The compliance layer institutions need to operate treasury vaults on Solana. KYC-gated access, multi-signature approvals, spending controls, and Travel Rule compliance — all enforced on-chain.
No wallet required for demo · Full vault experience with simulated data
$2.27M
Total Value Secured
across institutional vaults
47
Transactions Processed
with full audit trail
100%
Compliance Rate
KYC / KYT / AML / Travel Rule
Infrastructure
Every feature designed to meet the compliance and operational standards required by banks, asset managers, and regulated financial entities.
On-chain attestation with expiry enforcement per FATF Rec. 10 (CDD). Identity verified via licensed provider before vault access. Expired KYC blocks all operations.
Four-tier RBAC (Admin, Manager, Operator, Viewer) enforced on-chain via PDAs. Aligns with ISO 27001 Control A.5.15 and FINMA Circular 2017/1 three lines of defense.
Configurable M-of-N thresholds for withdrawals with immutable approval chain. Supports FINMA Circular 2023/1 operational risk controls and segregation of duties.
Per-role daily limits enforced at the token level via Transfer Hooks. Cannot be bypassed even by direct program interaction. Meets FINMA operational resilience requirements.
Originator/beneficiary data per FATF Rec. 16. Configurable thresholds: $1,000 (FATF), CHF 0 (Swiss FINMA 02/2019), EUR 0 (EU TFR 2023/1113).
15 event types on immutable Solana ledger. Satisfies FATF Rec. 11 (record keeping), EU MiCA Art. 68(10) record-keeping RTS, and EU DORA resilience requirements.
Technical Architecture
Bastion is a Solana program built with the Anchor framework, leveraging Token-2022 Transfer Hooks for institutional compliance. All access control, approval logic, and regulatory checks are enforced at the token level — not the application layer. Designed to satisfy Swiss FINMA licensing requirements, EU MiCA obligations, and FATF Recommendations for Virtual Asset Service Providers.
Vault Initialization
Create PDA-owned vault with configurable roles, thresholds, and limits
KYC Verification
On-chain attestation required before any vault interaction
Deposit & Operations
Token-2022 transfers with role-based spending limits enforced per-instruction
Multi-Sig Withdrawal
M-of-N approval collection on-chain before fund release
Travel Rule & Audit
Originator/beneficiary data anchored. Full event log for regulators
Built for StableHacks 2026 · Track 1: Institutional Permissioned DeFi Vaults
Connect your Solana wallet to interact with the live devnet program, or try the demo to see the full institutional vault experience.