11.2 Step-Up Authentication for Sensitive Actions

Problem

Sensitive actions (role changes, payouts, deletions) often rely on:

• Re-entering passwords
• SMS or email confirmations

These are weak under automation and phishing.

PTERI Approach

• Generate a fresh challenge
• Require a new wallet signature
• Verify before executing the action

Each high-risk action requires explicit, local approval.

There is no concept of “already trusted”.

---