cmta

name: cmta description: main concept behind cmta

CMTAT (CMTA Token) is a security token framework for tokenizing real-world financial assets on EVM-compatible blockchains. It's developed by the Capital Markets and Technology Association (CMTA).

Version: 3.2.0-rc0 | License: MPL-2.0 | Solidity: 0.8.33

Directory Structure

contracts/
├── modules/                  # Core smart contract logic
│   ├── internal/            # Internal implementations
│   └── wrapper/             # Public-facing modules
│       ├── core/            # ERC20, Pause, Enforcement, Validation
│       ├── extensions/      # Documents, Snapshots
│       ├── options/         # Debt, ERC2771, Cross-chain
│       └── security/        # Access control
├── deployment/              # Pre-composed contract variants
├── interfaces/              # ERC standards & custom interfaces
└── mocks/                   # Test helpers
test/                        # 3,078 tests (~99% coverage)
doc/                         # Specs & audit reports

Key Modules

Category	Modules	Purpose
Core	ERC20Base, Mint, Burn, Pause, Enforcement, Validation	Basic token operations
Extensions	Snapshot, Document, ExtraInformation	Dividends, legal docs, metadata
Options	Debt, ERC2771, ERC1363, CrossChain, Allowlist, ERC7551	Bonds, gasless tx, multi-chain, KYC
Security	AccessControl	RBAC with roles (MINTER, BURNER, PAUSER, ENFORCER)

Deployment Variants

Standalone - Immutable, no proxy
Upgradeable - Transparent/Beacon/UUPS proxy patterns
Light - Minimal for stablecoins
Allowlist - Whitelist-based transfers (KYC)
Debt - Bond-specific fields (maturity, coupon)
DebtEngine - Debt with external engine
ERC-7551 - German eWpG compliance
ERC-1363 - transferAndCall support

Architecture Highlights

Modular composition - Mix-and-match features via inheritance
Engine pattern - External contracts for complex logic (RuleEngine, SnapshotEngine, DocumentEngine, DebtEngine)
ERC-7201 storage - Namespaced storage for safe upgrades
Role-based access control - Granular permissions (not single owner)
10+ standard compliance - ERC-20, ERC-3643, ERC-7551, ERC-2771, ERC-7802, etc.

Contract Inheritance Hierarchy

CMTATBaseCore (0) - Basic ERC20 + Mint + Burn + Validation + Access Control
    ↓
CMTATBaseAccessControl (1) - RBAC roles management
    ↓
CMTATBaseRuleEngine/Allowlist (2) - Transfer validation rules
    ↓
CMTATBaseERC1404 (3) - ERC-1404 compliance (restrictedTransfer)
    ↓
CMTATBaseERC20CrossChain (4) - CCIP & ERC-7802 support
    ↓
CMTATBaseERC2771 (5) - Gasless meta-transactions
    ↓
CMTATBaseERC1363/ERC7551 (6) - Additional standards

Key Roles (Access Control)

DEFAULT_ADMIN_ROLE - Admin access (can grant/revoke roles)
MINTER_ROLE - Can mint tokens
BURNER_ROLE - Can burn tokens
PAUSER_ROLE - Can pause/unpause contract
ENFORCER_ROLE - Can freeze/unfreeze addresses

Key Files to Understand

contracts/modules/0_CMTATBaseCore.sol - Core base contract
contracts/deployment/CMTAT_*.sol - Pre-composed deployment variants
contracts/interfaces/ - All supported interfaces and standards
hardhat.config.js - Build configuration
package.json - Dependencies and scripts

ナビゲーション

Skillsとは？

リンク