Fireblocks uses different security and safety mechanisms to prevent unauthorized workspace activity. One of these mechanisms is the expiration of approval and signing notifications.
Approvals are required for:
- New connections
- New users
- Transactions, per the workspace's Policies. For all outbound transactions, signing is required.
Except for email invitations, all notifications that require approval appear in the Fireblocks mobile app.
Transaction authorization and signing notifications
Transaction authorization expiration
Transactions fail if not authorized within the configured timeout window. The default is 2 hours from when the transaction is created. Approval is required before the initiator can sign when two-tier authorization is enabled in the Policy.
You can customize the timeout window up to a maximum of 24 hours or a minimum of 5 minutes, globally, per signing method, or per individual transaction. For configuration steps, see Transaction Timeout Configuration.
Policy change request
Policy change requests using the Policy Editor expire after 7 days if the Owner and Admin Quorum have not yet approved them.
Initiator signing expiration
Transactions are canceled if not signed within the configured timeout window. The default is 2 hours from when the transaction is created. Signing follows authorization if two-tier authorization is enabled in the Policy.
For timeout configuration options, see Transaction Timeout Configuration.
Transaction timeout configuration
Admins can configure how long Fireblocks waits for a transaction to be broadcast to the blockchain before marking it as failed. The default timeout is 2 hours, though certain policy configurations extend this to 24 hours. You can customize this up to a maximum of 24 hours or a minimum of 5 minutes, globally, per signing method, or per individual transactions, depending on your operational needs.
For configuration steps, limits, and a full explanation of how timeout layers interact, see Transaction Timeout Configuration.
Whitelisting and connection approval notifications
Approval is required for new whitelisted addresses, exchange connections, Fireblocks P2P Network connections, and fiat account connections.
Admin quorum expiration
Approvals requiring the Admin Quorum expire after 7 days.
User approval notifications
New user approval expiration (Owner)
Owners receive a notification when a new user is added to their workspace. The Owner must approve the new user request within 7 days. Otherwise, the request expires and must be resubmitted. Approving this notification sends an email invitation to the new user.
New user invitation expiration (User)
New users have 7 days to respond to their Fireblocks email invitation and set up their new accounts. Contact Fireblocks Support if you need to extend this timeframe.
Granting signing privileges expiration (Owner)
Owners receive a notification to authorize each user's signing privileges. The Owner has 2 days (48 hours) to approve the request. Contact Fireblocks Support if this request expires and the user still requires signing privileges.
Even if the Owner has not approved the request, the new user can access the Fireblocks Console without signing privileges.
New MPC key generation request (User)
Once the Owner approves a user's MPC keys, the user has 2 days (48 hours) to complete the registration process. If not completed, the Owner must re-enroll the user.