SINAI STANDARD
Guides

Pattern: KYC-Only Token

Create a token where only KYC-verified investors can hold or transfer — suitable for Reg D/S securities

Overview

The allowlist pattern restricts transfers to a set of approved wallets. Only wallets on the list can send or receive tokens. This is the most common setup for securities under Reg D/S.

Implementation

import { Connection, Keypair, PublicKey } from "@solana/web3.js";
import { AksumKit, AllowlistManager } from "@sinai-standard/sdk";
 
// Step 1: Create the token
const kit = new AksumKit({ connection, payer: issuer });
const token = await kit.createToken({
  name: "Regulated Fund Token",
  symbol: "RFT",
  decimals: 6,
  supply: 1_000_000_000,
  hooks: {
    allowlist: { mode: "allowlist" },
  },
});
 
// Step 2: Initialize the allowlist
const allowlist = new AllowlistManager(allowlistProgram, token.mint);
await allowlist.initialize(issuer.publicKey, "allowlist");
await allowlist.initializeExtraAccountMetas(issuer.publicKey);
 
// Step 3: Onboard investors (after KYC)
await allowlist.addWallets(issuer.publicKey, [
  investorA.publicKey,
  investorB.publicKey,
  issuer.publicKey, // issuer must be on the list too
]);
 
// Step 4: Transfers now enforced
// investorA -> investorB: ALLOWED (both on list)
// investorA -> random:    BLOCKED (random not on list)

Key Points

  • The issuer must be added to the allowlist to distribute tokens
  • Maximum 20 wallets per batch, ~300 total per registry
  • Use removeWallets() when an investor's KYC expires
  • Use toggleActive(false) as an emergency kill switch to allow all transfers

Previous

Compliance Guides

Next

Pattern: Taxed Token

On this page