Architecture

Institutional Setup

Institutions are required to have at least three members. Without going into the details of the role based access control involved, we will assume that all users have full privileges on a two-of-three wallet which enable the following:

• The ability to trigger a withdrawal

• The ability to approve a withdrawal request

• The ability to generate a receive address

Anchorage FBO Account Setup

The Anchorage FBO account is an account for the benefit of the institutional users. This wallet holds the collateral that backs the wrapped assets 1:1. This wallet is managed by Anchorage leadership and operational personnel who carry the responsibility of overseeing the collateralization requirements and operational movement involved with wrapping and unwrapping assets. All of these activities have the same structure with a minimum of two persons approving a particular transaction before it occurs. Tokensoft does not have the capability to perform any activities on this wallet. They carry the ability to perform the following:

• Generate receive addresses to be provided to the end user for wrapping

  • Typically a one time activity

• Begin the withdrawal process after a burn has occurred during the unwrapping process.

Smart Contract Setup

The smart contract deployment involves multiple wallets due to the role-based access control baked into the contract functionality. In this structure, we discuss the various roles and who has access:

• Smart Contract Owner: Tokensoft uses a multi-signature wallet as the smart contract owner. These keys are generated and held in HSMs, and are securely backed up offline.

• Smart Contract Minter: This key sits encrypted on special server that executes based on the instructions received from the Anchorage

• Smart Contract Burner: This key sits encrypted on special server that executes based on the instructions received from the Anchorage servers.