- Restricting who may hold a regulated security.
- Restricting who may request minting or redemption of a stablecoin.
- Limiting participation to onboarded investors.
- Delegating compliance decisions to an external compliance provider.
How Allowlisting Works
Allowlists are implemented using credential contracts. The Instrument Configuration defines the credential requirements for each workflow. When a user performs an action, the Smart Contract model verifies that the required credentials are present before the transaction is executed. Credential requirements can be configured independently for:- Holder requirements – Who may hold, receive, or transfer an asset.
- Mint/Burn requirements – Who may request minting or redemption.
Configuring an Allowlist
Each credential requirement specifies:- Credential Issuer – The party responsible for maintaining the allowlist.
- Claim Property – The permission being granted (for example
canHoldorcanMint). - Claim Value – The asset or permission scope (for example
USDXorBondX).
Managing the Allowlist
Adding a party to an allowlist is equivalent to issuing a credential with the required claims. Credentials can be created directly through the Registry App. The recommended approach is for the credential issuer to also hold the credential. This allows the allowlist to be maintained unilaterally without requiring the allowlisted party to separately accept or manage credential contracts. To add a party to an allowlist:- Go to the Credential module.
- Click offer new credential.
- Set the credential holder to use same party
- Set the subject to the party being allowlisted.
- Add the claims required by the Instrument Configuration.
- Click Offer Free credential.
Example Configurations
Stablecoin
Anyone may hold or transfer the stablecoin, but only KYC-approved parties may request minting or redemption.Money Market Fund
Only onboarded investors may hold, receive, mint, or redeem fund units.Tokenized Bond
A third-party compliance provider manages the allowlist independently from the registrar.
This model enables issuers to delegate investor onboarding and compliance checks while retaining full control over the asset lifecycle.