The Stock Token License provides a complete smart contract suite for tokenizing equity instruments - shares, stock, and other regulated securities. It is designed for deployment by banks, asset managers, and stock exchanges operating under MiCA and eWpG regulatory frameworks.
The suite centers on StockToken, an ERC-20 contract with built-in transfer restrictions, identity verification, and compliance enforcement. Every transfer validates both sender and receiver against the shared Identity Registry, and optionally runs modular compliance rules (holding limits, lockup periods) before allowing execution.
What’s Included
The license ships five contracts:
| Contract | Purpose |
|---|
StockToken | ERC-20 security token with issuance, redemption, freezing, force transfers, and stock splits |
IdentityRegistryUpgradeable | MiCA/eWpG-compliant KYC/AML registry with claim management and machine-readable rejection codes |
BasicComplianceModule | Holding limits (min/max per user or global defaults) and lockup period enforcement |
ISecurityToken | Interface defining the full token lifecycle |
IComplianceModule | Interface for pluggable compliance rules |
LEGAL_OPERATOR_ROLE, which must be held by a named legal entity as required by BaFin.
Key Capabilities
Issuance and redemption. Sub-issuers mint tokens to verified addresses, subject to configurable per-issuer caps that track net outstanding supply (not lifetime volume). Redemption burns tokens and decrements the sub-issuer’s counter, limiting blast radius if a sub-issuer key is compromised.
Transfer compliance. Every transfer and transferFrom call runs through a two-stage validation: identity verification via the registry, then compliance module checks. The canTransfer view function lets integrators pre-check whether a transfer would succeed before submitting it on-chain.
Corporate actions. Forward stock splits multiply all holder balances by a given ratio, with frozen token amounts adjusted proportionally. The issuer provides the full holder list; the contract mints the difference per holder.
Regulatory controls. Controllers can freeze tokens on any account (regulatory hold), unfreeze them, and execute force transfers for seizure or recovery scenarios. Force transfers still validate recipient identity.
Authorized contracts. AMM pools, lending contracts, and orderbook custody contracts can be whitelisted to bypass identity checks on both send and receive sides. The deploying institution is responsible for monitoring authorized contract integrity.
Role Architecture
The contract uses a four-role model with clear separation of concerns:
| Role | Granted by | Responsibilities |
|---|
ISSUER_ROLE | DEFAULT_ADMIN_ROLE | Token configuration, sub-issuer management, pause/unpause, compliance module settings |
SUB_ISSUER_ROLE | ISSUER_ROLE | Mint and redeem tokens within assigned caps |
CONTROLLER_ROLE | ISSUER_ROLE | Freeze/unfreeze tokens, force transfers |
LEGAL_OPERATOR_ROLE | DEFAULT_ADMIN_ROLE | Authorize contract upgrades (licensed entity requirement) |
Regulatory Framework
The contract suite is built for two regulatory regimes:
MiCA (Markets in Crypto-Assets Regulation) governs the issuance and trading of crypto-assets across the EU. The identity registry’s claim system, investor type classification (retail, professional, eligible counterparty), and machine-readable rejection codes map directly to MiCA reporting requirements.
eWpG (Gesetz uber elektronische Wertpapiere) is the German Electronic Securities Act. It requires that changes to the securities register are authorized by the register operator. This is why redeem is restricted to ISSUER_ROLE and SUB_ISSUER_ROLE rather than being open to any holder - regular holders must request redemption off-chain, and the issuer executes it.
The identity system contracts (IdentityRegistryUpgradeable, BasicComplianceModule) are shared infrastructure included with every Trusset license. They deploy once per instance and serve all token contracts within that instance.
