Skip to main content
Trusset tokens implement a standardized role system across all contracts. Each role has specific permissions ensuring proper separation of duties between governance, administration, compliance, and token holders.

Role Hierarchy

IVC

Full admin authority executing all privileged operations through automated or owner-approved transactions

Issuer

Contract administrator managing token configuration, compliance rules, and operational parameters

Authority

Optional delegated role with configurable permissions for specific compliance or operational functions

Investor

Token holder with verified on-chain identity enabling compliant transfers and token operations

IVC Role

The Instance Vault Contract holds full administrative authority over tokens. All privileged operations—minting, burning, compliance actions, configuration updates—route through the IVC exclusively. No direct issuer admin keys exist eliminating single points of failure and enabling decentralized governance. The IVC executes operations through backend automation with pre-configured function allowlists and rate limits, or owner direct execution for emergency response and configuration changes. This architecture ensures operational continuity without exposing private keys to compromise.
IVC authority cannot be bypassed. Even the issuer must execute privileged operations through the IVC’s validation and authorization system.

Issuer Role

The issuer is the organization that deployed the token—typically the financial institution tokenizing assets. The issuer address defaults to the deployer but can be set to any address during token creation. Issuers manage day-to-day operations including configuring compliance rules and transfer restrictions, updating token metadata and documentation, managing the identity registry for KYC enforcement, and appointing or revoking authority addresses for delegated permissions. Issuer operations execute through the IVC ensuring all actions pass validation checks and emit events for transparency. The issuer cannot directly modify token state—all changes route through the IVC’s controlled execution paths.

Authority Role

The authority role provides optional delegation of specific administrative functions without granting full issuer permissions. Configure authority capabilities during token deployment or update them later through issuer operations executed via the IVC. Common authority configurations include:
ConfigurationPermitted Operations
Compliance OnlyFreeze accounts, update transfer restrictions, manage identity verifications
OperationsExecute transfers, process redemptions, manage distributions
DocumentationUpdate legal documents, modify metadata URIs, set compliance references
Full AuthorityAll administrative functions except issuer role transfer
Authority addresses operate independently from the issuer enabling separation of duties for compliance oversight, operational execution, and legal documentation management. Multiple authority addresses can exist with different permission sets for organizational flexibility.

Investor Role

Investors are token holders with verified on-chain identities stored in the identity registry. Verification status determines transfer eligibility—non-verified addresses cannot receive tokens even if the sender is verified. Investors execute standard operations including token transfers between verified addresses, redemptions converting tokens back to underlying assets, and participation in governance or corporate actions where applicable. The identity registry enforces investor classification—retail, accredited, institutional, or qualified—enabling token-level restrictions based on regulatory requirements. Expired verifications automatically fail transfer attempts until renewal through the verification process.
Retail Investors: General public with basic KYC verification, may face transfer limits or holding restrictions based on jurisdictionAccredited Investors: Higher net worth individuals meeting SEC or equivalent standards, typically unrestricted transfers within accredited classInstitutional Investors: Banks, funds, and corporate entities with enhanced due diligence, often exempt from retail restrictionsQualified Investors: Jurisdiction-specific classifications like EU qualified investors or Swiss qualified investors with tailored compliance rules

Role Assignment

Roles are assigned during token deployment and updated through IVC-executed operations. The issuer specifies initial role addresses in deployment parameters. Authority roles are added or removed through issuer operations after deployment. Investor roles are established automatically when users receive identity verification in the registry. Role changes emit events for transparency and monitoring. Track role assignments through blockchain explorers or query functions on the token contract. All role modifications require IVC execution ensuring proper authorization and audit trails.

Permission Enforcement

Smart contracts enforce role permissions automatically during every operation. Transfer attempts check investor verification status before execution. Compliance operations verify caller has issuer or authority role. Administrative functions confirm IVC execution path before modifying state. Failed permission checks revert transactions with specific error messages indicating the authorization failure. Monitor these errors to detect unauthorized access attempts or misconfigured role assignments requiring correction.

IVC Architecture

Learn about Instance Vault Contract governance

Light Tokens

Understand token implementation and role integration