Internet-Draft | Asset Schema Architecture | May 2024 |
Avrilionis & Hardjono | Expires 21 November 2024 | [Page] |
SATP Core defines an unidirectional transfer of assets in three stages, namely the Transfer Initiation stage (Stage-1), the Lock-Assertion stage (Stage-2) and the Commitment Establishment stage (Stage-3). This document defines the Setup Phase, often called "Stage-0", prior to the execution of SATP Core. During Setup, the two Gateways that would participate in the asset transfer are bound together via a "transfer context". The transfer context conveys information regarding the assets to be exchanged. Gateway can perform any kind of negotiation based on that transfer context, before entering into SATP Core.¶
Discussion of this draft takes place on the SATP mailing list (sat@ietf.org), which has its home page at https://datatracker.ietf.org/wg/satp/about/.¶
This Internet-Draft is submitted in full conformance with the provisions of BCP 78 and BCP 79.¶
Internet-Drafts are working documents of the Internet Engineering Task Force (IETF). Note that other groups may also distribute working documents as Internet-Drafts. The list of current Internet-Drafts is at https://datatracker.ietf.org/drafts/current/.¶
Internet-Drafts are draft documents valid for a maximum of six months and may be updated, replaced, or obsoleted by other documents at any time. It is inappropriate to use Internet-Drafts as reference material or to cite them other than as "work in progress."¶
This Internet-Draft will expire on 21 November 2024.¶
Copyright (c) 2024 IETF Trust and the persons identified as the document authors. All rights reserved.¶
This document is subject to BCP 78 and the IETF Trust's Legal Provisions Relating to IETF Documents (https://trustee.ietf.org/license-info) in effect on the date of publication of this document. Please review these documents carefully, as they describe your rights and restrictions with respect to this document. Code Components extracted from this document must include Revised BSD License text as described in Section 4.e of the Trust Legal Provisions and are provided without warranty as described in the Revised BSD License.¶
SATP, in its specification in SATP Core [1], defines a three-stage protocol for unidirectional transfer of assets between two Networks. The protocol is executed by two Gateways, according to the flow defined in section 5 of SATP Core. As stated in SATP Core, "the interactions between the peer gateways prior to transfer initiation stage (Stage-1) is referred to as the setup stage (Stage-0)". Although the Setup stage is outside the scope of SATP Core, it plays an important role in the overall consistency of the protocol. For example, during setup, gateways can access important information based on the nature of the assets to be transferred, including technical, business, or compliance data. This document defines the sequence of interactions during Setup. These interactions among applications, gateways and networks lead to the binding of the two gateways that will then perform a specific transfer instance as defined in SATP Core.¶
Setup is triggered by the Client Application that originates the transfer sequence via a call to Gateway's G1 (via API1). The transfer context associated with the transfer instance conveys all required information about the assets to be transferred.¶
The diagram below presents the sequence of actions during the Setup stage.¶
App1 the "Originator Application" (driven by Alice) and App2 the "Beneficiary Application" (driven by Bob) must interact with each other in Stage-0 before execution of SATP Core. The sequence of interactions is as follows:¶
App1 (the Originator App) requests to gateway G1 (Originator Gateway) the creation of a transferContext (TC) related to one of more Tokenized Asset Records (TARs - see [3]). We assume App1 can access the definition of TARs, for example stored in an external Registry (accessing TAR definitions stored in a Registry by an App is outside the scope of this document. We assume such operations occurred before the execution of the Setup stage).¶
App1 receives the transferContext ID (TCID) from the Originator Gateway G1.¶
App1 calls the relevant endpoint(s) in Network NW1 in order to bind the Digitized Asset Records (DARs - see [3]) with the specific transferContext ID. Associating the transferContext with specific DARs in a Network is important, especially in case of competing transfer instances: the Network must associate the DARs with the correct transferContext ID to maintain consistency of locking and thus avoid deadlocks / starvation, for example, when different SATP transfer instances compete for the transfer of the same DARs.¶
App1 sends (propagates) the transferContext ID to App2.¶
App2 acknowledges propagation of the specific transferContext ID (via a return message to App1).¶
App2 calls the relevant endpoin(s) in Network NW2 in order to prepare creation of DARs. This step aims at preparing NW2 for the transfer. For example, ensure collateralisation of assets, or perform compliance verifications before the effective transfer.¶
App2 calls the gateway G2 to propagate the transferContext ID.¶
Gateway G2 calls G1 (via API2) to perform binding of the two gateways for the specific Transfer Context ID.¶
At any moment after binding G2 with the Originator Gateway G1, App1 can start the execution of the SATP Core transfer instance.¶
At the end of the execution of the transfer instance, the Apps can call their respective gateways (via API1) to receive an update on the completion status of the transfer (messages 10 to 13). The completion status can be either "commit" or "rollback".¶
To summarise, at the end of the Setup stage, the following conditions shall be met. Only if all these pre-conditions are true the SATP Core transfer instance can be executed (note: completion can be either commit or rollback).¶
Below we give an example of a transfer context. The following can be noted:¶
The identifier of the transfer context contains a reference to the originator gateway address.¶
There might be several sessions associated with a transfer context. For example, in case of recovery from a crash, a new session might be created for the specific transfer context (the example shows a transfer context with two previous sessions in history).¶
tarIDs refer to TAR that are stored in Registries and can be accessed by Gateways via API3.¶
In order not to lock assets forever a specific transfer expiration time limit can be set.¶
Network endpoints are important for traceability reasons so it is clear what execution unit in the networks managed the lock/extinguishing (NW1) and creation (NW2) operations for the specific transfer context.¶