System architecture - Layered design of the ATK platform
The Asset Tokenization Kit implements a unified Digital Asset Lifecycle Platform (DALP) architecture that addresses the fragmentation plaguing traditional tokenization approaches. Rather than relying on disparate vendor tools cobbled together through manual processes, ATK provides a single control plane where every lifecycle event—from issuance through settlement to reporting—flows through orchestrated services backed by compliance-first design.
ATK's lifecycle management capabilities
Atomic DvP Settlement: The XvP settlement system coordinates multi-party token exchanges where all legs execute together or the entire settlement reverts. True T+0 finality without counterparty risk or trusted intermediaries.
Vault-Based Custody: Multi-signature treasury management with maker-checker workflows, configurable quorum requirements, and role-based access control. No single point of failure. Emergency controls and full audit trails.
Scheduled Yield Management: Fixed yield schedules eliminate manual calculation of dividends, interest, and coupon entitlements. Configure once; calculate entitlements automatically on payment dates for on-demand claiming with cryptographic proof of entitlement.
Integrated Observability Stack: Production-ready monitoring with VictoriaMetrics, Loki, Tempo, and Grafana pre-configured with comprehensive dashboards. No vendor integration required—metrics, logs, traces, and alerting included from day one.
This architecture eliminates the reconciliation nightmares, custody-compliance disconnects, and T+2 settlement delays that prevent institutional adoption. By embedding regulatory compliance directly into the asset path through ERC-3643, integrating lifecycle management through addon contracts, including production-grade observability, and unifying all operations through a monorepo-based stack, ATK delivers the deterministic state transitions and audit-ready trails that enterprise teams demand.
Layered architecture
ATK follows a layered, modular architecture that separates concerns while maintaining tight integration between components:
The architecture demonstrates clear separation of concerns with well-defined interfaces between layers:
- Frontend Layer provides user interfaces for different stakeholder types (issuers, investors, compliance officers, administrators)
- API Layer handles request processing, authentication, and type-safe data validation
- Business Logic Layer implements core tokenization functionality with embedded compliance
- Data Layer provides persistence, caching, file storage, and blockchain indexing
- Blockchain Layer delivers the foundational smart contract infrastructure with compliance built-in
- Infrastructure Layer enables deployment across public chains, consortium networks, and private EVM builds
Monorepo structure
ATK is organized as a Turborepo monorepo, enabling efficient dependency management, build optimization, and development workflows:
This structure hard-codes integration discipline the market has been missing. Contracts, the TanStack Start dApp, the ORPC API module, TheGraph indexer, end-to-end tests, and Helm charts live in one workspace. Shared packages eliminate ambiguity about interfaces, so lifecycle flows never drift between teams. Environments deploy from one Helm-defined topology, meaning policy, infrastructure, and product evolve together.
| Component | Dependencies | Purpose |
|---|---|---|
| dapp | contracts (ABIs, types), subgraph (GraphQL) | Frontend depends on contract types and indexed data |
| subgraph | contracts (ABIs, events) | Indexer requires contract interfaces for event handling |
| e2e | dapp (testing UI/API) | End-to-end tests validate complete application workflows |
| charts | All components | Kubernetes deployment requires all application artifacts |
Technology stack
ATK leverages modern, enterprise-grade technologies optimized for performance, security, and developer experience:
| Layer | Technology | Purpose | Why Chosen |
|---|---|---|---|
| Package Manager | Bun | Fast runtime and package manager | Performance, native TypeScript support |
| Monorepo | Turborepo | Build system and task orchestration | Caching, parallel execution |
| Smart Contracts | Solidity | Contract development | Industry standard, EVM compatibility |
| Contract Framework | Foundry + Hardhat | Testing and deployment | Speed (Foundry), ecosystem (Hardhat) |
| Frontend | TanStack Start | React framework | Type-safety, modern patterns |
| State Management | TanStack Query | Server state | Caching, synchronization |
| Routing | TanStack Router | Type-safe routing | Type inference, code splitting |
| Forms | TanStack Form | Form management | Validation, type-safety |
| UI Components | Radix UI | Accessible components | Headless, composable |
| Styling | Tailwind CSS | Utility-first CSS | Rapid development, consistency |
| API Layer | ORPC | Type-safe RPC | End-to-end type safety |
| Database | PostgreSQL | Relational database | ACID compliance, reliability |
