Digital Asset Custody Framework
Last Updated on 29th July 2025
1. Introduction
AFI (Artificial Financial Intelligence) is a decentralized, non-custodial protocol purpose-built for coordinating cross-chain, risk-aware decentralized finance (DeFi) strategies through algorithmic agents. AFI introduces a new paradigm for autonomous asset management, removing the need for centralized intermediaries by leveraging smart contract automation, programmable logic, and user-governed infrastructure.
Importantly, AFI is non-custodial by design. The protocol does not take possession of, control, or manage user funds at any point. Instead, all interactions occur through self-custodied wallets and ERC-4337-compatible smart accounts, allowing users or institutions to retain complete control over their private keys and digital assets. Vault interactions, strategy orchestration, and yield optimization are executed via audited, deterministic smart contracts, with no centralized admin keys controlling user funds.
This Custody Framework Note provides an overview of the principles, architecture, operational safeguards, and technical assurances that collectively define AFI’s approach to digital asset custody. While AFI does not function as a traditional custodian, the protocol incorporates best-in-class practices to promote institutional-grade security, operational transparency, and resilient asset management in line with global regulatory and cybersecurity expectations.
This document is intended for:
Institutional participants evaluating AFI’s custody posture.
Security professionals assessing AFI's non-custodial infrastructure.
Legal or compliance teams analyzing responsibilities under applicable custodial regulations.
Developers or integrators building on top of AFI vaults and agent layers.
The rest of this note details the key architectural layers that govern asset access and control, including:
Smart contract-based vault architecture
Role-based permissions and agent coordination
Multi-chain interoperability and cross-chain asset routing
Yield computation and distribution governance
Administrative oversight through multisig and DAO controls
By design, AFI aims to align user sovereignty with secure automation, offering the benefits of advanced DeFi strategies without compromising custody principles.
2. Custody Model Overview
AFI adheres to a non-custodial architecture, grounded in trust-minimized infrastructure and smart contract automation. The protocol’s design is based on the principle that users should always retain full control over their digital assets, without the need for custodial intermediaries. This model eliminates counterparty risk traditionally associated with centralized asset managers or custodians.
AFI’s custody architecture is built on the following foundational principles:
User Sovereignty
AFI is committed to upholding user sovereignty as a core tenet. All users interact with the protocol through wallets they own and control, and AFI never takes possession of private keys, seed phrases, or recovery credentials. Users authorize interactions via cryptographic signatures, and smart contracts enforce rules transparently without requiring trust in human operators or centralized entities.
Self-Custody via Smart Wallets
The protocol supports ERC-4337-compatible smart accounts, enabling advanced account abstraction features while preserving user control. These smart wallets allow for:
- Granular permissions
- Recovery mechanisms governed by the user
- Delegated execution by trusted agents (with revocation rights)
This ensures that even complex DeFi strategies can be executed programmatically without relinquishing custody to third parties.
Programmable Control through On-Chain Agents
AFI’s strategy execution layer operates via algorithmic agents and programmable smart contracts. These agents interact with user-deposited funds held in ERC-4626-compliant vaults, under strict access control logic. Actions such as rebalancing, yield harvesting, or risk mitigation are triggered by permissioned logic, verified and enforced directly on-chain. At no point can agents override the withdrawal rights of users or redirect assets without explicit logic-based authorization.
No Intermediary Custody or Recovery Access
Neither AFI nor any of its developers, DAO participants, or affiliated interfaces has the ability to access, seize, or recover user funds. All custody is enforced by deterministic smart contracts and externally owned or smart accounts. This ensures elimination of single points of failure, removal of trust-based custodianship, and full alignment with the principles of decentralized finance.
3. Key Components
The AFI protocol employs a modular, secure, and auditable custody infrastructure made up of three primary components: Vaults, Smart Wallet Interfaces, and Manager & Admin Modules. Together, these components form the foundation of AFI’s non-custodial model, allowing for seamless execution of cross-chain strategies while preserving user control and system integrity.
A. AFI Vaults (ERC-4626-Compliant)
At the core of the AFI custody infrastructure are ERC-4626 tokenized vault contracts. These vaults are designed to be fully permissionless, enabling any user or agent to deposit supported digital assets under transparent and predictable rules.
Key features of AFI Vaults include:
Standards-Compliant Infrastructure: All vaults adhere to the ERC-4626 standard, ensuring interoperability with wallets, interfaces, and other DeFi protocols.
