Custody Service - Draft Proposal
Overview
The Custody service in FinP2P is an asynchronous and decentralized method that enables custodians to provide services to other FinP2P organizations (such as broker dealers, exchanges and banks), by acting as the custodian for their Investor's digital assets.
The Custody Service will provide a secure and reliable system for the safekeeping of an investor's financial assets (e.g digital securities), ensuring that Investors assets are segregated, protected and managed in an efficient and transparent manner. The Custody Service will maintain accurate records of all assets under custody; the cryptographic materials related to keeping those assets; protection of assets from unauthorized access; approval of instructions from the account holders and regulatory reporting as required; and balance and information inquiries. It will also allow asset managers to provide various services to their end Investors, using the FinID custodied by them, such as distribution of dividends.
Custody Service
To facilitate and orchestrate the custody process and the various use cases around it, we are adding a provider type to the network - the Custody service node. A Custody service node exposes to the FinP2P network a set of interfaces that enable Owner (trading) services (such as broker dealers, banks and exchanges) to approve them, and offer them as a segregated custody service to their clients. The custody service responsibilities include:
Facilitating a Connect to Custodian process, to onboard Investors on a custody wallet and associate it with the Owner FinP2P Profile on the Owner (trading) Node. This process ensures that the owner is indeed the same owner that was onboarded by the Owner (trading) service (such as a broker dealer, bank or exchange) and therefore has the same certificates, such as KYC/AML.
Approve and Sign FinP2P Transactions for the Investor’s asset trades.
See and report on the Investor asset holdings and balances.
Facilitate Transfer of assets from an existing FinID identity to another FinID managed by the chosen custodian.
Facilitate the process of re-associating the custody FinID account to a different Investor profile on a new Owner (trading) Node in case of Node “termination” (such as in the event of a broker dealer bankruptcy).
FinID Association
To enable this option, an Owner’s Profile Resource, which originally supported a single FinID, will now be upgraded to support multiple FinIDs, which can be associated to other custody service organizations.
This means an asset will see two types of FinP2P services associated with every owner:
The Owner (trading) service - managed by the Primary Node of the owner. This is the service that provides certificates for the Owner, presents investment opportunities to the owner, and will enable the owner to initiate trades.
Typically a Broker Dealer, bank, exchange etc.
Verifies the investors and their credentials.
Offers investments opportunities and assets to investors
Manage the investment and trading processes
Helps investors see their offerings across all custodians and assets classes.
The Custody Service - the FinID of the Owner for that specific asset - managed by the financial institution’s node that provides the Custody service.
Typically a Custodian
Keeps the investors assets segregated from the Owner (trading) service and secured via the FinID wallet address management.
Manages the approval and signature process for transactions initiated at the Owner (trading) service. This includes 2FA, multi signatures, hardware based security, or any other security measure.
Provides various custody solutions to the client (but not broker dealer services and trading).
Each of the two service nodes will be entitled to receive some information from the asset, depending on their role.
Private Key Management
Private keys are crucial for accessing and transferring digital assets. The custody service node should securely store private keys and only allow authorized parties to access them. Multi-signature schemes can be implemented to ensure that multiple parties must agree before a transfer can be made.
User Interface
The custody service node should provide a user-friendly interface for users to manage their digital assets. This can include features such as approving asset transactions, account management, transaction history and reporting, and any other traditional custody service.
Flows
Connect to Custodian (new FinID)
Investors associates a custodian provider (The Custody Node) with their owner profile on their Owner (trading) Node. (Note: the trading node is the institution where the investor is finding and researching new assets, trading etc , such as a broker dealer, bank exchange, etc).
Once the new FInID is approved, it is associated with the Owner Profile Resource by the Owner (trading) Node.
Diagram depicts the interaction between the Investor, the Trading Platform and the Custody Service for associating a custody provider with an owner profile on the FinP2P Trading Node. A request is sent to the custody provider to connect the investor owner profile to the custodian account with a designated FinID for the owner. A connect approval process is coordinated with the user to connect the custodian account, validate and approve it. At the end of the process, the FinP2P Profile of the investor on the Trading Node is connected to the FinId of the investor managed by the Custodian.
Approve and Sign Transactions
Investors who execute trades, utilize the custody provider to sign and approve transactions.
