Skip to content

Contract Architecture

HardlyDifficult edited this page Jul 17, 2026 · 1 revision

Contract architecture

OcpFactory --AuthorizeIssuer--> IssuerAuthorization
IssuerAuthorization --CreateCapTable--> Issuer + CapTable
CapTable --UpdateCapTable--> OCF objects and transactions

The system operator controls AuthorizeIssuer. The issuer observes and consumes that authorization. The resulting Issuer contract is signed by both issuer and system operator, preserving explicit role separation.

CapTable aggregate

CapTable stores the current contract ID for each OCF object ID. Issuances also have security-ID indexes so later transactions validate the correct security type. Issuer is special: there is one issuer contract per table and it is edit-only through the aggregate.

UpdateCapTable processes deletes, then regular edits in caller order, then dependency-tiered creates. Each edit archives and recreates its object atomically. Callers must use the returned new CapTable contract ID.

The aggregate is generated. Change captable-config.yaml, the generator, or its templates, then regenerate; do not hand-edit CapTable.daml.

Drill down

Clone this wiki locally