Immutable Logic (Unless Governed): Vault contracts are non-upgradeable by default, meaning their core logic cannot be altered once deployed. However, governance-authorized upgrades may be permitted through time-locked, transparent proposals passed by the AFI DAO or approved via multisig to adapt to evolving security or operational requirements.
Automated Yield Handling: Vaults automatically accrue yield from underlying strategies, with returns subject to linear vesting, withdrawal cooldowns, or fee mechanisms as defined in the smart contract. This ensures predictable behavior and protection against manipulation or abrupt liquidity drain.
B. Smart Wallet Interfaces
Users engage with the AFI protocol using smart account-based wallets, which combine traditional user control with advanced programmability. These wallets support:
Signature Abstraction: Leveraging ERC-4337, users can authorize actions via gasless transactions, batch execution, or alternative signature schemes.
Session Delegation: Users may temporarily delegate specific permissions (e.g., yield claims, rebalancing) to on-chain agents or automation tools, without transferring asset custody or compromising wallet security.
Access Control & Recovery Options: Wallets may integrate optional role-based controls, social recovery, or multi-factor authentication, offering flexibility without undermining decentralization.
Compatibility Across Platforms: These smart wallets are accessible via browser extensions, mobile apps, and hardware wallets, offering institutional and retail users alike a secure and customizable interface for DeFi engagement.
C. Manager & Admin Modules
AFI’s infrastructure separates operational execution from administrative governance, enforcing security through strict Role-Based Access Control (RBAC) and multi-signature protections.
Multisig Governance: Critical parameters and upgrades are controlled through multi-signature wallets, often held by trusted governance participants, ecosystem contributors, or decentralized autonomous organization (DAO) representatives.
Configurable Roles: Different smart contracts (vaults, yield logic, agents) implement granular roles, such as strategy executor, fee manager, or emergency pauser, allowing for efficient but controlled system administration.
Operational Flexibility: While day-to-day vault operation is permissionless, privileged functions such as emergency halts, logic upgrades, or fund migrations (if any) are gated by on-chain or multisig-based checks, ensuring no single point of failure or abuse.
4. Security and Risk Mitigation
AFI is built on the principle of resilient decentralization, minimizing custodial exposure and systemic risks while adhering to best practices in protocol security. This section outlines the layered defenses and mitigation mechanisms embedded within the AFI custody framework to protect user funds, system integrity, and protocol continuity.
A. Smart Contract Audits
All core smart contracts within the AFI ecosystem are subject to thorough third-party audits by independent, industry-recognized blockchain security firms. These audits evaluate the logic, access control, edge cases, gas optimization, and attack surfaces of AFI's vaults, agents, and supporting modules.
Key elements include:
Pre-Deployment Audits: No contract is deployed to mainnet without undergoing at least one full-scope audit.
Post-Deployment Bounties: A bug bounty program is maintained to incentivize the white-hat community to discover vulnerabilities in live contracts, with rewards scaled by severity and impact.
Formal Verification (Optional): For mission-critical components such as vaults and yield logic, formal methods may be used to mathematically prove safety and correctness against specific invariants.
B. Multisig Access Control
While AFI is non-custodial, certain administrative and emergency operations, such as adjusting yield parameters, toggling cooldowns, or pausing contracts in response to detected threats, are controlled through multi-signature authorization mechanisms.
Key security features:
Decentralized Signer Structure: Multisig wallets are composed of geographically distributed, institutionally vetted signers to prevent single-point failures and reduce collusion risk.
Threshold Authorization: Sensitive actions require approval from a predefined quorum (e.g., 3 of 5 or 4 of 7 signers), ensuring collaborative decision-making and transparency.
Time-Locked Operations: Governance or admin-level changes may be subject to timelocks, giving the community advance notice of any upcoming modifications.
C. Risk Segmentation
AFI mitigates systemic risks by isolating smart contracts and separating asset exposures across multiple dimensions:
Vault Isolation: Each vault operates independently with its own asset pool, strategy logic, and configuration. A failure in one vault does not impact others, protecting the broader system from contagion.
Stratified Yield Exposure: Users can choose between vaults offering different risk-return profiles, such as conservative strategies with real-world yield integrations vs. experimental DeFi farming, allowing for informed risk management.