In terms of interface, this would usually manifest in the investor initiating a trade on the trading platform (such as broker dealer, bank or exchange), then the approval process is initiated by the custodian, and only once performed successfully, the transaction will be executed. The process is asynchronous, so the approval process may be immediate, or take time.
Diagram depicts the interaction between the Investor, the Trading Platform and Custody Service for the transaction signature and approval of a trade. The Custody service will facilitate the transaction approval and signature process directly with the investor and provide a signed instruction to execute the trade.
Transfer an asset from an existing FinID to a Custodian-managed FinID
Investors can move existing assets to a selected new custodian.
The flow assumes the investor has an asset under an existing FinID, and wishes to initiate a transfer of that asset to a new FinID managed by their custodian.
This process is using the standard FinP2P processes for transferring assets between FinIDs. The asset Node can know that both the source the destination FinIDs belongs to the same Owner profile, as the Profile Resource ID is provided with the transfer request.
Diagram depicts the interaction between the Investor, the Trading Platform, the Custody Service and Asset Node for moving an existing FinID with tokenized asset into a custody provider FinID account. A request is sent to the custody provider to connect the investor owner profile to a new custodian account with a designated FinID for the owner. A connect approval process is coordinated with the user to connect the custodian account, validate and approve it. Then a transfer process is started to move assets from the original FinID to the new designated FinID at the custodian. Asset nodes will be able to identify that this transfer is between FinIDs of the same investor and handle the transfer operation accordingly, resulting in a new receipt approving the update.
Custody providers access to information from the asset service
FinP2P provides permission to request and access information based on the Profile ResourceID of the owner, which means the trading service (such as the broker dealer) can have such information. Once we introduce a Custody provider, the custody service should ALSO be able to access information related to the assets belonging the the FinID managed by them.
This will be achieved by updating the Owner’s Profile with multiple FinID’s - each with it’s associated Custodian. So, when a custodian requests information from the Asset, the asset can verify that the Custodian is indeed the manager of the FinID associated with the Investor.
Owner (trading) Node (example: Broker-dealer) termination
FinP2P will provide a process of re-associating the custody FinID account to a different owner profile on a new Owner (trading) Node in case of Node “termination” (such as in the event of a broker dealer bankruptcy).
The specifications for this portion is still work in progress.
FinP2P Network Interface Specification additions
Custody Service
Introducing a new Service on top of the FinP2P network to provide custody capabilities for various trading nodes. Adopters of the new Service API will be required to support a set of new operations:
service CustodyService {
// provide user signature for proposed transfer operation, server should respond with Acknowledgement message containing
// correlation id for the expected operation result on the OperationResults stream.
rpc ProvideSignature (SignedProvideSignatureRequest) returns (SignedProvideSignatureResponse) {
}
// Connect an Owner Resource profile with Custodian FinID account
rpc Connect(SignedConnectRequest) returns (SignedConnectResponse) {
}
// bi-directional stream to provide results for asynchronous operations (e.g. Transfer, ProvideSignature)
// messages will contain the relevant request correlation id.
rpc OperationsResults (stream SignedStreamMessage) returns (stream SignedStreamMessage) {
}
}Provide Signature
Provide user signature for proposed transfer operation. The server should respond with Acknowledgement message containing correlation id for the expected operation result on the OperationResults stream.
Request Message
message SignedProvideSignatureRequest {
ProvideSignatureRequest request = 1;
common.Signature signature = 2;
}
message ProvideSignatureRequest {
common.Envelope envelope = 1;
signature.SignatureTemplate template = 2;
common.ResourceID signer = 3; // User for whom the signature request is addressed to
common.ResourceID intentId = 4;
}
Response Message
message SignedProvideSignatureResponse {
ProvideSignatureResponse response = 1;
common.Signature signature = 2;
}
message ProvideSignatureResponse {
common.Envelope envelope = 1;
common.Status status = 2;
oneof payload {
Acknowledgement ack = 10;
ProvideSignatureResponsePayload signatureResponse = 11;
}
}
message ProvideSignatureResponsePayload {
bytes signature = 2;
}
Connect Custodian
Connect owner profile with a custodian managed FinID account.
Request Message
Response Message
Stream Message (OperationsResults)
Bi-directional stream to provide results for asynchronous operations (e.g. Transfer, ProvideSignature). Messages will contain the relevant request correlation id.