ERC-3643 (T-REX Protocol)

ERC-3643 — formally titled Permissioned Token Standard for Security Tokens and known by its implementation name T-REX (Token for Regulated EXchanges) — is an Ethereum token standard that extends the ERC-20 fungible token interface with a modular compliance architecture. It was developed by Tokeny Solutions (Luxembourg), implemented in production from 2018, and formally submitted as Ethereum Improvement Proposal EIP-3643. The standard reached Final status following community review and has been adopted as the de facto technical framework for compliant security token issuance in Europe and increasingly globally.

Design Rationale

Standard ERC-20 tokens are permissionless: any address can receive or transfer tokens without verification. This design is incompatible with securities regulation, which requires that transfers occur only between verified investors who meet jurisdictional, accreditation, and holding-period requirements. ERC-3643 addresses this by making compliance enforcement a first-class component of the token contract itself, rather than an off-chain manual process.

The result is a security token where transfer restrictions are enforced at the smart contract level: a transfer reverts on-chain if either party fails to satisfy the compliance rules encoded in the contract — making illegal transfers technically impossible rather than merely prohibited.

Architecture: Four Core Components

1. Token Contract

The token contract is ERC-20 compliant, implementing the standard transfer, transferFrom, approve, and allowance functions. It is extended with compliance hooks: before any transfer executes, the contract queries the Compliance module and the Identity Registry. If either check fails, the transfer reverts. The token contract also exposes forced transfer functions accessible only to authorised agents (e.g., a recovery agent acting under court order), enabling regulatory compliance in cases of lost keys or legal seizure.

2. Identity Registry

The Identity Registry maintains the mapping between investor wallet addresses and their on-chain identity contracts (ONCHAINID). It records which addresses are eligible to hold the token and stores the investor’s verified claim keys — proofs that the investor has satisfied required compliance checks (KYC completion, accredited investor status, jurisdictional eligibility). The registry is managed by an authorised agent (typically the token issuer or its transfer agent) and can be updated in real time to add or remove eligible investors.

3. Compliance Module

The Compliance module contains the programmable compliance rules governing the token. Rules are modular and composable, including:

• Country restrictions: Block transfers to/from investors resident in sanctioned or excluded jurisdictions.
• Investor count limits: Cap the total number of token holders (e.g., to comply with a 2,000-investor limit under US Regulation D).
• Maximum balance rules: Prevent any single investor from holding more than a specified percentage of the total supply.
• Lock-up periods: Block transfers from an investor’s address until a holding period (e.g., the 12-month Reg D lock-up) has elapsed.
• Aggregate transfer limits: Restrict aggregate daily or periodic transfer volumes.

New compliance modules can be added or removed by the issuer (with appropriate governance) without replacing the token contract.

4. ONCHAINID

ONCHAINID is the decentralised identity standard underpinning ERC-3643, also developed by Tokeny and implemented as EIP-734/735 (key manager and claim holder contracts). Each investor has an ONCHAINID smart contract — a self-sovereign identity wallet — to which claims are attached. Claims are issued by trusted claim issuers (KYC providers, identity verification services, fund administrators) who cryptographically attest that the identity has satisfied a particular requirement. The token contract checks that the investor’s ONCHAINID holds a valid claim from a trusted issuer before permitting a transfer.

ONCHAINID claims are stored on-chain but can be structured to reveal only the fact of compliance (e.g., “this identity has passed KYC”) without exposing underlying personal data — an architecture that aligns with GDPR data minimisation principles.

EIP Status and Governance

ERC-3643 achieved Final EIP status after passing through the Ethereum community’s review process. As a Final ERC, it represents a stable, non-deprecated standard that implementers can rely on without anticipating breaking changes. The ERC-3643 Association, a Swiss non-profit, governs the standard’s ongoing development and maintains the reference implementation.

Institutional Adoption

ERC-3643 has been adopted by significant institutional issuers and infrastructure providers:

• Societe Generale — FORGE: SocGen’s digital assets subsidiary used ERC-3643 for its OFH security token (a covered bond registered with French authorities) and subsequent EUR-denominated digital bonds.
• Euroclear: The settlement infrastructure operator has explored ERC-3643 in the context of the EU DLT Pilot Regime.
• ABN AMRO: Digital green bond issuance.
• HSBC: Tokenized gold product (HSBC Gold Token) using compatible infrastructure.
• AXA Investment Managers, Generali Investments: Tokenized fund participation.

The standard is also the foundation of several national and regional initiatives in jurisdictions ranging from Luxembourg to Singapore.

Related entries: ERC-20 Token Standard, Security Token, KYC/AML in Tokenization, Whitelist (Compliance Token Architecture)

Primary source: EIP-3643 on Ethereum.org | ESMA guidance