Section 13: Implementation Roadmap
|
OTCM PROTOCOL Comprehensive Technical Whitepaper — Version 7.0 ST22 Digital Securities Platform | March 2026 | Groovy Company, Inc. dba OTCM Protocol |
Section 13: Implementation Roadmap
Phase-by-phase implementation timeline from Q2 2026 launch through full international expansion, including technical milestones, regulatory rollout, cross-chain interoperability, and risk contingency planning.
13.1 Q2 2026 Launch Sequence
OTCM Protocol follows a methodical, security-first launch sequence designed to ensure flawless deployment of critical financial infrastructure for Digital Securities. Financial infrastructure requires zero-tolerance launch procedures. Every line of code, every regulatory filing, every system integration must be verified before a single transaction processes.
|
Phase |
Window |
Focus |
|
Pre-Launch |
Days −60 to −1 |
Security audits · Regulatory preparation · Infrastructure hardening |
|
Launch Week |
Days 1–7 |
Contract deployment · Canary testing · Public mainnet on Day 3 |
|
Post-Launch Stabilization |
Weeks 2–4 |
Volume monitoring · Issuer onboarding · Scaling preparation |
13.2 Pre-Launch Phase (Days −60 to −1)
13.2.1 Security Audit Program
OTCM Protocol commissions dual independent security audits with formal verification before any mainnet deployment. All critical and high-severity findings must be remediated before launch. Medium findings must be remediated within 30 days post-launch. There are no exceptions.
|
Audit Type |
Provider |
Duration |
Completion Target |
|
Smart Contract Audit #1 |
Quantstamp |
4 weeks |
Day −45 |
|
Smart Contract Audit #2 |
Halborn |
4 weeks |
Day −40 |
|
Formal Verification |
Certora |
3 weeks |
Day −30 |
|
Dynamic Security Testing |
Internal + External |
2 weeks |
Day −20 |
|
Penetration Testing |
White-hat Team |
2 weeks |
Day −15 |
|
Manual Code Review |
Senior Engineering |
Continuous |
Day −7 |
|
Audit Scope — Contracts |
Lines of Code |
Complexity |
|
CEDEX Core · Global Unified Liquidity Pool · Transfer Hook program |
~25,000 |
HIGH |
|
Staking Pool · 1:1 Attestation Oracle · Protocol Governance parameters |
~8,000 |
HIGH |
|
Severity |
Remediation Requirement |
|
Critical finding |
Must fix before launch — no exceptions |
|
High finding |
Must fix before launch — no exceptions |
|
Medium finding |
Must fix within 30 days post-launch |
|
Low finding |
Must fix within 90 days post-launch |
|
Formal Verification Scope (Certora) Formal verification targets six mathematical invariants that must hold under all possible execution conditions: (1) no unauthorized minting; (2) 1:1 backing ratio invariant — token supply never exceeds Empire-custodied Series M shares; (3) no fund extraction from the Global Unified CEDEX Liquidity Pool; (4) Transfer Hook always executes — no transfer path bypasses all 42 controls; (5) 5% fee collection accuracy; (6) circuit breaker trigger correctness. Proof level: mathematical certainty. |
13.3 Regulatory Coordination (Days −60 to −1)
Regulatory coordination runs in parallel with security auditing across the full pre-launch period. All regulatory workstreams must be complete before Day 1 deployment authorization is granted by the CLO.
|
Agency / Party |
Coordination Activities |
Target |
|
SEC — Division of Trading and Markets |
Pre-filing meeting · Form D preparation · Rule 506(c) verification · Digital Securities classification confirmation per Release No. 33-11412 |
Day −45 |
|
FinCEN |
BSA compliance verification · SAR/CTR filing procedure testing · 314(b) enrollment confirmation |
Day −30 |
|
OFAC / Treasury |
SDN list integration verification · Chainalysis + TRM Labs screening provider coordination · three-layer matching test |
Day −30 |
|
Empire Stock Transfer |
Custody integration testing · 1:1 attestation oracle verification · Master Securityholder File sync testing · Transfer Hook whitelist sync |
Day −14 |
|
JDT Legal |
Blue sky notice filings in applicable states · Rule 506(c) federal preemption confirmation · Form D final preparation |
Day −14 |
|
Wyoming Secretary of State |
Digital asset registration under W.S. 34-29-101 · Certificate of Designation filing for Series M |
Day −10 |
13.4 Infrastructure Preparation (Days −30 to −1)
|
Component |
Requirements |
Target |
|
Solana RPC Nodes |
Helius RPC: 500 req/sec · 100 sendTx/sec · 3 geographic regions (US-East · US-West · EU) |
Day −14 |
|
Jito Bundle Integration |
Priority fee estimation · MEV protection · bundle submission for compliance-critical transactions |
Day −14 |
|
Database Cluster |
PostgreSQL primary + 2 replicas · 10K TPS capacity · automatic failover · encrypted at rest (AES-256) |
Day −7 |
|
API Gateway |
Load balancer · rate limiting · DDoS protection · TLS 1.3 · 99.99% availability SLA |
Day −7 |
|
Monitoring Stack |
Prometheus + Grafana · PagerDuty · 24/7 on-call rotation · <1 minute incident detection |
Day −7 |
|
Disaster Recovery |
Cross-region backup · 15-minute RPO · 1-hour RTO · tested failover procedures |
Day −3 |
13.5 Day 1 Deployment Timeline
Day 1 begins at 09:00 UTC with contract deployment. Six launch gates (G1–G6) must be passed sequentially. Any failed gate triggers halt and escalation to the CTO. No exceptions — financial infrastructure requires zero-defect launch procedures.
