Connect
Last updated
Last updated
Safeheron Connect is an open and secure transfer application. Users can create a team profile and quickly connect with other teams using Safeheron through search and recommendations, enabling secure, efficient, and continuous business dealings.
You only need to create a team profile and connect with your counterparty's team profile within Safeheron Connect. This allows you to make transfers through Connect without the need to copy and paste deposit addresses, send small transfers to test address accuracy, etc., thereby increasing transaction efficiency and reducing the likelihood of human errors.
When you are the recipient in a Connect transaction, the transaction will only be executed after your approval. Additionally, the incoming funds approval process includes AML (Anti-Money Laundering) checks on the source address, accurately identifying and blocking malicious addresses to provide dual security for your transactions.
When you or your counterparty need to change the transaction address for various business reasons, you can simply modify the wallet account bound to your team profile and get the modification approved. This allows you to flexibly change addresses at any time without notifying your counterparty, eliminating the need for manual management, updating whitelisted addresses, updating the receiving address in business contracts, and more.
After logging into the Web Console, click on Connect
in the left-hand navigation bar to create and view your team profiles. Once you have successfully created a team profile, you can search for the Connect IDs of other team profiles to establish connections with other teams, and conduct transactions through Connect.
To create a team profile, navigate to Web Console > Connect and click on Create Team Profile
(Members need to have the Manage Whitelists and Connect
permission).
Name: The name of the team profile and it is not supported for modification once submitted.
Description: It will be displayed as public information.
Type: Private profiles can only be searched by Connect ID; Public profiles, in addition to being searchable, it will also receive more public exposure and brand visibility.
Incoming Funds Approval: When a connected team transfers funds to your team through Connect, if approval is Required, your team must approve the transfer before it can proceed with counterparty reviewing and approving the transfer. If approval is [Not required], transfers to your team can be made directly.
Incoming Funds Approval Process: When you select "Required", you need to configure the incoming funds approval process, choose approval members, and set up its approval threshold.
Receiving Wallet: When you create a team profile, the system will automatically create an asset wallet with the same name for you to use for the team profile to receive funds, and it will be labeled with "Connect."
After completing the above information, click Save and Submit for Approval
. The profile will then be in a 'Pending Approval' status, requiring decision-making approval in the Safeheron App. Once approved, it will change to a 'Active' status. If rejected, it will be in a 'Rejected' status, allowing you to edit and resubmit for approval.
By clicking the ...
in the top right corner of the profile, you can edit
it that is either "Active" or "Rejected". You can update the team profile’s description and type, switch the receiving wallet, and modify incoming funds approval.
Edit Description and Type: You can edit the profile description and its type directly in the pop-up window.
Switch Receiving Wallet: By clicking Switch Wallets
, you can view a list of wallets and select an unbound wallet for replacement. After switching, you do not need to notify other connected parties, and transactions can proceed normally.
Update Incoming Funds Approval: You can update the incoming funds approval of your profile. If you change the setting from "Required" to "No required", the profile can receive funds without needing your approval for the transaction.
Editing a team profile requires decision-making approval in the App before it takes effect.
Note: Editing is not supported for profiles that are in "Pending Approval" status. When there are pending approvals for incoming funds towards this profile, the receiving wallet, incoming funds approval and its process cannot be changed.
By clicking the ...
in the top right corner of the profile, you can delete
the profile that is either "Active" or "Rejected".
Rejected team profile: You can delete them directly after the secondary confirmation.
Active team profile: Deletion requires secondary confirmation and a decision-making approval within the Safeheron App for it to take effect. Additionally, after deletion, the connections established by the team profile will be automatically dissolved, and connected parties will no longer be able to initiate transfers to you through that profile.
Note: When deleting a team profile, if there are connected profiles, they will be automatically disconnected; if there are ongoing transactions, they will be blocked at the time of approval, and you will not be able to approve them at this time.
After creating a team profile, you can use Connect to establish connections with various teams, fostering direct, efficient, and secure collaboration.
An active team profile can connect with other teams, and once a connection is established, both parties can transact through Safeheron Connect.
Click on Connect
, enter the Connect ID to search, find the profile you wish to connect with, click Connect
, confirm the connection details, and then click Request to connect
.
The connection request must go through decision-making approval within the App and then be forwarded to the counterparty for their approval. Once the other party approves, the connection is successfully established, and your team will receive a push notification confirming the successful connection.
Note: The Connect
action is not supported for profiles that are in "Pending Approval" status, and the button will not be available.
You can view the connection status in the list of Connected Profiles
for each active profile.
