Skip to content

Instantly share code, notes, and snippets.

@zhigang1992

zhigang1992/REI-42-cobo-tokenization-research.md

Created January 24, 2026 02:39
Show Gist options

  • Select an option

    Learn more about clone URLs
  • Save zhigang1992/cec093e9170afebb214e2458d0eed38b to your computer and use it in GitHub Desktop.

Select an option

Learn more about clone URLs
Save zhigang1992/cec093e9170afebb214e2458d0eed38b to your computer and use it in GitHub Desktop.
Download ZIP
REI-42: Cobo Tokenization Research for Solana Token-2022
Raw
REI-42-cobo-tokenization-research.md

REI-42: Cobo Tokenization Research for Solana Token-2022

Linear Issue Context

Issue: REI-42 Assignee: Chan A Task: Review Cobo's tokenization offering to see if it meets ALEX's requirements for Solana Token-2022 with Transfer Fee extension.

Cobo's Offering (from Chan's notes):

  • MPC wallet infrastructure for secure key management
  • Token deployment via their WaaS DevAPI
  • Solana Token-2022 support with Transfer Fee extension
  • Web UI for token management (coming ~2 weeks after API)

Documentation Links:

Current Tessera Architecture

1. Token Program (On-Chain)

Program ID: TESQvsR4TmYxiroPPQgZpVRoSFG8pru4fsYr67iv6kf

Deployed Tokens:

Network Mint Symbol Transfer Fee
DevNet 2Z41NAkarnW3VKA5EYk3YM58CgXDvpdyw5isEDbNW8mR TTT02 0.2%
MainNet TESgesqMiVxUG38tuJmLkDSQoebKmBn2FhZkYNBr8hu TESS 0.2%

Token-2022 Extensions Used:

  • Transfer Fee Extension (0.2% / 20 basis points, max 1,000 tokens)
  • Metadata Pointer Extension
  • Transfer Hook (for custom fee logic)

Key On-Chain Instructions:

  • initialize_mint_with_transfer_fee - Create Token-2022 mint with extensions
  • initialize_program_config - Set up fee manager PDA
  • withdraw_to_fee_manager - Harvest and withdraw fees
  • add_whitelisted_address - Per-address fee configuration
  • update_transfer_fee - Modify fee rates

2. Referral System (On-Chain)

Program ID: HiA4mhg5viZhiPHsJg2rEo2B5L2TNnNkwDi6AzCT9eD4

Fee Distribution Tiers:

  • Level 1 (direct referrer): 30% of fees
  • Level 2 (referrer's referrer): 3% of fees
  • Level 3 (referrer's referrer's referrer): 2% of fees
  • Protocol: 65%

3. Current Wallet/Key Management

Current Approach: Browser Wallets + File-Based Keys

Purpose Current Method
User transactions Phantom/Solflare browser wallets
Token Authority Team-held wallet (9UHfCynABPyvSeqZfD3E6A3DPt1xfechkRa1xDm6ZRvY)
Fee Withdrawal Keypair file (.keypairs/deployer-keypair.json)
Production secrets Gopass-managed

No MPC/Institutional Key Management Currently

4. Fee Distribution Backend

Architecture:

Token Transfer (0.2% fee)
    ↓
Token-2022 withholds fee in recipient account
    ↓
Event Listener → logs attribution to Redis
    ↓
Harvest Worker (every ~60s)
    └─ harvest_withheld_tokens_to_mint() → consolidate fees to mint
    ↓
Distribution Worker (every ~120s)
    ├─ Fetch sender's referral chain (SenderFeeConfig PDA)
    ├─ Calculate splits: Tier1(30%), Tier2(3%), Tier3(2%), Protocol(65%)
    └─ withdraw_withheld_tokens_from_mint() → send to referrers

Backend Components:

  • fee-distribution-worker.ts - Orchestrates harvest + distribution
  • Withdraw Authority Keypair - Signs fee withdrawal transactions
  • Redis Queue - Stores pending attributions
  • WebSocket Event Listener - Captures transfer events

Key Issue: Backend worker currently loads private keys from file to sign transactions.

