Blockchain Infrastructure for RWA Issuers & Tokenization Platforms
An RWA issuer puts real-world assets on-chain as permissioned tokens backed by KYC compliance, Proof-of-Reserve, and a compliant secondary market so investors can hold them with the self-custody and transparency they expect. Built on mainnet, owned by you.
An RWA issuer puts real-world assets (US treasuries, private credit, real estate, commodities, or fund shares) on-chain as tokens that investors can hold, trade, and redeem. RWA tokenization is the engineering behind that: the permissioned token, the compliance rules, the price and reserve oracles, the vault that processes subscriptions and redemptions, and the secondary market where the token finds liquidity.
Most RWA programs stall before they close a real institutional allocator: compliance enforced off-chain that investors distrust, KYC that gates signup but not every transfer, and no liquid secondary exit once the asset is live. Protofire builds the full stack that resolves each layer.
We deliver tokenized-securities infrastructure that runs on mainnet today: the contracts, compliance layer, oracles, vaults, and protection that you own, rather than a tokenization SaaS you rent. We have shipped 250+ projects since 2016 across 60+ networks and 95+ protocols, so the standards we recommend for your assets are ones we have deployed.
If you are the CTO or engineering lead responsible for delivering the on-chain product, the CFO or compliance officer who needs a structure institutional allocators will accept, or the founder closing the gap between pilot and committed capital, this page maps the parts of the RWA stack and what we deliver for each; the deep dives live on our service pages, and this is the route in.
The six-layer RWA issuance stack
Every layer an issuer needs to tokenize, distribute, and protect a real-world asset: what we deliver for each.
Permissioned token contracts
Compliance and KYC layer
Vaults (ERC-4626/7540)
Oracles and Proof-of-Reserve
Secondary liquidity (dOTC)
Risk protection (RWArmor)
What are permissioned tokens for tokenized securities (ERC-3643)?
A tokenized security is not an ERC-20 you can send to anyone. It is a permissioned token: transfers are allowed only between verified, eligible wallets, and the rules travel with the token. The industry standard for this is ERC-3643 (T-REX): an on-chain identity registry plus a compliance contract that checks every transfer against KYC status, jurisdiction, holding limits, and lock-ups before it settles.
We implement permissioned issuance on this model: a token contract bound to an investor registry, configurable transfer restrictions, and an upgrade path your compliance team controls. The alternative, bolting compliance onto a plain token after mint, is the failure mode tokenization platforms hit most often, because there is no enforcement layer once the asset is live.
We build the enforcement in at issuance, so "who can hold this, under what conditions, and for how long" is answered in code rather than in a spreadsheet. Start with our tokenization infrastructure service.
KYC, investor registry, and on-chain compliance
Compliance is the part institutional capital checks first. We build KYC/KYB gating, multi-tier permissioning, investor registries, and jurisdiction-aware transfer rules into the token and vault layer, not as an off-chain gate that the contracts ignore. For Swarm Markets we implemented a full multi-tier permissioning system with 100% KYC coverage across every user and asset on a BaFin-licensed venue (detail below).
For fund and credit products, our VaultOS module set (P1-P5) adds post-issuance distribution control, transfer-restriction enforcement, and an investor registry that stays authoritative after the asset is minted. The result is that an allocator's risk committee can see exactly which addresses are eligible, how redemptions are controlled, and how the rules are enforced.
Those are the questions that otherwise stall an onboarding for months. Compliance overlays and jurisdiction templates are configurable per asset class.
How do tokenized funds and credit vaults work (ERC-4626 / ERC-7540)?
A token represents the asset; a vault runs it. For tokenized fund shares, private-credit pools, and tokenized treasuries, we build vaults on the ERC-4626 standard, and on ERC-7540 where subscriptions and redemptions are asynchronous. That is the realistic case for funds and credit, where entry and exit are not instant and need NAV-aware settlement, role separation, and queued redemptions at institutional quality.
Our VaultOS infrastructure gives the issuer a client-owned control plane: governance, policy, approvals, and redemption controls, with design partners across RWA platforms, custodians, and allocators. For dollar products, we deliver a full ERC-4626 yield-bearing stablecoin stack: a vault, yield-strategy connectors (Aave/Compound lending, Lido/Rocket Pool staking, or tokenized T-bills via Ondo/Mountain Protocol), a liquidation bot, a subgraph, and Safe governance.
A tokenized T-bill or money-market product gets its on-chain distribution layer without a four-to-six-month greenfield build. Start with our tokenized vault infrastructure or yield-bearing stablecoin service.
