Technical details on smart contracts for Ethereum-based repo tokenization pilots

Technical details on smart contracts for Ethereum-based repo tokenization pilots (e.g., Société Générale–Forge/Banque de France 2024 repo, UBS, Les Gardiennes collaborations, and related UBS uMINT/Project Guardian work) are not fully open-sourced or published in complete audited code form. These are institutional, regulated deployments focused on compliance, so details come from whitepapers, audits, press releases, and Etherscan-verified contracts rather than public GitHub repos (unlike retail DeFi protocols).

The pilots primarily rely on standard-compliant ERC-20 tokens (or extensions) for collateral (e.g., tokenized bonds/funds) and settlement assets. Repo mechanics involve on-chain token transfers/pledges (via smart contract calls for collateral posting, interest, and redemption) with interoperability to off-chain/CBDC systems (e.g., Banque de France’s DL3S). Automation uses role-based access control, whitelisting, and upgradeable patterns for regulatory compliance (KYC/AML, sanctions, transfer restrictions). No single “repo contract” is publicly detailed; instead, platforms like SG-Forge’s CAST framework or UBS Tokenize handle issuance, registry, and settlement logic.

1. Société Générale–Forge (SG-Forge) Ethereum Contracts (Used in 2024 Repo Pilot Collateral)

The 2024 repo pilot pledged bonds issued on public Ethereum (e.g., similar to SG-Forge’s prior digital bonds like the 2021 EIB issuance or French covered bonds) as collateral. SG-Forge served as registrar, fiscal agent, settlement agent, and platform manager. These bonds use their CAST Framework (Compliant Architecture for Security Tokens)—an open framework for security tokens that enforces on-chain compliance checks (KYC/AML, sanctions screening, permitted transferees) before approving transfers.

Related and representative contract (for EURCV stablecoin, a candidate for Les Gardiennes repo collateral/settlement alongside Spiko funds):

• Token Standard: ERC-20 (fungible) on Ethereum (EVM-compatible).
• Contract Name/Architecture: SmartCoin.sol (core ERC-20) with:
  • UUPS (Universal Upgradeable Proxy Standard) for upgradability.
  • AccessControlUpgradeable.sol for role-based permissions.
  • Supporting libraries: EncodingUtils.sol, data layout contracts for storage.
• Ethereum Contract Address (current EURCV deployment): 0x5F7827FDeb7c20b443265Fc2F40845B715385Ff2.
  • (An earlier EURCV deployment was at 0xf7790914Dc335B20Aa19D7c9C9171e14e278A134.)
• Key Functions/Roles (from audited code):
  • Mint/Burn: Restricted to Issuer (SG-Forge); only after off-chain fiat receipt and compliance.
  • Transfer: Freely transferable by whitelisted holders (private key-signed tx); includes pre-validation hooks for compliance.
  • Pause/Unpause, Freeze/Wipe (wipeFrozenAddress): Admin-controlled for sanctions/blacklisting.
  • Roles:
    • Registrar Operator: Whitelisting, transfer validation, mint/burn, upgrades.
    • Operations Operator: Limited transfer handling.
    • Technical Operator: Upgrade execution.
  • Allowance/transferFrom restrictions on privileged roles.
• Compliance Features: Whitelisting, blacklisting, sanctions checks via CAST. Transfers blocked for non-permitted addresses (e.g., U.S. persons excluded in some contexts). Collateral monitoring (off-chain) backs 1:1 value.
• Audits: Hacken (June 2025 for Ethereum version). Findings: 1 medium (constructor in upgradeable contract—mitigated), 1 low (wipeFrozenAddress edge case—accepted). No critical/high issues. Gas optimizations noted. sgforge.com
• Repo Relevance: Collateral bond tokens are transferred/pledged on-chain via SG-Forge platform smart contracts. The repo itself (sale + repurchase) leverages Ethereum for the collateral leg and DL3S for CBDC settlement, with interoperability (not a pure on-chain atomic swap). Earlier SG-Forge repo examples (e.g., 2021 covered bonds) used similar MakerDAO-inspired or custom pledge logic.

No public repo-specific smart contract code (e.g., no open-source repo agreement with maturity/interest logic) for the 2024 pilot.

2. UBS uMINT and UBS Tokenize Contracts (Used in Cross-Border Repo Pilots and Collateral) uMINT (UBS USD Money Market Investment Fund Token) serves as tokenized collateral in repo/DeFi workflows and was part of Project Guardian live repo pilots (e.g., 2023 UBS/SBI/DBS digital bond repo).

• Token Standard: ERC-20 on public Ethereum.
• Contract Address: 0xc06036793272219179f846ef6bfc3b16e820df0b.
• Architecture: Deployed via UBS Tokenize platform. Each security/fund is its own smart contract registered natively on Ethereum. Supports whitelisting and role-based governance.
• Key Features:
  • Whitelisting/Blacklisting: Compliance controls (eligible investors only).
  • Roles: Minter, burner, whitelist approver, etc., for governance (subscription/redemption).
  • Lifecycle Automation: Integrated with Chainlink Digital Transfer Agent (DTA) standard for on-chain order taking, execution, settlement, and reconciliation (subscription/redemption requests executed atomically).
  • Repo/Collateral Use: Pledgable as RWA collateral in compliant DeFi (e.g., Secured Finance for 24/7 liquidity in USDC/etc.). Supports transfer restrictions while enabling rehypothecation-like flows.
• Audits/Standards: Not publicly detailed in the same way as SG-Forge, but follows institutional-grade practices (permissioned transfers, real-time visibility). Builds on Project Guardian’s adapted DeFi protocols + verifiable credentials for identity.

The 2023 live repo (natively issued digital bond) used UBS Tokenize smart contracts for automatic atomic settlement of repo + bond purchase/redemption across jurisdictions.

3. Broader Technical Patterns Across Pilots (Les Gardiennes, Project Guardian)

• Interoperability: Ethereum handles tokenized collateral/assets; CBDC/stablecoin settlement often via proprietary ledgers (DL3S) or bridges. No single cross-chain repo contract—platform-level orchestration.
• Common Standards: ERC-20 base + extensions (e.g., ERC-3643/CMTAT-like for security tokens in some European deployments; SG-Forge contributes to related compliant frameworks).
• Security/Upgrades: UUPS proxies, role-based access (AccessControl), pause/freeze mechanisms. Audits emphasize upgrade safety and compliance hooks.
• Limitations in Public Data: Full source code is proprietary (private repos shared only with auditors). Repo logic often combines on-chain token ops with off-chain legal agreements. Gas costs and PoS consensus (Ethereum) are standard; pilots emphasize 24/7 settlement and reduced counterparty risk via automation.
• Scaling Notes: These are pilots (not high-volume production). Challenges include custody, legal wrappers for tokens (French law dematerialized registered form), and data gaps for full on-chain repo (e.g., haircuts, margins per FSB).

For exact verification, check Etherscan for the listed addresses or SG-Forge/UBS investor pages for updates. Full code/audits are available via their sites (e.g., Hacken reports for EURCV). Developments evolve quickly—e.g., potential Morpho Blue integration for decentralized repo elements in Les Gardiennes.