|
Time (UTC) |
Milestone |
Actions |
Gate |
|
09:00 |
Contract Deployment |
Deploy CEDEX · Global Unified CEDEX Liquidity Pool · Transfer Hook program · Issuer Gateway backend |
G1 |
|
09:15 |
Bytecode Verification |
Verify all deployed bytecode hashes match audited versions — hash mismatch halts launch |
— |
|
10:00 |
Protocol Initialize |
Configure CEDEX · initialize Global Pool with permanent LP burn · activate Transfer Hook with all 42 controls |
G2 |
|
10:15 |
Compliance Activation |
Activate OFAC/SDN screening · AML monitoring · Empire whitelist sync · 1:1 attestation oracle |
— |
|
10:30 |
Canary Trading |
Internal accounts only · test all 42 Transfer Hook controls · positive and negative test cases |
G3 |
|
11:00 |
Fee Verification |
Verify 5% fee collected on test trades · confirm 0.44% routes to Global Pool · verify no issuer secondary share |
— |
|
12:00 |
Oracle Verification |
Confirm 1:1 attestation oracle · TWAP price feed accuracy · EDGAR oracle pipeline |
— |
|
15:00 |
Public Testnet |
Open to 500–1,000 whitelisted testers · simulated volume stress test · circuit breaker trigger test |
G4 |
|
18:00 |
Load Testing |
Simulate peak load · verify circuit breakers · stress test API gateway · confirm RPC capacity |
— |
|
23:59 |
Day 1 Complete |
All systems operational · monitoring active · Day 2 canary expansion handoff |
— |
|
Day 3: Public Mainnet Launch — Gate G5 and G6 Public mainnet launch occurs on Day 3 only after a final Go/No-Go review at 08:00 UTC. All gates G1–G5 must be green. Gate G6 is the public launch itself — CEDEX opens to all Empire-verified investors, the Issuer Gateway begins accepting ST22 applications, and full compliance monitoring with SAR automation activates. Any gate failure from G1–G5 delays public launch. No launch date is sacrosanct — security and compliance integrity take precedence. |
13.6 Post-Launch Stabilization (Weeks 2–4)
|
Week |
Activities |
Success Metrics |
|
Week 2 |
Transaction volume monitoring · Transfer Hook alert review · compliance alert triage · infrastructure performance tuning |
99.9%+ uptime · <1s API latency · 0 security incidents |
|
Week 3 |
Onboard 10–25 ST22 issuers via Issuer Gateway · process 500–1,000 Empire KYC/KYB verifications · first ST22 offerings live |
10+ issuers active · 500+ verified investors onboarded |
|
Week 4 |
Analyze transaction patterns · optimize Solana CU usage · identify scaling bottlenecks · prepare for Phase 2 |
Scaling plan finalized · bottlenecks documented · Phase 2 kickoff ready |
13.7 Four-Phase Growth Plan
OTCM Protocol follows a structured four-phase growth plan from Genesis through Maturity. Each phase has defined entry criteria derived from the previous phase's success metrics. No phase begins until its entry criteria are confirmed by the CTO and CLO.