A compliant secondary market for tokenized RWAs (dOTC)
Issuance is half the problem; the other half is liquidity. Large RWA blocks do not belong on a public DEX, where they create slippage, signaling, and MEV exposure, and where pooled tokens become an attractive single target for an attack. dOTC is our decentralized OTC product: a peer-to-peer secondary market with KYC-gated, multi-tier permissioned access, built so RWA holders and market makers meet without forcing flow through public venues.
It supports tokenized RWAs such as AAPL, TSLA, NVDA, and T-Bonds plus 50+ more, with an embeddable widget designed to be discoverable by AI, and a reward mechanism intended to pay liquidity providers a competitive on-chain yield for keeping live bid/ask offers. It is built around Swarm Markets' tokenized-RWA inventory.
The design goal is a complement to public liquidity infrastructure, not a replacement: private execution with on-chain settlement and permissioning. Start with our RWA decentralized OTC service.
Parametric protection for tokenized RWAs (RWArmor)
The objection that loses the most term sheets is "what happens if something goes wrong operationally?" Audits cover code; they do not cover redemption freezes, custody or SPV breakdown, NAV deviation, or distribution failures. RWArmor, our parametric protection layer, is live on Atomica, the permissionless insurance marketplace Protofire DAO built and operates in production with live coverage programs, including LandX.
It pays out automatically when predefined, objective triggers fire, verified by multi-oracle consensus (UMA, Kleros, and custom adapters) rather than a manual claims process. With LandX it insured 841 hectares and 660,000 kg of crops against loss, and it has validated coverage on $500K of initial loans through Atomica.
The team behind it is not first-time at this: Renat Khasanshyn co-founded Etherisc, the first decentralized insurance protocol on Ethereum (2017). For an issuer, protection is the structural answer that converts a hesitant institutional allocator into a committed one. Start with our RWA insurance service.
How we built it: Swarm Markets (tokenized equities)
Swarm Markets came to us to put regulated financial products on-chain without giving up the core DeFi properties: self-custody, on-chain transparency, and networked liquidity.
Our approach. We built the smart contracts, the multi-tier permissioning and KYC layer, subgraph integrations, and the testing frameworks, and we audited the system, then deployed it on Polygon Layer 2 to cut cost. The architecture combined an AMM, pooled liquidity, and decentralized OTC block trading in one compliant venue, with every user and asset verified before trading.
The outcome. Swarm DEX launched as the world's first BaFin-licensed decentralized exchange supporting both crypto and tokenized real-world assets. Transaction fees dropped ~98% (from $5-10 to $0.05-0.10), the platform onboarded 7,000+ KYC-verified users, and it grew to 50+ trading pairs, including tokenized Apple (AAPL) and Tesla (TSLA) stock, at 100% KYC coverage.
It is the proof that the stack above is not theoretical: compliant, low-cost, tokenized-securities trading running on mainnet. Read the full case study: Swarm Markets DEX.
An engineering team that owns the RWA stack since 2016
Protofire has shipped 250+ projects since 2016 across 60+ networks and 95+ protocols. We are an official Safe Guardian (Protofire-deployed networks secure $2B+ across 120+ EVM networks), a core contributor to Chainlink, and a top-3 indexer in The Graph ecosystem. We maintain Solhint, the open-source Solidity linter used by 1M+ developers.
For finance and RWA teams specifically, we have built the on-chain products an issuer needs end to end: VaultOS for client-owned vaults, RWArmor for parametric protection (live on Atomica), and dOTC for compliant secondary liquidity. That makes us one of the few teams that can show a shipped RWA stack rather than an advisory framework. When we recommend ERC-3643, an ERC-7540 redemption flow, or a Proof-of-Reserve design, it is because we have deployed it.
“The engineering team that owns the RWA stack on mainnet: permissioned tokens, vaults, compliance, oracles, secondary liquidity, and protection, built so you own it rather than rent it.”
We built the smart contracts, multi-tier permissioning, KYC layer, subgraph integrations, and testing frameworks for the world's first BaFin-licensed DEX supporting tokenized equities and RWAs. The platform launched with 7,000+ verified users and 50+ trading pairs including AAPL and TSLA.
We built Armanino's on-chain Proof-of-Reserve reporting suite attesting reserves in real time across 1,500+ enterprise clients, the same attestation model integrated into the RWA issuance stack.
As a core Chainlink contributor we built external adapters across 7+ networks and wired Chainlink Proof-of-Reserve, including the Cache.gold reserve attestation, into the issuance and redemption path so backing is proven on-chain rather than in a PDF.
FAQ
What is an RWA issuer, and what is RWA tokenization?
Which token standard should I use, and is it ERC-3643?
How do you handle compliance, KYC, and custody?
How do investors get liquidity after issuance?
Can a TradFi-style issuer without a crypto-native team still get help?
How long does it take and what does it cost?
Reviewed by Luis Medeiros, Field CTO at Protofire. Last reviewed: June 2026.