What Cobo Integration Would Change

Architecture Comparison

Before (Current):

Admin → Browser Wallet → Solana RPC → Token Program
Backend → Local Keypair → Solana RPC → Fee Distribution

After (With Cobo):

Admin → Tessera Backend → Cobo WaaS API → MPC Signing → Solana RPC
Backend → Cobo WaaS API → MPC Signing → Solana RPC

Integration Points

Layer Current With Cobo
Token Authority Team wallet Cobo MPC wallet
Fee Manager Deployer keypair Cobo MPC wallet
Backend Withdrawal Signing Local keypair file Cobo WaaS API
Referral Distribution Local keypair Cobo API
Policy Controls None Cobo policy engine

What Stays the Same

  • ✅ Token-2022 program (already deployed)
  • ✅ Transfer fee extension logic
  • ✅ User-facing wallet connections (Phantom/Solflare)
  • ✅ Fee collection via program PDA
  • ✅ Referral system integration
  • ✅ Redis queue for attribution tracking

Migration Required

  1. Authority Transfer - Existing token authorities transferred to Cobo MPC wallets
  2. Backend Integration - New service to call Cobo WaaS API for signing
  3. Approval Workflows - Define policies (e.g., multi-sig for large withdrawals)

Integration Options for Fee Distribution

Option A: Cobo as Full Withdraw Authority

All fee withdrawals go through Cobo MPC signing.

Distribution Worker (backend)
    ↓
Cobo WaaS API (sign withdrawal tx)
    ↓
MPC Signing (threshold signatures)
    ↓
Solana RPC

Pros:

  • No private keys on backend servers
  • Full audit trail
  • Policy controls for all operations

Cons:

  • Added latency (~1-3s per MPC signature)
  • API dependency for fee distribution
  • Cost per transaction signature
  • Rate limit considerations (many small transactions)

Option B: Hybrid Approach (Threshold-Based)

Routine operations use permissionless flow; large/sensitive operations require Cobo.

Below Threshold (permissionless)    Above Threshold (authority required)
         ↓                                      ↓
  Program PDA signs                  Backend → Cobo API → MPC sign
         ↓                                      ↓
    Solana RPC                             Solana RPC

Implementation:

  • Set withdrawal_threshold in FeeManagerConfig
  • Routine distributions stay fast
  • Large withdrawals require Cobo MPC approval

Key Questions for Cobo

Technical Compatibility

  1. Does Cobo support Token-2022 extensions natively? (Transfer Fee, Metadata Pointer)
  2. Can Cobo act as a Solana program authority? (for fee config, mint authority)
  3. Does Cobo support Solana versioned transactions (v0 with lookup tables)?

Performance & Operations

  1. What's the latency for MPC signing? (impacts fee distribution UX)
  2. What are the rate limits on signing API? (worker processes many transactions)
  3. Is there webhook support for async signing notifications?
  4. What's the cost per signature?

Migration

  1. Can existing token authorities be migrated to Cobo wallets?
  2. What's the key recovery mechanism?
  3. How does multi-party approval work for policy enforcement?

Recommendation

Cobo's offering aligns well with ALEX's needs if they support Token-2022 extensions. The main value propositions:

  1. Security - MPC key management eliminates single points of failure
  2. Compliance - Audit trails and policy controls
  3. Operations - No private keys on backend servers

Suggested Integration Approach:

  1. Start with Option B (Hybrid) - Use Cobo for sensitive operations while keeping routine fee distribution fast
  2. Migrate token authorities to Cobo MPC wallets
  3. Build backend Cobo service module for signing
  4. Define policies for different operation types

Main Development Work:

  • Backend service for Cobo WaaS API integration
  • Transaction assembly (build unsigned, send to Cobo)
  • Error handling for API failures
  • Configuration management for Cobo credentials

Files Referenced

Webapp

  • /src/lib/solana/config.ts - Program IDs, RPC endpoints
  • /src/lib/solana/on-chain-client.ts - Solana client, PDA derivation
  • /src/lib/idl/tessera_token.json - Token program IDL
  • /src/generated/tessera-token/types.ts - Generated types
  • /src/features/admin/ - Admin hooks for token operations

Contract

  • /contract/programs/tessera-token/ - Token program source
  • /contract/programs/referral-system/ - Referral program source
  • /contract/scripts/automation/fee-distribution-worker.ts - Fee distribution worker

Research compiled for REI-42 on 2026-01-24

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment