These pages document functionality available to approved participants in our private,
invitation-only alpha program. The program is not open to the public, and nothing in this
documentation is an offer to sell or a solicitation of an offer to buy any security.
Custody arrangements are operational and evolving during the alpha program. This page describes
the current model and its design principles.
What Is Held in Custody
When you invest in a Belief Index series, two types of assets are held on your behalf:
All assets are held on the Polygon blockchain – a public, auditable ledger where any transaction or balance can be independently verified by anyone.
Custody Model
Assets are held in a multi-signature wallet (a Safe) on the Polygon blockchain. A Safe is a smart-contract wallet that requires more than one authorized signer to approve any outbound transaction – no single individual can move funds unilaterally. This is the same custody pattern used by professional crypto treasuries and institutional funds.- How it works
- Traditional finance analogy
The Safe is configured with multiple authorized signing keys, and a threshold of those keys must sign before any outbound transfer is executed on-chain. In practice, this means:
- No single point of failure – Compromise or loss of one key alone does not move funds
- No unilateral action – Every withdrawal, rebalance, or transfer requires multiple independent approvals
- On-chain governance – The signer set, the threshold, and every approval are all recorded on the blockchain and publicly verifiable
- Defense in depth – The multi-sig requirement sits underneath the application-layer safeguards (admin approval, safeguard buffer, solvency check) described below
For operational security, Belief Systems does not publish the specific signer set, threshold
configuration, or hardware-signer details. The Safe contract itself, all signer approvals, and
every executed transaction are public on-chain and can be independently inspected at the custody
address.
Withdrawal Safeguards
Every withdrawal goes through a multi-step process with layered security controls. No withdrawal is executed automatically – each one requires human approval and passes through multiple automated checks before any funds leave custody.1
Request
The investor submits a withdrawal request specifying the amount and destination wallet address.
Funds are locked in the ledger immediately, preventing double-spending. The system validates the
destination address and confirms the investor has sufficient unlocked balance (accounting for
any existing pending withdrawals).
2
Admin review
Every withdrawal requires explicit approval from an authorized administrator. The admin reviews
the request alongside enriched context: the investor’s history, current balances, recent
activity, and any automatic risk flags (see below). The admin can approve or reject the request.
3
Safeguard buffer
After approval and before any funds move, there is a short internal review buffer. It exists to
catch errors, respond to suspicious patterns, or revoke approval if new information emerges. No
action is required from you during this time.
4
Pre-flight solvency check
Before execution, the system performs an automated solvency check – verifying that custody holds
sufficient funds to cover this withdrawal plus all other pending withdrawal obligations. If the
balance is insufficient, execution is blocked.
5
On-chain execution and confirmation
Your funds are returned as native USDC on Ethereum mainnet. The system unwraps the amount
from custody and bridges it back through the Polygon PoS bridge to your connected wallet – all
automatically, with no action needed from you, typically within a few hours. Each step is
monitored to confirmation; once your USDC is delivered, the withdrawal is finalized in the
ledger. If any step fails, funds are automatically unlocked and returned to your balance.
Automatic Risk Detection
The system automatically flags withdrawal patterns that warrant additional scrutiny. These flags are surfaced to the reviewing administrator alongside each withdrawal request:
These flags do not automatically block withdrawals – they inform the human reviewer, who makes the final decision with full context.
Separation of Funds
The custody model maintains clear separation between different categories of funds:
This separation ensures:
- Assets belonging to one series are not commingled with another
- Uninvested capital is identifiable and available for deployment or withdrawal
- Each series’ backing can be independently verified
Why separation matters
Why separation matters
In traditional fund management, commingling client assets is a serious regulatory violation. While Belief Index operates in a different regulatory context, the principle is the same: investors should be able to verify that their series’ assets exist and are not being used to cover obligations of a different series.The internal ledger tracks which positions belong to which series, and the on-chain holdings can be cross-referenced for verification. See On-Chain Verification for how to independently confirm holdings.
Double-Entry Accounting
The internal ledger uses double-entry accounting – the same system used by every professional fund administrator. Every transaction is recorded as a balanced debit and credit entry, ensuring that:- No value is created or destroyed – Every debit has a corresponding credit
- Errors are detectable – If debits and credits don’t balance, the system halts
- Full audit trail – Every mint, redemption, fee accrual, deposit, withdrawal, and position change is recorded immutably
Finalized ledger entries are immutable – they cannot be edited or deleted. If a correction is
needed, it is recorded as a new compensating entry, preserving the complete audit history. This is
standard practice in fund accounting and ensures that the historical record is never altered.
Investor Protections
What the security model provides:- Multi-signature Safe custody – multiple authorized signers required for any outbound transfer
- Human-in-the-loop approval for all withdrawals
- An internal safeguard buffer before any fund movement
- Automated solvency checks before execution
- Automatic suspicious pattern detection for admin review
- On-chain auditability of all holdings, signer approvals, and transactions
- Separation between series assets and platform funds
- Double-entry accounting with immutable records
- Automated integrity checks and halting on discrepancies
- Insurance or deposit guarantees (no FDIC, SIPC, or equivalent)
- Guaranteed access to funds at any time
- Protection against smart contract vulnerabilities in the underlying tokens
- Independence from Belief Systems’ operational decisions
- Protection against blockchain-level failures or attacks
Integrity Safeguards
The system includes automated safeguards that prioritize asset safety:
If any invariant is violated, the system halts automatically rather than continuing to process orders with potentially corrupted state. Halting is a feature – it prevents small errors from compounding into larger problems.
On-Chain Verification
How to independently verify that assets exist on-chain.
Risk Factors
Comprehensive risk disclosure including custody risks.
Deposits & Withdrawals
How to move funds in and out of custody.
NAV Methodology
How custody positions are valued.