RWA API

Enterprise Real World Asset (RWA) RPC Methods

Writing date: 2026-05-05

RWA API
Enterprise Real World Asset (RWA) RPC Methods

Document Version: 1.0
Writing Date: 2026-05-05
Last Updated: 2026-05-07
Scope: ZORAI Enterprise RWA RPC, RWA Issuers, Compliance Admins, Verifiers, Valuers, RegTech systems, custody providers and audit integrations.

1. Overview

The RWA API is the RPC surface ZORAI provides for enterprise Real World Asset issuance, compliance, valuation, distribution, redemption and regulatory disclosure workflows. These methods are designed for controlled business systems and compliance back offices, and must not be exposed as unprotected public wallet APIs.

The primary implementation is located in pkg/rpc/rwa_rpc.go. State models live under pkg/rwa, and the standard contract template is contracts/zorai-token-templates/ZORAIRWAToken.sol. In production, RWA RPC should operate together with standard EVM asset contracts, KYC providers, custody systems, audit workflows and external legal processes.

2. Primary Methods

rwa_registerIssuer – Register the asset issuer
rwa_registerAsset – Register the underlying real-world asset
rwa_registerVerifier – Register an asset verifier
rwa_registerValuer – Register an asset valuer
rwa_setKYCRecord – Set the investor KYC record
rwa_getKYCRecord – Retrieve the investor KYC record
rwa_isVerified – Check whether an address is verified
rwa_submitDocument – Submit document hash, URI and version records
rwa_getDocuments – Retrieve asset document records
rwa_createProposal – Create an issuance or governance proposal
rwa_voteProposal – Vote on a proposal
rwa_activateToken – Activate the RWA Token issuance state
rwa_transfer – Execute a compliant asset transfer
rwa_validateTransfer – Validate whether a transfer satisfies compliance rules
rwa_createDistribution – Create a dividend or income distribution batch
rwa_claimDividend – Claim an approved dividend or distribution
rwa_requestRedemption – Request asset redemption
rwa_approveRedemption – Approve an asset redemption request
rwa_executeRedemption – Execute an approved redemption
rwa_submitDisclosure – Submit an asset disclosure record
rwa_getStats – Retrieve RWA module statistics

3. Advanced Methods

rwa_setComplianceRules – Configure asset-level compliance rules
rwa_registerTradingVenue – Register a compliant trading venue
rwa_preTradeCheck – Run a pre-trade compliance check
rwa_setTransferRestriction – Set transfer restriction rules
rwa_setSanction – Set address sanction status
rwa_registerSPV – Register a Special Purpose Vehicle (SPV)
rwa_createFund – Create a fund-style RWA vehicle
rwa_addTranche – Add a structured product tranche
rwa_updateNAV – Update fund or portfolio NAV
rwa_setCashflowPolicy – Set the cashflow distribution policy
rwa_submitAttestation – Submit an external attestation record
rwa_verifyAttestation – Verify an external attestation record
rwa_registerCrossChainMapping – Register cross-chain asset mapping
rwa_submitPrivacyProof – Submit a privacy proof commitment
rwa_generateRegulatoryReport – Generate a regulatory report record
rwa_getRegulatoryReport – Retrieve a regulatory report record
rwa_submitValuation – Submit an asset valuation record
rwa_verifyValuation – Verify an asset valuation record
rwa_updatePrice – Update asset price oracle data
rwa_getPriceHistory – Retrieve asset price history

4. Permission and Security Requirements

Important: RWA management methods must not be exposed through an unprotected public RPC endpoint. Production deployments must protect management methods with Admin controls, API Key, Validator ACL, Multisig, Timelock and Audit Trail.

Admin / API Key – Issuer registration, asset registration, KYC updates and compliance rule mutations must require administrative credentials or API keys.
Validator ACL – High-privilege RWA RPC should only be reachable from validator/admin networks, internal network ranges or controlled reverse proxies.
Multisig – Issuance activation, forced transfer, freeze, blacklist, redemption execution and fund-related operations should require enterprise multisig approval.
Timelock – High-risk changes such as compliance rules, role changes, upgrades or large redemptions should use a timelock.
Audit Trail – Every management operation must record operator identity, timestamp, parameter hash, approval record and on-chain transaction hash.
Privacy Boundary – Raw KYC files, identity documents, banking records and legal contracts must not be written directly on-chain. Store only hashes, URIs, versions and revocation status.

5. Future Plans / Next Steps

Add complete request / response JSON schemas for each RWA RPC method.
Add error codes, permission matrix and recommended API gateway configuration.
Provide TypeScript SDK, Go SDK and Postman Collection examples.
Add an enterprise issuance e2e example covering issuer onboarding, KYC, issuance, transfer, distribution, redemption and regulatory reporting.
After external audits, publish audited contract addresses, audit report hashes and production deployment checklist.