April – May Development Update

New Vault for Fund Treasury (ERC-7540)

How it will work

The vault is built around three ideas:

Shared control. Treasury actions need approval from three parties: the fund representative, the legal office, and a platform representative. If the fund is owned by an LLC or other entity, all of that entity's controllers also need to be signers.

Easy signing. Fund managers shouldn't need to understand crypto to sign transactions. We plan to use OTP codes as the signing method (the same approach we already use for wallets), and a "gas station" so signers don't have to deal with paying network fees.

Optional delay before execution. A timelock can be turned on so that all actions wait a set period before going through, with investors notified during the wait. This addresses the SEC's investor relations and transparency requirements.

Once enough signatures are collected, the transaction goes through (or waits for the timelock if enabled).

What's live today

We started with a simpler version:

                    ┌─────────────────────────┐
                    │   FUND MANAGER (KYC'd)  │
                    │      Required signer    │
                    └───────────┬─────────────┘
                                │
                                ▼
                    ┌─────────────────────────┐
                    │   Optional co-signers   │
                    │  (not enforced yet)     │
                    │  • Legal office         │
                    │  • Platform rep         │
                    └───────────┬─────────────┘
                                │
                                ▼
                    ┌─────────────────────────┐
                    │   PENDING TRANSACTION   │
                    └───────────┬─────────────┘
                                │
                ┌───────────────┴───────────────┐
                ▼                               ▼
    ┌───────────────────────┐       ┌───────────────────────┐
    │   MANUAL APPROVAL     │       │   AUTO APPROVAL       │
    │                       │       │                       │
    │  Fund manager reviews │       │  Triggers when:       │
    │  & approves each tx   │       │  • User is            │
    │  in admin panel       │       │   `legally_confirmed` │
    │                       │       │  • Fund moves to      │
    │                       │       │   `legally_closed`*   │
    └───────────┬───────────┘       └───────────┬───────────┘
                │                               │
                └───────────────┬───────────────┘
                                ▼
                    ┌─────────────────────────┐
                    │   TRANSACTION EXECUTED  │
                    └─────────────────────────┘

Per closing process specification

Still to do

The corporate multi-controller flow, the rules for when legal and platform reps must sign, and the live rollout of the timelock will all be tackled in upcoming sprints, alongside our first client.

Security and Infrastructure

These changes support our SOC 2 Type 2 certification:

Switched from a custom VPN solution to Cloudflare Zero Trust. Better access controls and easier to audit.
Added email 2FA to the admin panel. You now need a code from email just to open the admin URL.
Added SSL certificates to internal services. Standard best practice — all internal traffic is now encrypted.

Mobile App

A lot of bug fixes shipped this period. The mobile app is still a work in progress and will continue to get attention.

27 APR, 2026

Arbitrum L3 for Tokenization

22 APR, 2026

Choosing network architecture for tokenization

21 APR, 2026