# Tokenization Architecture Documentation

## Overview

The tokenization system enables central banks and IFIs to tokenize traditional assets (EUR, USD, etc.) using the Hyperledger stack, with integration across SolaceNet, Sub-Volumes A/B/C, and all existing microservices.

## Architecture Diagram

```mermaid
graph TB
    subgraph traditional[Traditional Banking]
        SWIFT[SWIFT]
        TARGET2[TARGET2]
        CORE[Core Banking]
    end
    
    subgraph hyperledger[Hyperledger Stack]
        FABRIC[Fabric Chaincode]
        BESU[Besu ERC-20]
        FIREFLY[FireFly Orchestration]
        CACTI[Cacti Bridges]
        INDY[Indy Identity]
    end
    
    subgraph solacenet[SolaceNet]
        CAP[Capability Registry]
        POL[Policy Engine]
        ENT[Entitlements]
    end
    
    subgraph subvolumes[Sub-Volumes]
        GAS[GAS Network]
        GRU[GRU Monetary]
        METAVERSE[Metaverse]
    end
    
    subgraph microservices[Microservices]
        ISO[ISO Currency]
        LIQ[Liquidity Engine]
        MRKT[Market Reporting]
        BRIDGE[Bridge Reserve]
    end
    
    traditional --> FIREFLY
    FIREFLY --> FABRIC
    FIREFLY --> BESU
    FABRIC <--> CACTI
    BESU <--> CACTI
    CACTI --> traditional
    FIREFLY --> SOLACENET
    SOLACENET --> CAP
    SOLACENET --> POL
    SOLACENET --> ENT
    BESU --> GAS
    BESU --> GRU
    BESU --> METAVERSE
    BESU --> ISO
    BESU --> LIQ
    BESU --> MRKT
    BESU --> BRIDGE
    INDY --> SOLACENET
```

## Component Details

### 1. Fabric Chaincode

**Location**: `chaincode/tokenized-asset/go/` and `chaincode/reserve-manager/go/`

**Responsibilities**:
- Core settlement layer for tokenized assets
- Reserve verification and management
- 1:1 backing enforcement
- Regulatory compliance checks

**Key Functions**:
- `MintToken`: Mint tokenized assets with reserve verification
- `TransferToken`: Transfer with regulatory checks
- `RedeemToken`: Redeem back to underlying asset
- `VerifyReserve`: Verify reserve sufficiency
- `Enforce1To1Backing`: Ensure 1:1 backing ratio

### 2. Besu ERC-20 Contracts

**Location**: `contracts/tokenization/`

**Contracts**:
- `TokenizedEUR.sol`: ERC-20 tokenized EUR
- `TokenRegistry.sol`: Registry of all tokenized assets

**Features**:
- ERC-20 compatibility
- Fabric attestation-based minting
- Integration with bridge system
- Metadata storage

### 3. FireFly Orchestration

**Location**: `orchestration/tokenization/`

**Services**:
- `tokenization-workflow.ts`: Main workflow orchestrator
- `settlement-generator.ts`: Settlement file generation

**Workflow States**:
1. INITIATED
2. RESERVE_VERIFIED
3. FABRIC_MINTING
4. FABRIC_MINTED
5. BESU_MINTING
6. BESU_MINTED
7. SETTLEMENT_CONFIRMED
8. REGULATORY_REPORTED
9. COMPLETED

### 4. Cacti Integration

**Location**: `connectors/cacti-fabric/` and `connectors/cacti-banking/`

**Bridges**:
- Fabric-Besu Bridge: Atomic cross-network transfers
- Banking Bridge: SWIFT/TARGET2 integration

### 5. SolaceNet Integration

**Location**: `dbis_core/src/core/solacenet/capabilities/tokenization/`

**Capabilities**:
- `tokenization.mint`: Mint tokenized assets
- `tokenization.transfer`: Transfer tokenized assets
- `tokenization.redeem`: Redeem tokenized assets
- `tokenization.view`: View tokenized assets

**Policy Enforcement**:
- Tier-based access control
- Entitlement checks
- Runtime capability toggling

### 6. Sub-Volume Integration

#### GAS Network (Sub-Volume A)
- Atomic settlement for tokenized assets
- Multi-dimensional commit verification
- Finality confirmation

#### GRU (Sub-Volume B)
- Tokenized asset valuation via XAU triangulation
- GRU settlement pipeline integration
- FX rate integration

#### Metaverse (Sub-Volume C)
- Virtual asset representation
- Cross-reality token transfers
- Digital-physical bridges

### 7. Microservices Integration

#### ISO Currency Service
- Tokenized asset currency code mapping
- Exchange rate integration
- Currency registry support

#### Liquidity Engine
- Tokenized asset liquidity management
- Reserve pool management
- Bridge liquidity integration

#### Market Reporting
- Tokenized asset reporting
- Reserve attestation reporting
- Regulatory compliance reporting

#### Bridge Reserve
- Tokenized asset reserves for bridging
- Cross-chain tokenized asset transfers
- Reserve verification

### 8. Indy Identity

**Location**: `services/identity/`

**Services**:
- `institutional-identity.ts`: DID issuance and VC management
- `credential-verifier.ts`: Credential verification for operations

