Governance Model
Three-Tier
Authorization
Every system action is classified, verified, and logged through a tiered governance framework. No action is unattributed. No event is unrecorded.
Tier Architecture
Authorization Hierarchy
Tier 0 — Automated
No Human Approval Required
System operations that are deterministic and risk-free execute automatically. Logged to governance ledger with no friction.
Examples: health checks · fingerprint generation · CID registration · backup rotation · ledger append · rate limit enforcement
Tier 1 — OTP Verified
One-Time Password Confirmation
Investor-facing operations require a 6-digit OTP with a 5-minute challenge window. Consent is explicit and cryptographically timestamped.
Examples: document signing · access token issuance · viewing session · export approval · funding intent capture
Tier 2 — Manual Approval
Explicit Operator Authorization
High-risk operations queue on the monitoring dashboard for operator review. No automated bypass. Approval requires explicit reason and identity.
Examples: config changes · new investor onboarding · governance override · backup restoration · key rotation · perimeter rule change
Tier 1 Detail
OTP-Verified Operations
| Operation | OTP Type | Window |
|---|---|---|
| Document Signing | 6-digit OTP | 5 minutes |
| Access Token Issuance | 6-digit OTP | 5 minutes |
| Viewing Session | 6-digit OTP | 5 minutes |
| Export Approval | 6-digit OTP | 5 minutes |
| Funding Intent Capture | 6-digit OTP | 5 minutes |
Governance Ledger
Immutable Action Record
Every governance action produces a ledger entry. Each entry's hash incorporates the previous entry's hash — creating an unbroken verification chain.
{
"id": "gov-20260226-001",
"timestamp": "2026-02-26T14:30:00.000Z",
"tier": 1,
"action": "sign.session.create",
"actor": "operator",
"target": "session-abc123",
"result": "approved",
"otpVerified": true,
"previousHash": "sha256:a3f8d2c1e4b7...",
"hash": "sha256:f1c9e2d3b8a4..."
}
Seven Ledgers
Comprehensive Event Coverage
| Ledger | Events Tracked |
|---|---|
| Governance Ledger | All tier 0/1/2 actions, approvals, overrides |
| Access Ledger | Viewing sessions, token issuance, viewer actions |
| Signing Ledger | Signing ceremonies, certificates, OTP verifications |
| Conversation Ledger | Investor communications, intent captures, TCPA events |
| Perimeter Ledger | Network events, rate limits, replay attempts, denials |
| Backup Ledger | Archive creation, rotation, restore verifications |
| Lifecycle Ledger | Document lifecycle, CID registrations, expirations |
DAO Modules
Governance Implementation
| Module | Function |
|---|---|
| daoGovernance.ts | Core governance rule engine — tier classification, approval workflows |
| complianceEngine.ts | Regulatory compliance rules — ESIGN, UETA, SEC 17a-4 enforcement |
| brandStyleEngine.ts | Brand and formatting standards — institutional presentation layer |
| agreementState.ts | Agreement lifecycle tracking — from creation through countersign |