Built on Tenzro. Settles on Canton. Capped across every chain.
Boli is built on Tenzro, a settlement layer where Canton settlement, EVM, and Solana coexist, so a single reserve-capped asset can settle with institutional finality and still reach every public chain. Canton gives the regulated primitives (parties, mandates, multi-party workflows, selective disclosure, atomic settlement); burn-and-mint under one global cap gives the cross-chain reach; the agentic runtime operates the lifecycle. Boli is not an issuer — it runs the layer over licensed issuers, custodians, and attestors.
Canton is the privacy-preserving blockchain for regulated finance. Sub-transaction privacy. Atomic delivery-vs-payment. Instant finality. Run as a network of permissioned synchronizers and Super Validators by institutions, not by Boli.
Boli ships the Daml registry packages, the compliance-pack engine, burn-and-mint cross-chain projection under one global reserve cap, the TDIP identity bridge, and the agent runtime — built on Tenzro. Licensed issuers, banks, and asset managers use Boli to settle on Canton and reach every public chain without rebuilding the model themselves.
Canton primitives, Boli equivalents.
Boli models assets as Canton workflows from the start, not as tokens with bolt-on compliance. The primitives that make Canton credible to regulators carry through to every asset Boli ships.
Agentic asset operations, not just tokenized ownership.
Real institutional assets need to be continuously operated — reconciled, monitored, verified, reported, retired. Boli runs that operational layer on Tenzro's agentic automation runtime: autonomous workflow execution under DID-bound mandates, verifiable in TEE, settled on Canton.
Treasury and fund agents reconcile holdings against custodian balances and trade activity continuously, under issuer-set policy. Discrepancies surface as on-chain events with attributable causes.
Compliance agents observe every transfer, allocation, and corporate action against the licensed party's pack. Out-of-policy activity is rejected at the chain level — not flagged in a dashboard.
Environmental MRV agents pull sensor and registry data, attest under verifiable credentials, and update the asset's continuous state. Carbon, biodiversity, and renewable assets stay live, not snapshotted.
Redemption agents coordinate registry updates, settlement asset movement, and credential revocation atomically. The asset retires with a single Daml transaction — no manual reconciliation.
Every agent action is attributable to a DID-bound mandate, revocable, auditable, and policy-constrained. Authority graphs and revocation trees — not API tokens — govern what an autonomous system can do.
Why Canton, specifically.
- 1Privacy by default — at the protocol level
Canton enforces sub-transaction privacy: counterparties see only the slice of state they are entitled to see. For sovereign assets, regulated funds, and CBDC programs this is the difference between something a regulator can sign off on and something they can't.
- 2Atomic settlement, instant finality
Splice Token Standard V1 AllocationV1 settles cash legs against asset legs in a single Daml transaction. There is no probabilistic finality, no reorg risk, no escrow shim. The leg either settles or it doesn't.
- 3A network of regulated participants
Canton is operated by a federation of institutions — Super Validators run by named, accountable parties — under the Global Synchronizer Foundation. The settlement record is not produced by anonymous miners or staked capital; it is produced by parties already inside the regulated perimeter.
- 4Composable with the rest of crypto, where you want it
Boli projects assets onto EVM and Solana via burn-and-mint (ERC-7802) when distribution requires it. Circulating supply across every chain stays within one attested reserve, so the asset composes with stablecoins, custody, DeFi, and wallets — without a lock-and-wrap copy and without compromising the privacy and finality of the Canton settlement leg.
What being on Canton gives a government or institution.
The custodians, transfer agents, fund administrators, and tokenization desks at the largest financial institutions are already on Canton. Issuing on Canton means your asset can compose with their flow on day one.
Privacy, auditability, and named-party accountability are properties of the protocol, not of an off-chain dashboard. The conversation with a regulator starts further along.
Canton is open. Daml registry packages are open. Boli is the tokenization and interop layer; you can always operate the same model with a different vendor or in-house. The asset is not trapped behind anyone's API.
Boli's position on Canton.
Boli operates a Canton validator (through Tenzro) so we can transact on the network from day one, but we are not a registry operator and we are not a Super Validator. The settlement record is produced by the federation. We participate as a settlement app the way an asset manager or a transfer agent would.
What we ship is the tokenization and interop layer: the three Daml asset patterns (Tradeable, Registry-mirror, Credential), the compliance-pack catalog and engine, burn-and-mint projection under one global reserve cap, the TDIP identity bridge with MPC wallets across Canton, EVM, and Solana, and the agent runtime that authenticates AP2 mandates and x402 metered calls.
Customers carry every regulated function — issuance, custody, venue operation, registry authority. Boli is the layer those functions build on, not a counterparty in them, and never an issuer itself.
Where to go next.
- Platform — the three Daml patterns, multi-VM execution, compliance-as-code.
- Whitepaper — full architecture, settlement model, identity bridge, agent runtime.
- Integrations — venues, custodians, registries, settlement assets, agent rails.