|
PHASE 1 — GENESIS | Q2 2026 | Foundation Establishment |
|
Parameter |
Specification |
|
Timeline |
Q2 2026 (April–June) |
|
Target ST22 Issuers |
10–25 initial issuers — focus on OTC companies with trapped shareholder value identified by IDOS |
|
Infrastructure |
Core CEDEX · Transfer Hooks (all 42) · Issuer Gateway · Accredited Investors Gateway (Empire) · compliance monitoring |
|
Regulatory posture |
Rule 506(c) active · Form D filed per issuer · Empire integrated · Release No. 33-11412 classification confirmed |
|
Trading volume capacity |
$50M–$200M |
|
Primary goal |
Establish foundation · prove technology · validate product-market fit · zero security incidents |
|
Genesis Success Metrics |
Minimum |
Target |
|
ST22 issuers onboarded |
10 |
25 |
|
Empire-verified investors |
500 |
1,000 |
|
System uptime |
99.9% |
99.99% |
|
Security incidents |
0 |
0 |
|
Compliance violations |
0 |
0 |
|
PHASE 2 — BOOTSTRAP | Q3–Q4 2026 | Scale and Partnerships |
|
Parameter |
Specification |
|
Timeline |
Q3–Q4 2026 (July–December) |
|
Target ST22 Issuers |
50–150 issuers (4–6× growth from Phase 1) |
|
Institutional partnerships |
First institutional investors · family offices · RIA partnerships for accreditation verification pipeline |
|
OTCM Security Token listing |
Application to CEX listings (Binance, Kraken, Coinbase) |
|
Regulatory milestones |
Regulation A+ Tier 2 preparation · additional state notice filings · CEDEX ATS classification evaluation |
|
Technical milestones |
CEDEX v1.5 · enhanced AMM · limit order support · advanced analytics dashboard |
|
Primary goal |
Scale operations · establish institutional credibility · prepare for growth phase |
Phase 2 entry criteria: (1) 10+ issuers live and trading; (2) 500+ Empire-verified investors; (3) 3+ months clean operating history with zero critical security incidents; (4) all medium-severity audit findings remediated.
|
PHASE 3 — GROWTH | 2027 | Market Expansion |
|
Parameter |
Specification |
|
Timeline |
Full year 2027 |
|
Target ST22 Issuers |
200–500 issuers |
|
Daily CEDEX Volume |
$200M–$1B |
|
Regulation A+ Tier 2 |
SEC qualification received · non-accredited investors eligible (10% limit) · $75M annual cap per issuer |
|
Regulation S rollout |
Non-U.S. investor participation active · 12-month compliance period enforced by Transfer Hook Control 24 |
|
NASDAQ listing |
Groovy Company, Inc. (GROO) NASDAQ listing preparations · audited financials · institutional credibility milestone |
|
Cross-chain |
Wormhole read bridge (Phase 1) · EVM representation token evaluation (Phase 2 decision gate) |
|
Primary goal |
Achieve market leadership · establish global presence · prepare for full institutional adoption |
Phase 3 entry criteria: (1) 50+ issuers active; (2) $100M+ cumulative ST22 transaction volume; (3) Regulation A+ qualification in progress; (4) SOC 2 Type I certification complete.
|
PHASE 4 — MATURITY | 2028+ | Full Ecosystem |
|
Parameter |
Specification |
|
Timeline |
2028 and beyond |
|
Institutional adoption |
Full institutional participation · banks · broker-dealers · asset managers · ATS registration finalized |
|
OTCM ICO |
$100M target · Dutch auction mechanism · public token distribution |
|
International expansion |
EU (MiCA) · UK (FCA) · Singapore (MAS) · Japan (FSA) |
|
Cross-chain |
EVM compliance layer evaluation · ERC-3643 compatibility assessment |
|
Protocol governance |
Governance framework evolution · expanded multi-sig participant set · broader stakeholder participation |
|
Primary goal |
Protocol maturity · global regulatory acceptance · self-sustaining ecosystem |
13.8 Technical Development Milestones
13.8.1 Smart Contract Roadmap
|
Quarter |
Component |
Features |
Status |
|
Q1 2026 |
CEDEX Core v1.0 (dev) |
CPMM AMM · Transfer Hook foundation · staking · Global Pool |
Development |
|
Q2 2026 |
Launch Release |
All 42 Transfer Hooks · 1:1 attestation oracle · circuit breakers · Issuer Gateway |
Launch |
|
Q3 2026 |
CEDEX v1.5 |
Enhanced AMM · limit orders · analytics dashboard · bug bounty program |
Planned |
|
Q4 2026 |
Cross-chain Phase 1 |
Wormhole read bridge · custody attestation on EVM chains |
Planned |
|
2027 |
CEDEX v2.0 |
Institutional trading · advanced order types · dark pool evaluation |
Planned |
|
2028 |
