Skip to main content

Risk Control System – Design Overview

The risk control system evaluates transactions during execution based on predefined rules.
When a transaction meets certain risk conditions, the system triggers corresponding risk control actions to limit asset exposure and ensure overall system security.

I. Composition of a Single Risk Control

Each individual risk control consists of three components:

  • Asset Selector
  • Risk Control Rule
  • Risk Control Trigger

1. Asset Selector

The asset selector defines the scope to which a risk control applies — in other words, which assets or behaviors are subject to risk evaluation.

Supported scopes include:

  • The wallet’s native asset (e.g., SOL)
  • Token assets held by the wallet
  • Native assets or tokens of any address
  • A specific program
  • A specific instruction within a program

2. Risk Control Rules

Risk control rules define how asset behavior is evaluated for risk.

Common rules include, but are not limited to:

  • Single transaction amount must not exceed a specified threshold
  • Total transaction amount within a given time window must not exceed a specified threshold
  • Number of transactions within a given time window must not exceed a specified count
  • Other custom risk control conditions

3. Risk Control Triggers

Risk control triggers define the actions the system should take when a risk control rule is triggered.

Available triggers include:

  • Converting the transaction into a multisignature transaction
  • Locking the relevant account
  • Rejecting and terminating the current transaction

II. Risk Control Execution Flow

Multiple risk controls can be combined to form a risk control group.

Each risk control follows the structure:

Asset Selector → Risk Control Rule → Risk Control Trigger

During transaction execution, the system evaluates each risk control sequentially according to the configured order.

The execution flow is as follows:

  1. After a transaction is initiated, the system begins evaluating each risk control in the group sequentially
  2. If a risk control rule is triggered during evaluation:
    • The corresponding risk control trigger is executed immediately
    • Evaluation of subsequent risk controls is halted
    • The current transaction execution fails
  3. If none of the risk controls are triggered:
    • The risk control process completes
    • The transaction is allowed to execute normally

III. Design Characteristics

  • Rule-driven: Risk control behavior is defined through configurable rules rather than hard-coded logic
  • Composable: Multiple risk controls can be flexibly combined into a risk control group
  • Extensible: Asset selectors, rules, and triggers can each be independently extended
  • Deterministic execution: Risk controls are evaluated in a fixed order; execution stops on first trigger, ensuring predictable behavior