**Credential Types**:
- KYC
- AML
- RegulatoryApproval
- BankLicense

## Data Flow

### Tokenization Flow

```
1. Reserve Verification (Traditional Banking)
   ↓
2. FireFly Initiates Workflow
   ↓
3. SolaceNet Capability Check
   ↓
4. Indy Credential Verification
   ↓
5. Fabric Mint (Chaincode)
   ↓
6. Cacti Bridge to Besu
   ↓
7. Besu ERC-20 Mint
   ↓
8. Settlement File Generation
   ↓
9. SWIFT/TARGET2 Submission
   ↓
10. Regulatory Reporting
   ↓
11. Completion
```

### Transfer Flow

```
1. User Initiates Transfer
   ↓
2. SolaceNet Capability Check
   ↓
3. Indy Credential Check
   ↓
4. Bridge Reserve Verification
   ↓
5. Execute Transfer (Besu)
   ↓
6. Update Fabric State (if needed)
   ↓
7. Settlement Confirmation
```

### Redemption Flow

```
1. User Initiates Redemption
   ↓
2. SolaceNet Capability Check
   ↓
3. Reserve Verification
   ↓
4. Burn on Besu
   ↓
5. Redeem on Fabric
   ↓
6. Release Reserve
   ↓
7. Settlement Confirmation
```

## Security Model

### HSM Integration
- Minting authority requires HSM signatures
- Reserve attestation requires HSM signatures
- Critical operations use EIP-712 typed data

### Multi-Attestor Quorum
- Reserve verification requires multiple attestors
- Configurable quorum thresholds
- Weighted attestor system

### SolaceNet Policy Enforcement
- Runtime capability checks
- Tier-based access control
- Policy-based route selection

### Indy Credential Verification
- DID-based identity
- Verifiable Credentials for compliance
- Tier-based eligibility

## Integration Points

1. **SolaceNet**: Capability toggling, policy enforcement, entitlements
2. **GAS Network**: Atomic settlement
3. **GRU**: Monetary system integration, FX rates
4. **Metaverse**: Virtual asset representation
5. **Bridge System**: Cross-chain tokenized asset transfers
6. **Microservices**: ISO Currency, Liquidity, Market Reporting, Bridge Reserve
7. **Indy**: Institutional identity and credentials
8. **FireFly**: Workflow orchestration
9. **Cacti**: Cross-network bridges
10. **Fabric**: Core settlement layer

## Deployment Architecture

```
┌─────────────────────────────────────┐
│   Traditional Banking Systems       │
│   (SWIFT, TARGET2, Core Banking)    │
└──────────────┬──────────────────────┘
               │
┌──────────────▼──────────────────────┐
│   Hyperledger FireFly                │
│   (Orchestration & API Layer)       │
└──────┬───────────────┬───────────────┘
       │               │
┌──────▼──────┐  ┌────▼──────────────┐
│  Fabric     │  │  Besu             │
│  (Settlement│  │  (ERC-20 Tokens)  │
│   Chaincode)│  │                   │
└──────┬──────┘  └────┬──────────────┘
       │               │
       └───────┬───────┘
               │
       ┌───────▼───────┐
       │  Hyperledger  │
       │  Cacti        │
       │  (Bridge)     │
       └───────┬───────┘
               │
       ┌───────▼───────┐
       │  SolaceNet    │
       │  (Capabilities│
       │   & Policy)   │
       └───────┬───────┘
               │
       ┌───────▼───────┐
       │  Sub-Volumes  │
       │  (GAS/GRU/    │
       │   Metaverse)  │
       └───────────────┘
```

## API Endpoints

### SolaceNet Tokenization API
- `POST /api/v1/solacenet/tokenization/mint` - Mint tokenized asset
- `POST /api/v1/solacenet/tokenization/transfer` - Transfer tokenized asset
- `POST /api/v1/solacenet/tokenization/redeem` - Redeem tokenized asset
- `GET /api/v1/solacenet/tokenization/status/:requestId` - Get status
- `GET /api/v1/solacenet/tokenization/token/:tokenId` - Get token details

### FireFly Tokenization API
- `POST /api/tokenization/mint` - Initiate minting workflow
- `POST /api/tokenization/transfer` - Initiate transfer workflow
- `POST /api/tokenization/redeem` - Initiate redemption workflow
- `GET /api/tokenization/status/:requestId` - Get workflow status

## Configuration

### Environment Variables
- `FABRIC_NETWORK` - Fabric network name
- `CHAIN_138_RPC_URL` - Besu RPC URL
- `FIREFLY_API_URL` - FireFly API URL
- `CACTI_API_URL` - Cacti API URL
- `INDY_API_URL` - Indy API URL
- `SWIFT_API_URL` - SWIFT API URL (optional)
- `TARGET2_API_URL` - TARGET2 API URL (optional)

## Security Considerations

1. **HSM Integration**: All critical operations require HSM signatures
2. **Multi-Attestor Quorum**: Reserve verification requires quorum
3. **SolaceNet Policy**: Runtime policy enforcement
4. **Indy Credentials**: Verifiable Credentials for compliance
5. **Access Control**: Role-based access control
6. **Audit Trail**: Comprehensive logging via SolaceNet audit logs

## Success Criteria

- Tokenized assets can be minted on Fabric
- ERC-20 representation on Besu
- SolaceNet capability checks enforced
- Integration with all microservices
- Sub-Volume A/B/C integration working
- End-to-end settlement file generation
- Regulatory compliance maintained
- Dual-record keeping (DLT + traditional banking)