Custody arrangements are operational and evolving during the alpha program. This page describes the current model and its design principles.
What Is Held in Custody
When you invest in a Belief Index series, two types of assets are held on your behalf:| Asset Type | Description | Standard |
|---|---|---|
| USDC | Dollar-pegged stablecoin used for deposits, uninvested cash, and redemption proceeds | ERC-20 on Polygon |
| Outcome tokens | Prediction market positions acquired through the minting process | ERC-1155 on Polygon |
Custody Model
Assets are held in a dedicated custody wallet on the Polygon blockchain. Belief Systems follows strict private key security practices to protect this wallet, and enforces a rigorous, multi-step withdrawal process that ensures no funds leave custody without human review and multiple automated safety checks.| Property | Detail |
|---|---|
| Blockchain | Polygon (public, auditable) |
| Assets held | USDC + prediction market outcome tokens (ERC-1155) |
| Transparency | All holdings are on-chain and publicly verifiable |
| Control | Belief Systems maintains operational control during the alpha program |
| Reconciliation | Internal ledger is reconciled against on-chain state |
Withdrawal Safeguards
Every withdrawal goes through a multi-step process with layered security controls. No withdrawal is executed automatically — each one requires human approval and passes through multiple automated checks before any funds leave custody.Request
The investor submits a withdrawal request specifying the amount and destination wallet address. Funds are locked in the ledger immediately, preventing double-spending. The system validates the destination address and confirms the investor has sufficient unlocked balance (accounting for any existing pending withdrawals).
Admin review
Every withdrawal requires explicit approval from an authorized administrator. The admin reviews the request alongside enriched context: the investor’s history, current balances, recent activity, and any automatic risk flags (see below). The admin can approve or reject the request.
Mandatory cooldown
After approval, a 15-minute mandatory cooldown period begins. During this window, the withdrawal cannot be executed. This provides a buffer for detecting errors, responding to suspicious patterns, or revoking approval if new information emerges. The admin retains the ability to reject the withdrawal during cooldown.
Pre-flight solvency check
Before execution, the system performs an automated solvency check — verifying that the custody wallet holds sufficient USDC to cover this withdrawal plus all other pending withdrawal obligations. If the balance is insufficient, execution is blocked.
On-chain execution and confirmation
The USDC transfer is submitted on-chain. The system monitors the transaction for confirmation. Once confirmed on the blockchain, the withdrawal is finalized in the ledger. If the transaction fails or reverts, funds are automatically unlocked and returned to the investor’s balance.
Automatic Risk Detection
The system automatically flags withdrawal patterns that warrant additional scrutiny. These flags are surfaced to the reviewing administrator alongside each withdrawal request:| Risk Flag | Trigger | Purpose |
|---|---|---|
| First withdrawal | Investor has never completed a withdrawal before | Higher scrutiny for initial fund movements |
| Large withdrawal | Amount exceeds 50% of investor’s lifetime deposits | Detect unusually large outflows |
| Rapid withdrawal | A deposit was credited within the last 24 hours | Flag potential deposit-and-withdraw patterns |
| Balance percentage | Amount as a percentage of total uninvested balance | Context for the relative size of the request |
Separation of Funds
The custody model maintains clear separation between different categories of funds:| Category | Description | Purpose |
|---|---|---|
| Platform funds | Uninvested investor deposits and withdrawal reserves | Not allocated to any series; available for investment or withdrawal |
| Series funds | Prediction market positions and cash allocated to a specific series | Collateral backing the shares of that series |
- Assets belonging to one series are not commingled with another
- Uninvested capital is identifiable and available for deployment or withdrawal
- Each series’ backing can be independently verified
Why separation matters
Why separation matters
In traditional fund management, commingling client assets is a serious regulatory violation. While Belief Index operates in a different regulatory context, the principle is the same: investors should be able to verify that their series’ assets exist and are not being used to cover obligations of a different series.The internal ledger tracks which positions belong to which series, and the on-chain holdings can be cross-referenced for verification. See On-Chain Verification for how to independently confirm holdings.
Double-Entry Accounting
The internal ledger uses double-entry accounting — the same system used by every professional fund administrator. Every transaction is recorded as a balanced debit and credit entry, ensuring that:- No value is created or destroyed — Every debit has a corresponding credit
- Errors are detectable — If debits and credits don’t balance, the system halts
- Full audit trail — Every mint, redemption, fee accrual, deposit, withdrawal, and position change is recorded immutably
Finalized ledger entries are immutable — they cannot be edited or deleted. If a correction is needed, it is recorded as a new compensating entry, preserving the complete audit history. This is standard practice in fund accounting and ensures that the historical record is never altered.
Investor Protections
What the security model provides:- Human-in-the-loop approval for all withdrawals
- Mandatory cooldown period before fund movements
- Automated solvency checks before execution
- Automatic suspicious pattern detection for admin review
- On-chain auditability of all holdings and transactions
- Separation between series assets and platform funds
- Double-entry accounting with immutable records
- Automated integrity checks and halting on discrepancies
- Insurance or deposit guarantees (no FDIC, SIPC, or equivalent)
- Guaranteed access to funds at any time
- Protection against smart contract vulnerabilities in the underlying tokens
- Independence from Belief Systems’ operational decisions
- Protection against blockchain-level failures or attacks
Integrity Safeguards
The system includes automated safeguards that prioritize asset safety:| Safeguard | Description |
|---|---|
| Reconciliation checks | Internal ledger is regularly reconciled against on-chain holdings |
| Integrity halts | Minting and redemption are automatically paused if any discrepancy is detected |
| Invariant enforcement | The system continuously verifies that share supply equals the sum of investor balances |
| No negative balances | The system prevents overdrafts or unauthorized creation of value |
| Database-level locking | Concurrent withdrawal executions are serialized to prevent race conditions |