Withdrawal Cooldowns & Rate Limiting: To deter exploits or flash-liquidity events, withdrawals from AFI vaults are governed by cooldown timers, rate caps, and algorithmically enforced vesting mechanisms.
Oracle & Agent Redundancy: Yield calculations and asset pricing rely on multi-source oracles and redundant agent networks, ensuring resistance to manipulation, downtime, or single-source failures.
5. Asset Recovery and Incident Response
AFI’s non-custodial design ensures that users maintain full control over their digital assets at all times. Consequently, AFI does not possess the ability to access, retrieve, or reset private keys, and cannot facilitate recovery of lost or stolen funds resulting from compromised user wallets. Self-custody is a core principle of the protocol, and users bear the sole responsibility for securing their wallets, seed phrases, and private credentials.
However, AFI incorporates structured incident response protocols and fail-safe mechanisms to address threats at the protocol level, particularly when smart contract vulnerabilities, attack vectors, or front-end exploits are detected.
A. User Asset Recovery Limitations
No Centralized Key Custody: AFI does not store or manage private keys, wallet seed phrases, or access credentials. If a user loses access to their wallet, the protocol cannot restore control or reverse transactions.
Wallet Compatibility: Users are encouraged to use secure, audited wallets (e.g., hardware wallets or smart accounts with social recovery features) that support backup and recovery functions at the wallet level.
Best Practice Education: Educational resources and UX warnings are provided through the AFI frontend to guide users on safe wallet usage and backup procedures.
B. Protocol-Level Incident Response
Although user-level asset recovery is not possible, AFI has developed a multi-stakeholder incident response framework to ensure swift mitigation and transparency in case of protocol-level threats or vulnerabilities.
Key components include:
Cross-Team Coordination: Incident response is coordinated across core developers, frontend interface operators, third-party security researchers, and smart contract auditors. A communication bridge is maintained with white-hat communities to support rapid disclosure and resolution.
Emergency Multisig Controls: AFI's administrative architecture includes emergency pause functions, governed by a distributed multisig. If a threat is confirmed, affected smart contracts can be paused temporarily to prevent further damage while mitigation strategies are developed and deployed.
Postmortem & Disclosure: After any significant incident, the AFI team will publish a detailed post-incident report, outlining:
The nature and scope of the issue
Actions taken to mitigate harm
Contract upgrades or patches
Preventive measures going forward
Timelocked Resumption: Contracts paused during incidents may only be resumed after a defined review and governance process, ensuring accountability and avoiding rushed redeployments.
AFI’s approach to incident response balances decentralization, transparency, and operational security. While the protocol cannot intervene in individual wallet compromises, it takes every measure to protect shared infrastructure and provide users with early warnings, coordinated defenses, and full disclosure when required.
6. Institutional Custody Integration
While AFI operates on a non-custodial architecture, the protocol has been consciously designed to accommodate the needs of institutional participants who require compliant, auditable, and policy-enforced asset management solutions. Institutions such as asset managers, DAO treasuries, crypto funds, and fintech platforms often operate under regulatory frameworks that demand robust custody controls, segregation of duties, and multi-layer authorization.
AFI’s modular and composable infrastructure supports this by enabling seamless integration with external institutional custody solutions and programmable access control layers, without compromising the trustless, decentralized ethos of the protocol.
A. Qualified Custodian Integration
Institutional users can connect their AFI interactions to regulated custodians via APIs and middleware platforms. This includes integration with:
BitGo
Anchorage Digital
Fireblocks
Copper
Other SOC 2 / ISO 27001-certified custody providers
These custodians provide secure off-chain private key management, cold/hot wallet segregation, automated transaction monitoring, and regulatory-grade compliance features. Through these integrations, institutions can interact with AFI vaults and agents without ever taking custody of private keys internally.
B. On-Chain Agent Wrappers
AFI supports the use of custom on-chain wrappers that allow institutional custodians or internal compliance teams to manage interactions with the protocol in a controlled manner. These wrappers may implement:
Role-based permissions (e.g., maker/checker models)
Activity logging and compliance reporting
Whitelisted asset interactions based on internal investment mandates
Audit trails for governance and fiduciary oversight
Such wrappers can be deployed as smart contracts governed by institutional policies and serve as middleware between user funds (custodied off-chain) and AFI’s on-chain vault strategies.
