XRPL · Entrepreneur educationSheet 01 / The triad

Ownership·Custody·Possession

Before discussing property or custody, a more fundamental distinction must be established: the asset and its digital representation are not the same thing. All XRPL pedagogy rests on this.

"My crypto is on Coinbase. It belongs to me, right?"
Spoiler: yes and no. And this nuance changes everything.
00The founding distinctionBefore everything else

A token on XRPL is not the asset. It is a representation of the asset. These two objects are distinct, connected by a legal or contractual bridge. Understanding this duality is understanding all of XRPL.

Example 01 — Real-estate tokenization

A fractional building

The physical building stays in Paris. 10 000 fractional shares circulate on XRPL.

LE BIEN 12 RUE RÉAUMUR · 75002 PARIS 1 200 m² · 4,8 M€ LE PONT La SPV Société de Projet SPV DÉTIENT L'IMMEUBLE ÉMET 10 000 PARTS MPT REGISTRE LÉGAL + WHITEPAPER MICA Si la SPV casse, les tokens deviennent fantômes. REPRÉSENTATION 10 000 MPT Fongibles · Échangeables · KYC SUR LE LEDGER XRPL
Example 02 — Money tokenization

A tokenized dollar

The dollar stays in the bank. One RLUSD circulates on XRPL for each dollar held.

LE BIEN $ $ $ RÉSERVES USD · COMPTE SÉGRÉGUÉ Banque dépositaire régulée LE PONT Émetteur régulé NY DFS Trust Charter $1 RLUSD 1 USD REÇU → 1 RLUSD ÉMIS RÉSERVES AUDITÉES MENSUELLEMENT REMBOURSEMENT À PARITÉ GARANTI Si l'émetteur faiblit, la parité décroche. REPRÉSENTATION RLUSD $1 $1 $1 $1 $1 $1 $1 $1 $1 RLUSD CIRCULE Transferts 3-5s · Frais quasi nuls SUR LE LEDGER XRPL
The asset

The real asset

Exists in the physical or legal world, independent of any blockchain.

  • · A building
  • · A commercial receivable
  • · A fund share
  • · A dollar in a bank
  • · A work of art
Governed by: Real-world law
The bridge
Contract, legal framework, attestation
If this bridge breaks, the representation loses its meaning.
The representation

The token

Exists on the XRPL ledger. A token (IOU, MPT, NFT) that points to the asset.

  • · A real-estate MPT
  • · A receivable token
  • · A tokenized fund share
  • · An RLUSD
  • · A certificate NFT
Governed by: The XRPL protocol
Three cases that illuminate the duality
Case 1
Representation = asset

No bridge. The token is the asset. No duality.

E.g.: XRP, BTC, ETH (native assets)
Case 2
Representation asset

Two objects, a solid legal bridge. The standard for serious tokenization.

E.g.: RLUSD, compliant RWAs, regulated stablecoins
Case 3
Representation without asset

The token claims to represent something that does not exist. Classic scam.

E.g.: tokens "backed" by fictitious assets
The question that reveals the bridge's quality
"What happens to the asset if the XRPL ledger disappears tomorrow?"
For XRP / BTCThe asset disappears with it. Token and asset are the same thing.
Well-designed stablecoinThe dollar in the bank still exists. A new issuer can redistribute.
Well-designed RWAThe building still exists, the legal registry confirms it.
Poorly designed representationYou lost the asset. The asset may not have really existed.
The golden rule to remember. The triad Ownership · Custody · Possession we're about to explore applies to the representation (the token). The asset itself obeys the law that governs it in the real world. All the design work of an XRPL product consists of building and maintaining the bridge between the two.
01Cardinal definitionsThe right · The mandate · The fact

Reminder: these three concepts apply to the digital representation (the object handled on XRPL — the property in the sense of "what is owned"), not to the underlying real asset.

§
The right
Ownership
Propriété
Recognized by law

The legal title to the asset. Recognized by a court, enforceable against third parties, transferable by inheritance.

"This asset belongs to me under the law."

The mandate
Custody
Garde
Contractual responsibility

The formalized responsibility of keeping and protecting the asset on behalf of another. A role, not a fact.

"I am responsible for protecting this asset."

The fact
Possession
Détention
Effective control, here and now

Material control. On XRPL: who holds the private keys at time T. No legal dimension.

"I can move this asset, right now."

