Secure Operation Manual
This manual outlines the security measures implemented in the Stellar Disbursement Platform (SDP) to protect the integrity of the platform and its users. By adhering to these guidelines, you can ensure that your use of the SDP is as secure as possible.
Security is a critical aspect of the SDP. The measures outlined in this document are designed to mitigate risks and enhance the security of the platform. Users are strongly encouraged to follow these guidelines to protect their accounts and operations.
Implementation of reCAPTCHA
Google's reCAPTCHA has been integrated into the SDP to prevent automated attacks and ensure that interactions are performed by humans, not bots.
ReCAPTCHA is enabled by default and can be disabled in the development environment by setting the DISABLE_RECAPTCHA
environment variable to true
.
Note: Disabling reCAPTCHA is not supported for production environments due to security risks.
Enforcement of Multi-Factor Authentication
Multi-Factor Authentication (MFA) provides an additional layer of security to user accounts. It is enforced by default on the SDP and it relies on OTPs sent to the account's email.
MFA is enabled by default and can be disabled in the development environment by setting the DISABLE_MFA
environment variable to true
.
Note: Disabling MFA is not supported for production environments due to security risks.
Best Practices for Wallet Management
The SDP wallet should be used primarily as a hot wallet with a limited amount of funds to minimize potential losses.
Hot and Cold Wallets
- A hot wallet is connected to the internet and allows for quick transactions.
- A cold wallet is offline and used for storing funds securely.
- Learn more about these concepts at Investopedia.
Distribution of Disbursement Responsibilities
To enhance security, disbursement responsibilities should be distributed among multiple financial controller users.
Recommended Configuration
- Approval Flow: Enable the approval flow on the organization page to require two users for the disbursement process. The owner can do that at Profile > Organization > ... > Edit details > Approval flow > Confirm.
- Financial Controller Role: Create two users with the Financial Controller role on the organization page to enforce separation of duties. The owner can do hat at Settings > Team Members.
- Owner Account Management: Use the Owner account solely for user management and organization configuration. Avoid using the Owner account for financial controller tasks to minimize the exposure of that account.