From mandate to secondary trade, on one set of rails.
Every T3RRA issuance runs through the same seven-stage flow. At each stage, a specific protocol surface does the work — and leaves a verifiable trace.
Seven stages. Four surfaces. One policy.
Mandate
Deal DeskAsset owner engages T3RRA. Scope, jurisdictions, and target raise are fixed.
A signed mandate agreement and a named desk lead.
Nothing yet — the deal isn't public.
Four surfaces do the work.
Each one is documented, versioned, and touchable.
L3RS-1 — the asset standard.
Versioned token standard (v1.0.0 Profile F) with a total ComplianceModule. Rules are enforced by the token, not a wrapper around it.
Open the builderPG[Σ] — policy-gated signing.
Threshold signing scheme where the PolicyHash is bound into the Fiat–Shamir transcript. A transfer is valid only if the policy the signer committed to is the policy that gets enforced.
Run a transferFlow — cross-chain routing.
Route admissibility predicate J ∧ T ∧ ID ∧ X plus a (5,9) bridge committee certificate. Replaces ad-hoc lock-and-mint with something capital markets can underwrite.
Route a tradeAgent Mesh — six-class operational layer.
Six agent classes (Onboarding, Tokenization, Marketplace, Trade, Liquidity, Treasury/Compliance) proposing corporate actions inside the PG[Σ] envelope. Policy still decides.
Run a corporate actionA transfer, traced.
Here's one real operation: an investor sells a $2M position in a commercial real estate tranche to a buyer on a different chain. Seven steps, four surfaces, one policy.
- 1Buyer sends a transfer request.Flow
Source chain: Ethereum. Destination: Polygon. Amount: 2,000,000 units.
- 2Flow evaluates J ∧ T ∧ ID ∧ X.Flow
Jurisdiction (buyer and seller both in eligible jurisdictions), Time (outside the lockup window), Identity (both KYC-verified under the issuance's investor class), eXception (no sanctions hit, no issuer block). All four predicates return true.
- 3Flow constructs a route.Flow
A single cross-chain leg with a (5,9) bridge committee certificate. The route certificate carries the PolicyHash.
- 4Destination chain re-runs the ComplianceModule.L3RS-1
Same PolicyHash. Same answer. The rule travels with the asset.
- 5PG[Σ] co-signs.PG[Σ]
The signing ceremony binds the PolicyHash into the Fiat–Shamir transcript. If a different policy had been substituted, the signature wouldn't verify.
- 6Settlement executes atomically.Flow + L3RS-1
Seller's position is burned on Ethereum, buyer's position is minted on Polygon. The cap table updates on both chains in a single verifiable step.
- 7Agent Mesh records the event.Agent Mesh
The Trade and Treasury/Compliance agents emit the reporting artifact — FATF Travel Rule fields are already present because they were enforced at step 2.
Illustrative — production behavior is governed by Cryptographic Spec v1.0 rev B §4 (PG[Σ]) and Flow v1.1 §3 (route admissibility).
Who does what.
| Stage | T3RRA | Issuer | Investor |
|---|---|---|---|
| Mandate | Structures the engagement | Signs mandate | — |
| Structuring | Runs the deal desk | Provides asset, signs docs | — |
| L3RS-1 config | Compiles ComplianceModule | Reviews & approves policy | — |
| Issuance | Runs the mint under PG[Σ] | Authorizes issuance | Subscribes |
| Primary settlement | Verifies eligibility, settles | Watches primary book | Funds, receives tokens |
| Secondary trading | Operates Flow & policy gates | Observes cap table | Trades across chains |
| Servicing | Runs Agent Mesh under PG[Σ] | Approves exceptions | Receives distributions |
Where the AI sits.
T3RRA runs a six-class Agent Mesh — Onboarding, Tokenization, Marketplace, Trade, Liquidity, and Treasury/Compliance. Inside each class, 14 named AI capabilities (documented in Flow §15) handle the operational work: drafting, reconciliation, reporting, anomaly detection, routing proposals.
Every agent sits inside the PG[Σ] envelope, not outside it. Agents propose. Policy disposes. A ComplianceModule refusal is a refusal — the mesh cannot route around it, and exceptions always surface a human in the loop. This is the opposite of "AI trading bots": the cryptography is the constraint, and the agents operate within it.
Agents propose. Policy disposes.
Fourteen AI capabilities
Every one published, ablation-tested, and caged inside the PG[Σ] envelope.
| # | Name | Class | Role |
|---|---|---|---|
| 1 | Residual GBM route scorer | Gradient boost | Scores candidate routes against PHI residuals |
| 2 | Learned re-ranker | Pairwise LTR | Real-time re-ranking under venue conditions |
| 3 | LLM quote evaluator | Structured prompt | Reads RFQ quotes for hidden adverse terms |
| 4 | LSTM inventory forecaster | Sequence | Predicts depth and inventory across chains |
| 5 | Deep anomaly detector | Autoencoder | Flags route, venue, and quote anomalies |
| 6 | PolicyHash authoring assistant | Tool-using LLM | Drafts ComplianceModules from natural-language policy |
| 7 | Counterparty risk scorer | Tabular DL | Scores VASP and counterparty risk live |
| 8 | Settlement timing optimizer | RL | Times settlement to minimize bridge friction |
| 9 | Cross-chain liquidity forecaster | Sequence | Forecasts cross-chain depth on a 5–60 minute horizon |
| 10 | Order-flow toxicity classifier | Gradient boost | Flags toxic flow before it reaches the venue |
| 11 | Predicate explainer | LLM | Explains why a predicate failed in plain language |
| 12 | Policy diff summarizer | LLM | Summarizes ComplianceModule diffs between versions |
| 13 | Cross-chain bridge health monitor | Time-series DL | Monitors (5,9) committee liveness |
| 14 | Reproducibility harness orchestrator | Tool agent | Runs the public ablation harness end-to-end |
Full documentation in Flow §15.
Where architecture matters and where it doesn't.
T3RRA accelerates the on-chain half of enforcement. The underlying real-world asset — building, ship, loan book — lives in a legal system, and enforcement against it runs the same court process as any conventional instrument.
Three paths, one stress test.The top half — operational enforcement — is where T3RRA's architecture changes the outcome. The bottom half — legal recovery of the physical asset — runs the same course regardless. Every competitor collapses that distinction. T3RRA makes it explicit.