Hover the dashed-underline terms for the glossary definition:Ownership·Custody·Possession·SPV·Freeze·Clawback

01·5A metaphor to anchor itThe car

The car metaphor

Three people can have a relationship with a car, without having the same type of relationship.

Ownership — The vehicle title

The legal titleholder of the vehicle. The owner according to the State.

E.g.: your name on the title

Custody — The garage / the dealer

The one officially in charge, by contract.

E.g.: the dealer during service

Possession — Keys in hand

The one who can start it and drive, right now.

E.g.: the valet, or a thief

02Configuration matrixWho holds what, really?
ConfigurationOwnershipCustodyPossession
Startup treasury in self-custody
Stablecoins paid by B2B clients
The companyThe companyCEO + CFO (multisig)
Tokenized loyalty program
Customer points issued by a retailer
The customerThe brand's appThe brand's app
Tokenized invoice (factoring)
MPT representing a B2B receivable
The investor-buyerRegulated platform (CASP / MSB)Regulated platform
SaaS billed in XRPL stablecoin
International customer collection
The SaaS vendorCrypto PSP (or ops wallet)Crypto PSP
Tokenized fund share
On-chain money market fund
The investorRegulated custodianRegulated custodian
Operational key compromise
Phishing of a signatory executive
The company (legally)— compromised —The attacker
03What exactly is being transferred?Three layers, three transactions
Anatomy of a tokenized asset transfer
— Layer 1 —
Ownership
Legal registry / contract

Legal ownership transfers according to the country's applicable law.

tx_legal = notarial deed
or contractual assignment
— Layer 2 —
Custody
Mandate with a custodian

Custody responsibility transfers via depositary contract.

tx_mandate = new
custody contract
— Layer 3 —
Possession
The XRPL ledger

Technical control transfers via an on-chain transaction signature.

tx_xrpl = Payment
or signed OfferCreate
04Alignment vs misalignmentThe golden rule of design
✓ Healthy alignment

The three layers are synchronized

An investor buys a tokenized fund share. The regulated custodian receives the MPT on XRPL, KYC is validated, the legal title is registered in the investor's name.

OwnershipInvestor
CustodyRegulated custodian
PossessionCustodian (keys)
✗ Critical misalignment

The ledger and the law diverge

A real-estate token is stolen. On the XRPL ledger, the hacker has possession and can resell it. The law still recognizes the original owner. Conflict: the blockchain says A, the court says B.

OwnershipVictim (legally)
Custody— empty —
PossessionHacker (factual)
05The XRPL toolkitThe primitives that maintain alignment

XRPL provides native features — not smart contracts to code, but primitives built into the protocol — that allow a regulated issuer to maintain alignment between on-chain possession and legal ownership. Here are the six levers to know.

01Issuance

Trustlines

The holder must explicitly accept each token type. The issuer knows all its holders.

Aligns:
02Identity

Credentials

On-chain attestations (KYC, accreditation, age) issued by an authority. Verifiable without revealing the raw data.

Aligns:
03Identity

Permissioned Domains

Circulation spaces restricted to holders of valid credentials. Essential for compliant RWAs.

Aligns:
04Control

Freeze

The issuer can freeze a token on an account (court order, sanctions, fraud suspicion). The token stays but can no longer move.

Aligns:
05Control

Clawback

The issuer can claw back an issued token (error correction, theft, court order). The ledger catches up with the law.

Aligns:
06Issuance

MPT (Multi-Purpose Tokens)

Structured tokens with metadata and built-in rules (transferability, caps, conditions). Compliance in the token itself.

Aligns:
Key reading. These primitives are not ideological limitations imposed by regulators. They are tools XRPL provides natively to allow a serious issuer to build a product where the blockchain says the same thing as the law. A protocol without these tools forces compliance to be re-coded in smart contracts — more costly, riskier, less auditable.
06Regulatory burden by layerWho owes what to whom?

The three layers do not carry the same legal weight. Custody is the most regulated. Ownership inherits from classic law. Possession has no direct status but triggers obligations indirectly. This overview spans both EU (MiCA) and US (BitLicense, FinCEN, state trust charters) — always validate with a lawyer for your specific jurisdiction.

