Policy Controls

Policy controls define what your agent can and can’t do without your approval. They’re the guardrails that make autonomous operation safe.

Daily Spend Limit

Set the maximum USD value your agent can transact per day. Any transaction that would push the total above this limit triggers an approval.

# Set a $50/day limit
waap-cli policy set --daily-limit 50
 
# Check current policy
waap-cli policy get

Defaults:

• New accounts start with no limit (all transactions require approval if 2FA is enabled)
• Recommended starting point: $10/day for testnet, $50/day for mainnet

Risk Threshold

Control how sensitive the approval trigger is:

# Only require approval for high-risk transactions (default)
waap-cli policy set --min-risk-for-2fa HighWarn
 
# Require approval for everything above low risk
waap-cli policy set --min-risk-for-2fa LowWarn

See Approvals & Notifications for what each risk level means.

Recommended Setup for Agents

Policy Controls vs Privileges

Policy Controls and Privileges shape agent autonomy at different layers and complement each other rather than overlap:

• Policy Controls are the global wallet-level baseline. They apply to every transaction the wallet signs — including ones that present a Privilege.
• Privileges are scoped, time-bounded grants that bypass 2FA for specific operations. A Privilege never raises the daily spend cap; it just removes the 2FA prompt for transactions inside its declared scope.

Set Policy Controls first to define the floor your agent operates within. Grant Privileges on top of that floor to skip 2FA for predictable, repetitive work.

Related

• Approvals & Notifications — How approvals work and setting up Telegram
• Privileges — Bypass approvals for pre-approved scopes
• CLI Commands — Policy — Full policy command reference