | ✗ | ✓ |
| View settlement history | ✓ | ✓ | ✓ | ✓ |
| Execute trades | ✓ | ✗ | ✗ | ✗ |
| View order history | ✓ | ✓ | ✗ | ✗ |
E-Trading roles are available only to pre-approved Enterprises under specific jurisdictions. Contact clients@hextrust.com for trading.
Role Descriptions¶
Admin¶
Administrators manage user roles, vaults, address books, and whitelisting. They can create and edit vaults, manage address whitelisting, and view/manage the address book.
Admin Approver¶
Admin approvers serve as part of the administrator quorum required to approve changes for whitelisting and address book management.
Initiator¶
Initiators conduct day-to-day transaction initiation, focusing on transaction and policy management. They can initiate and cancel transactions, connect via MMI or Wallet Connect, manage address whitelisting and books, and view vaults, deposit addresses, and policies.
Approver¶
Approvers review and authorize transactions and message signing via the Hex Safe mobile app but cannot initiate transactions. They have limited user management permissions and view-only access to account management.
Auditor¶
Auditors possess authority to review financial records and ensure compliance. Their access is view-only across user management, account management, vaults, and transaction/policy management.
Trader¶
Traders execute transactions and access comprehensive transaction data. They can view settlement and order history and execute trades but cannot initiate or approve withdrawals from the Trading Vault.
Trade Viewer¶
Trade Viewers hold view-only permissions, able to monitor settlement and order history but unable to execute trades or manage withdrawals.