Article
4 min read time
Institutional digital asset operations often involve more than one type of participant. A broker may need to give investors visibility into their own wallets. A fund manager may run day-to-day operations, while the fund owner needs to monitor positions and propose transactions. In other cases, external participants need access to a specific wallet without gaining visibility into the rest of the vault.
That creates a practical operational challenge. Traditional access models tend to treat members too broadly: either someone is inside the organizational workspace, or they are not. But many institutional workflows require something more precise - the ability to bring in limited participants, give them access only to the wallets relevant to them, and keep all activity within the organization’s existing approval flows, policies, and signing structure.
To support that model, Utila has introduced Restricted Members, a new capability that lets institutions define wallet-level access inside the vault. This feature allows organizations to add users who need access to selected wallets and selected actions, but should not be treated as full vault operators.
What Restricted Members Are
Until now, membership in a Utila vault came with full visibility across every wallet in that vault. That model worked well when vault access was limited to a tightly defined internal team operating within a single structure. But as institutional deployments expand to include fund owners, investors, external operators, and other limited participants, full-vault visibility becomes too broad for the way many organizations actually work.
To address this, organizations can now add Restricted Members to a vault, with access scoped to specific assigned wallets. In the Utila platform and API, they see only those wallets, the transactions associated with them, and the relevant onchain activity. Other parts of the vault environment - including additional wallets, vault-wide policies, and admin quorum configuration - are not visible to them.
This scoping extends to the Utila browser extension as well. When a restricted member connects to a dApp, the only wallets available for connection are those explicitly assigned to them. They cannot browse, select, or interact with any wallet outside their scope.
Vault admins manage Restricted Members from the existing vault interface. Inviting a Restricted Member follows the same workflow as inviting any other member, with one additional step: assigning one or more specific wallets to that member. Those assignments can be updated at any time, and changes are subject to standard admin approval flows.
Common Institutional Setups for Restricted Members
Restricted Members feature designed for workflows where an organization needs to give a limited participant access to a specific wallet, without expanding visibility across the rest of the vault.
Brokers servicing client investors
A broker may manage custody for multiple investors inside one vault. Each investor needs visibility into their own wallet, the ability to initiate approved actions, and access to transaction status - without seeing other investors’ wallets, balances, or activity. Now, each investor can be added as a Restricted Member with access only to their assigned wallet, while the broker’s admins retain control over policy, approvals, and signing.
Fund structures with external fund owners
A fund manager may administer the vault day to day, while a fund owner from a separate organization needs to monitor positions or propose transactions. Restricted Members lets the fund owner access only the relevant wallet, giving them operational visibility and involvement without exposing the broader fund infrastructure.
Collateral management between counterparties
Two counterparties may need shared visibility or approval rights over collateral held in one party’s vault. Now, the counterparty can be added as a Restricted Member for the collateral wallet only, enabling them to view balances and participate in defined workflows without accessing the rest of the vault.
How Restricted Members Improve Vault Access Control
Restricted Members give institutions a more precise way to structure access inside a vault. Instead of granting full vault visibility to every participant, admins can assign access only to the wallets a member actually needs.
In practice, this helps teams:
Limit overexposure: Members can access only the wallets relevant to their role, reducing unnecessary visibility without relying on manual workarounds.
Avoid unnecessary vault fragmentation: Organizations do not need to create separate vaults purely to isolate a small set of participants. They can keep one operating structure, one policy framework, and wallet-level boundaries where needed.
Bring external participants into controlled workflows: Investors, counterparties, fund owners, or auditors can be added to the relevant wallets without exposing the broader vault environment.
Wallet assignments are managed at the individual wallet level rather than through wallet groups. This reflects the core use case for Restricted Members: a limited number of external or lower-privilege participants who need access to specific wallets, not a broad permissions system for large internal teams or complex organizational hierarchies.
Get Started with Restricted Members
Restricted Members are available now in the Utila mobile app and web console. If your organization manages assets on behalf of external parties, operates multi-team treasury workflows, or needs to provide selective wallet access to counterparties, investors, or auditors, this capability was built for those workflows.
To see Restricted Members in action or discuss how wallet-level access fits into your vault setup, book a demo with the Utila team or reach out to your account manager.
Explore more
Subscribe
Subscribe
for Utila news and insights
Thought leadership, product updates, and partnerships - delivered only when we have something interesting to share.
See how Utila fits into your stack.
Live walkthrough, no commitment.
Companies who trust our enterprise-grade governance, security, and operational control: