Whitelist (Antifraud)
Access prerequisites
- Permission (module):
manageAntifraudWhitelist - License/Feature: None
- Menu container: GENERAL → Audit group
What it is / when to use
The Whitelist screen (/antifraud-whitelist) lists the wallets and accounts marked as trusted by the antifraud engine. Entries on the whitelist reduce friction: rules such as isWalletWhitelisted / isUserWhitelisted carry safe severity and help prevent blocks on legitimate, recurring operations (e.g., the customer's own wallet, an approved partner account).
Use this screen to audit which addresses/accounts are exempt from certain risk rules, who approved them, and why.
Prerequisites
- Permission: module
manageAntifraudWhitelist. Permission is dual — CPM enum on the backend + dynamic module in the DB. - License/Feature: none.
- Dependencies on other screens: entries are consumed by AntifraudService during real-time evaluations (category
whitelist).
Step by step
- Open the menu GENERAL → Audit → Whitelist.
- The table loads the entries (local pagination: 10/20/50 per page).
- Consult the wallet, account, who approved it, the reason, and the inclusion date.
Filters and columns
| Filter / Column | What it shows | Data source |
|---|---|---|
| Wallet | Trusted wallet address | wallet |
| Account | Associated account | account |
| Approved by | Administrator who added the entry | approved_by |
| Reason | Justification for inclusion | reason |
| Created at | Inclusion date/time (formatted) | createdAt |
Business rules / considerations
Attention
- Being added to the whitelist lowers the risk score for that source/destination — it is a security decision. Always record who approved it and the reason, as this is the audit trail for the exemption.
- Whitelist is not a blacklist: trusting a wallet does not prevent other rules (amount, velocity, time of day) from still triggering. It only affects rules in the
whitelistcategory.