You can Reconnect
or Delete
the rejected profiles.
Pending Approval within Your Team
A connection request has been initiated and it is currently under review by your team.
Pending Approval within the Counterparty
Your team has approved the connection request and it is now awaiting counterparty approval.
Connected
Both parties have approved the connection request and now can transact through Connect.
Rejected by Your Team
Your team has rejected the connection request.
Rejected by the Counterparty
The counterparty has rejected the connection request.
Disconnected by the Counterparty
The counterparty has unilaterally disconnected from your profile, disabling transactions through Connect.
Pending Approval for Disconnection
Your team has initiated the disconnection request and it is currently under review by your team.
Cancelled
Your team have cancelled the approval to establish a connection due to special circumstances, such as resetting the team's decision-making model.
Approval Cancelled by the Counterparty
The counterparty has cancelled the approval to establish a connection due to special circumstances.
You can view the connection status in the list of Connected Profiles
for each active profile. And, you can Disconnect
it from the connected profiles.
After clicking Disconnect
and re-confirming, the disconnection request will be submitted for decision-making approval in the App, and will take effect only after it is approved.
Note: Once you disconnect from a profile, the profile will be removed from the list and you will no longer be able to make transactions with that profile using Connect. After reconnecting the profile, you will be able to transact normally.
Once connected with your counterparty, you can initiate transactions by selecting Connect
in the App or Web Console.
If you initiate a transaction and the counterparty requires approval for incoming funds, you must approve the transaction after the counterparty does so. Once both parties have approved, the transaction will be executed.
If the counterparty does not require incoming funds approval, the transaction will proceed upon your approval.
You can initiate a transaction from the App or Web Console. Select the sending asset > Select the sending method as Connect > Choose and confirm the profile name and Connect ID of the counterparty > Set up the sending details to initiate a transaction.
If you are the recipient and your team profile is configured to require approval for incoming funds, you will need to approve the transaction request before the funds are sent to your wallet.
If your team profile is set to not require approval for incoming funds, you can receive the funds directly. However, it is recommended that you enable incoming funds approval to enhance the security of your funds and address.
Upon receiving a transfer through Connect, you will be notified of a pending task and a system notification for incoming funds approval. This notification will include the counterparty's profile name, Connect ID, the sending address, and the results of the AML check on that address. The transaction will proceed only after your approval.
You can view your Connect transaction history in the Safeheron App or Web Console.
For transactions sent or received through Connect, the receiving address (To
section) or sending address (From
section) displayed is the counterparty profile.
When conducting transactions using Connect, Safeheron ensures the security of your team profile's receiving address, the connection between profiles, and the address associated with the target profile through cryptographic techniques and Trusted Execution Environment (TEE). The well-designed Safeheron Connect security architecture guarantees the safety of your transaction process, protecting against external malicious attackers, internal misconduct, and even Safeheron's own internal malfeasance. Even Safeheron employees are unable to alter the connection between team profiles or the receiving address of the target profile.
Each wallet account is associated with a BIP44 path, which determines your wallet address. When creating a team profile and binding a wallet account, a decision-making approval is required. Behind this approval, the Safeheron App uses an authorization private key, which exists only on your local App, to sign the profile information and the corresponding BIP44 path. The signed data is then verified by the TEE-based Policy Engine to confirm that it is your own action and is persistently stored.
Similarly, when establishing a connection between two team profiles, both parties shall execute decision-making approval. Behind this approval, the authorization private key is used to sign the connection details between the team profiles, such as the Connect IDs of both parties. The signed data is verified by the TEE Policy Engine to ensure it is your own action and is persistently stored.
When you transfer funds to your counterparty through Connect, the TEE Policy Engine will verify:
Whether the connection between the two party's profiles is valid.
Whether the wallet address corresponding to the target profile is valid (by verifying the BIP44 path through its signature, generating the address in the TEE via the BIP44 path, and checking if this address matches the one seen and signed during transaction approval).
Whether the current transaction approval meets the preset policy and approval process (and if the counterparty requires incoming funds approval, it will also verify if it meets its policy).
Upon successful verification of all criteria, the TEE Policy Engine will generate a verification report and distribute it to the three parties requiring signatures, two being platform signature machines and one being your mobile App or API Co-Signer. The platform signature machines will verify this report, and only after the report is verified successfully, will they proceed with further verifications (including "What You See Is What You Sign" verification, secondary distributed verification of the target profile's validity, etc.). Only after all verifications are passed will the platform signature machines agree to participate in the distributed signature calculation; similarly, your mobile App or API Co-Signer will also use a similar logic for checks and validations.