Ownership

Burden: Medium
Cadres applicables
  • · Civil law (property, contracts, inheritance)
  • · Securities law if the token is a security
  • · MiCA Title II if "other crypto-asset"
  • · GDPR if personal data is attached
Typical obligations for the issuer
  • · MiCA whitepaper (EU) / SEC disclosure (US)
  • · Up-to-date holders' registry
  • · Periodic disclosure
  • · Disclosure document (prospectus if security)
  • · Consumer law if general public
Contractual documents
  • · Terms of Token
  • · Subscription Agreement
  • · Risk Disclosure

Custody

Burden: Very heavy
Cadres applicables
  • · MiCA → mandatory CASP authorization (EU)
  • · NY BitLicense / Trust Charter (US-NY)
  • · FinCEN MSB (US federal)
  • · AML Directive (EU AMLD) / Bank Secrecy Act (US BSA)
Typical obligations for the custodian
  • · Minimum capital (€125K under MiCA / state-specific in US)
  • · Strict segregation of client assets
  • · Liability in case of loss
  • · Business continuity plan (BCP)
  • · Mandatory KYC / AML-CFT
  • · Regular audits, regulator reporting
  • · Insurance against losses
Contractual documents
  • · Detailed Custody Agreement
  • · Service Level Agreement (SLA)
  • · Key management policy

Possession

Burden: Indirect but insidious
No direct legal status, BUT…
  • · If possession for another → regulated custody
  • · Criminal handling if asset stolen (even unintentionally)
  • · OFAC / EU sanctions if funds linked to sanctioned entity
  • · Employer liability if keys held by employee
  • · Travel Rule (FATF) on transfers > thresholds
De facto obligations for the possessor
  • · On-chain screening (Chainalysis, Elliptic)
  • · Source-of-funds proof (provenance)
  • · AML-CFT vigilance
  • · Operational key security
Recommended internal documents
  • · Key Management Policy
  • · Incident Response Plan
  • · Screening procedure
07Token qualification treeWhich legal regime for my token?

The legal qualification of your token determines the stack of obligations that piles on top. This tree is a first sorting grid (EU/MiCA framework dominant) — definitive qualification requires formal legal advice.

Starting question
Does your token represent a right to a traditional underlying asset (share, bond, fund unit, receivable)?
YES →
SECURITY TOKEN

Classic financial security, tokenized. Financial markets regime (MiFID II, prospectus, AMF, ESMA).

Burden: Maximum
E.g.: tokenized fund share, B2B receivable, equity token
NO ↓ (next question)
Question 2
Is your token pegged to a single official fiat currency (€, $, £) with a promise of redemption at par?
YES →
E-MONEY TOKEN (EMT)

MiCA Title IV regime. Issuer must be authorized as an electronic money or credit institution.

Burden: Very heavy
E.g.: USDC, RLUSD, PYUSD, tokenized USD
NO ↓ (next question)
Question 3
Is your token backed by a basket of assets (multiple currencies, commodities, mix) to stabilize its value?
YES →
ASSET-REFERENCED TOKEN (ART)

MiCA Title III regime. Specific authorization, mandatory reserves, regulator-validated whitepaper.

Burden: Heavy
E.g.: multi-collateral stablecoin, basket token
NO ↓ (next question)
Question 4
Does your token give access to a specific service or product provided by the issuer, with no promise of value?
YES →
UTILITY TOKEN

Lighter MiCA Title II regime. Whitepaper required but no authorization. Exemption possible if closed network.

Burden: Medium
E.g.: loyalty points, prepaid SaaS access, gaming tokens
NO →
"OTHER CRYPTO-ASSET"

Residual MiCA Title II category. Whitepaper mandatory but lightest regime.

Burden: Light
E.g.: XRP, BTC, ETH (native, not issued by a single entity)
Important note. This tree follows the EU MiCA framework. Under US securities law (Howey test), the qualification logic is similar but stricter on what counts as a "security". Specific exemptions exist on both sides: unique non-fungible NFTs (outside MiCA scope), tokens in limited closed networks, offers < €1M / Reg D / Reg S thresholds, etc. The legal test is substantive, not formal: it is the token's real economic function that determines its regime, not its marketing name.
— For the entrepreneur —

Before tokenizing anything,
ask yourself: who has what?

For every token you handle in your product: who is the owner, who has custody, who has technical possession? And what legal qualification applies to that token?

If you cannot clearly answer all four questions, you are not ready to launch.

A simple grid that avoids complex problems.

XRPL pedagogy · Sheet 01Conceptual triad

General information only, not legal advice. Predominantly EU/MiCA framework; the US counterpart (Howey, BitLicense, FinCEN) is mentioned but final qualification must be validated by counsel in your jurisdiction.