| ORM | Drizzle ORM | Type-safe database | TypeScript-first, performance |
| Authentication | Better Auth | Auth & sessions | Flexible, modern |
| Indexing | TheGraph | Blockchain indexing | Decentralized, GraphQL |
| Storage | MinIO | S3-compatible storage | Self-hosted, compatible |
| Cache | Redis | In-memory store | Speed, pub/sub |
| Orchestration | Kubernetes | Container orchestration | Scalability, reliability |
Core asset types
ATK supports five primary asset classes, each optimized for specific financial instruments:
| Feature | Bond | Equity | Fund | StableCoin | Deposit |
|---|---|---|---|---|---|
| Core Tokenization | ✅ | ✅ | ✅ | ✅ | ✅ |
| Compliance Modules | ✅ | ✅ | ✅ | ✅ | ✅ |
| Transfer Restrictions | ✅ | ✅ | ✅ | ✅ | ✅ |
| Voting Rights | ❌ | ✅ | ✅ | ❌ | ❌ |
| Yield Distribution | ✅ | ❌ | ❌ | ❌ | ❌ |
| Maturity Management | ✅ | ❌ | ❌ | ❌ | ❌ |
| Collateral Backing | ✅ | ❌ | ❌ | ✅ | ✅ |
| Management Fees | ❌ | ❌ | ✅ | ❌ | ❌ |
| Redemption Rights | ✅ | ❌ | ❌ | ✅ | ❌ |
Why this architecture beats point tools
Traditional tokenization approaches suffer from fatal fragmentation:
- Issuance wizards without registry truth or embedded compliance create rework and legal risk
- Compliance databases in middleware disconnect from the asset path, enabling non-compliant transfers
- Custody vaults cannot see rule updates, breaking synchronization
- Settlement workarounds keep cash and tokens on separate systems, forcing T+2 delays
ATK's unified control plane eliminates these problems:
- Templated legality: Jurisdiction-specific templates (Reg D, Reg S, MiCA) baked into smart contracts from deployment
- Registry truth: Real-time ownership registry synchronized through TheGraph indexers
- Programmable lifecycle: All operations exposed through APIs enable white-label integration
- Embedded compliance: ERC-3643 enforcement in the state-transition path, not as a sidecar
- Single control plane: Every capability (issuance, onboarding, transfers, settlement, reporting) resides on the DALP
Consider a bond, feeder fund, and deposit note issued simultaneously:
- Product leads model each instrument in the web console, generating ERC-3643 blueprints
- Compliance configures country, investor-limit, and lock-up modules once—policies apply everywhere
- Identity teams onboard investors through shared REST APIs—claims synchronize across offerings
- Custody operations pre-stage HSM-backed wallet tiers directly in DALP custody services
- Settlement wires cash legs via payment gateway adapters, keeping cash and tokens in lockstep
- Corporate actions schedule through the servicing workflow engine—investors and auditors see the same data
Because every step references the same control plane, there is no reconciliation step between products. Issuance, compliance, custody, and settlement remain consistent across instruments and venues.
Performance targets
Performance varies by deployment configuration and blockchain network characteristics. These design targets guide capacity planning:
| Component | Metric | Design Target | Why it matters |
|---|---|---|---|
| Frontend | Initial page load | <3s | User experience, engagement |
| API | Response time (P95) | <500ms | Real-time operations |
| Blockchain | Block confirmation | 2-15s | Settlement speed (network-dependent) |
| Indexer | Event processing latency | <30s | Data freshness |
| Database | Uptime | 99.9% | Reliability |
| Smart Contracts | Gas cost | <200,000 gas/tx | Transaction economics |
Security & compliance first
Security and compliance are architectural concerns, not bolt-ons:
- ERC-3643 Integration: Security token standard with transfer restrictions built into contract logic
- OnchainID Protocol: Decentralized identity with KYC/AML claim verification
- Role-Based Access: OpenZeppelin AccessManager for granular permissions
- Upgradeable Proxies: Safe contract evolution without data migration
- Audit Trails: Immutable event logs for regulatory reporting
- Multi-Signature Controls: Bank-grade custody with approval workflows
Integration points
ATK integrates with external systems while maintaining control:
- Identity Systems: OnchainID and third-party KYC providers plug into the identity registry
- Banking Rails: Core banking and payment systems connect through mediation services (ISO 20022, SWIFT)
- Custody Providers: Custodian APIs surface into the same business services that govern transfers
- Storage Networks: IPFS and MinIO for document persistence and metadata
- Monitoring: OpenTelemetry integration for observability and SIEM integration
What stakeholders get
- Institutions: One SLA and risk profile. Lifecycle policy changes propagate everywhere because the control plane owns them end-to-end.
- Compliance Teams: Deterministic, pre-transfer checks and auditor-ready logs rather than reconciling middleware exports.
- Operations Teams: Monitor one set of metrics and alerts, rehearse failovers, manage capacity using the same pipelines that drive production.
- Developers: Ship features instead of glue. The API surface, smart contracts, and UI stay aligned through shared types and tests.