C. Transaction Approval Layers
Institutions can configure multi-party transaction flows using AFI-compatible smart wallets (e.g., Gnosis Safe, ERC-4337 smart accounts) that enforce:
Co-signing requirements from compliance officers or portfolio managers
Pre-trade checks aligned with AML or risk limits
Custom execution policies such as transaction batching, cooldown timers, or rate limits
These smart wallets act as programmable gateways for interacting with AFI, ensuring that institutional governance structures are respected and fully auditable.
By supporting institutional-grade custody integrations without introducing centralized custody into the protocol itself, AFI strikes a unique balance between decentralization and enterprise adoption. This flexibility allows institutions to benefit from AFI’s cross-chain yield infrastructure while maintaining full control over their risk, compliance, and governance requirements.
7. Regulatory Alignment
AFI has been intentionally designed as a decentralized, non-custodial infrastructure, which places it outside the scope of Virtual Asset Service Provider (VASP) classification under the majority of global regulatory frameworks, such as those defined by the Financial Action Task Force (FATF), MiCA (EU), or FinCEN (U.S.). Since the AFI protocol does not directly custody user funds, manage private keys, or intermediate transactions between users, it does not fulfill the functional criteria typically required for licensing as a custodian or exchange.
However, AFI recognizes the importance of regulatory clarity and alignment, particularly for its institutional users, developer ecosystem, and affiliated frontends or integrations. To ensure compatibility with jurisdictional compliance frameworks and to foster responsible growth, AFI-affiliated entities may engage in the following regulatory coordination practices:
A. Custodial Partner Coordination
While AFI itself is non-custodial, third-party platforms built on or integrating with AFI may partner with licensed custodians and fiat on/off-ramp providers. These custodians may provide:
Secure key management for institutional and retail users
Fiat gateways for onboarding or redeeming digital assets
Regulated stablecoin issuance or custody services
Such integrations enable compliant user flows, particularly where fiat onboarding, regulated token offerings, or asset-backed stablecoins are involved.
B. Compliance Infrastructure for Institutions
To meet the needs of regulated entities and enterprises, AFI-affiliated interfaces and agent frameworks may offer optional compliance modules, such as:
KYC/AML onboarding powered by third-party verification providers
Transaction screening and monitoring, including sanctions checks and address risk scoring
Wallet whitelisting and blacklisting, in line with internal or jurisdictional controls
These tools ensure that institutions interacting with AFI infrastructure can maintain compliance with their internal risk frameworks or with laws applicable in their operating jurisdictions.
C. Legal Wrappers and Structured Interfaces
To interface with financial institutions or satisfy operational licensing needs, AFI-affiliated projects may deploy legal entities or wrappers such as:
Decentralized Autonomous Companies (DACs) or DAOs structured under compliant jurisdictions (e.g., Wyoming, Marshall Islands, Switzerland)
Foundation or trust structures that support governance, protocol funding, or operational oversight
SPVs or licensed partners for executing token issuances, service agreements, or other regulated activities
These structures allow AFI-aligned teams to interact with the off-chain world while preserving the decentralized, trust-minimized design of the underlying protocol.
By remaining outside the regulatory perimeter while enabling compliant interaction layers, AFI ensures it can scale across borders and user types, from anonymous DeFi users to fully regulated institutions, without compromising its decentralized ethos.
8. Conclusion
The AFI Custody Framework represents a paradigm shift in how digital assets can be coordinated, managed, and secured in a decentralized financial ecosystem. By design, AFI upholds the principles of self-custody, transparency, and protocol-level neutrality, ensuring that users, not intermediaries, retain full control over their assets at all times.
AFI does not assume custody or possession of any user funds. Instead, it facilitates secure, verifiable, and programmable financial strategies through smart contracts, agent-driven automation, and modular interfaces. This non-custodial model eliminates traditional points of failure while providing the flexibility to accommodate a diverse range of use cases, from retail self-service to institutional integration.
As the protocol and its ecosystem mature, the AFI custody architecture is expected to evolve in line with real-world requirements. Future enhancements may include:
Modular integration with licensed custodians for hybrid use cases
Real-time audit frameworks to strengthen institutional trust
Advanced compliance layers for region-specific onboarding
Cross-chain custody harmonization to support multi-chain strategies
Despite these developments, AFI will remain fundamentally non-custodial at the protocol layer, preserving its commitment to decentralization and trustless financial coordination.
This framework aims to serve as a foundation for secure participation in the AFI ecosystem, whether by individual users, institutional actors, or developers building on top of the protocol.
Last updated