Protocol Governance v2 |
Expanded multi-sig set · broader parameter governance · cross-chain expansion controls |
Planned |
13.8.2 Infrastructure Scaling
|
Phase |
RPC Capacity |
Database TPS |
Geographic Regions |
|
Genesis (Q2 2026) |
500 req/sec |
10K TPS |
3 — US-East · US-West · EU |
|
Bootstrap (Q3–Q4 2026) |
2,000 req/sec |
50K TPS |
5 — + APAC · LATAM |
|
Growth (2027) |
10,000 req/sec |
200K TPS |
8 — global coverage |
|
Maturity (2028+) |
50,000+ req/sec |
1M+ TPS |
12+ — full global |
13.8.3 Security Enhancement Roadmap
• Q2 2026 — Dual-auditor security certification (Quantstamp + Halborn) + Certora formal verification
• Q3 2026 — Bug bounty program launch — $100K initial pool
• Q4 2026 — SOC 2 Type I certification
• 2027 — SOC 2 Type II · ISO 27001 · quarterly penetration testing program formalized
• 2028+ — Formal verification expansion to cross-chain components · insurance coverage ($50M+ target)
13.9 Regulatory Expansion Roadmap
13.9.1 U.S. Regulatory Path
|
Timeline |
Regulatory Milestone |
Impact |
|
Q2 2026 |
Rule 506(c) active + Digital Securities classification (Release No. 33-11412) |
Accredited investors only · unlimited raise · general solicitation permitted |
|
Q4 2026 |
Regulation A+ Tier 2 filing with SEC |
Non-accredited investors eligible pending qualification · $75M annual cap |
|
Q2 2027 |
Regulation A+ qualification received |
Retail investor participation opens · significant TAM expansion |
|
Q4 2027 |
NASDAQ listing (GROO) |
Groovy Company, Inc. listed on NASDAQ · institutional credibility unlocked |
|
2028+ |
ATS registration evaluation |
SEC ATS registration for CEDEX as fully regulated exchange venue |
13.9.2 International Expansion
|
Region |
Timeline |
Regulatory Framework |
Approach |
|
European Union |
Q1 2028 |
MiCA — Markets in Crypto-Assets Regulation |
CASP registration · local legal entity formation |
|
United Kingdom |
Q2 2028 |
FCA — Financial Conduct Authority |
Regulatory sandbox participation · full authorization pathway |
|
Singapore |
Q3 2028 |
MAS — Monetary Authority of Singapore |
Capital Markets Services license · local partnership |
|
Japan |
Q4 2028 |
FSA — Financial Services Agency |
Local partnership · Type I Financial Instruments Business |
13.10 Risk Mitigation and Contingency Planning
13.10.1 Launch Risk Assessment
|
Risk Category |
Likelihood |
Impact |
Primary Mitigation |
|
Smart contract vulnerability |
Low |
Critical |
Dual audits + formal verification + bug bounty · no launch without all audits green |
|
Regulatory challenge or inquiry |
Low |
High |
Pre-filing SEC meeting · compliance-first design · CLO Jeff Turner (JDT Legal) engaged |
|
Infrastructure failure |
Low |
Medium |
Multi-region redundancy · automatic failover · 15-min RPO · 1-hour RTO |
|
Low initial issuer adoption |
Medium |
Medium |
IDOS priority queue drives targeted outreach · Groovy Company, Inc. as flagship issuer |
|
Market manipulation attempt |
Medium |
Medium |
42 Transfer Hook controls · circuit breakers · real-time monitoring · Jito MEV protection |
|
Empire Stock Transfer operational issue |
Low |
High |
Documented failover procedures · contractual SLAs · direct Patrick Mokros escalation path |
13.10.2 Three-Level Rollback Framework
|
Level |
Action |
Scope |
Decision Authority |
Reversible? |
|
Level 1 — Pause |
Pause new transactions only |
Existing positions preserved and accessible |
CTO (Frank Yglesias) |
Yes |
|
Level 2 — Freeze |
Freeze all operations |
All positions frozen · no transfers |
CEO (Berj Abajian) + CTO |
Yes |
|
Level 3 — Rollback |
Revert to last verified good state |
Positions restored from snapshot |
Full Board |
No |
13.10.3 Crisis Communication Protocol
• Crisis Commander — CTO Frank Yglesias (primary) · CEO Berj Abajian (secondary) · full authority during declared crisis
• War Room Activation — Full team assembly within 15 minutes of incident detection via PagerDuty
• Regulatory Notification — SEC and FinCEN notification within 24 hours of any material incident affecting investor assets
• Communication Cadence — Hourly internal status updates · 4-hour external status page updates during active incident
• Post-Incident Review — Mandatory root cause analysis within 72 hours of full resolution · published within 30 days
13.11 Cross-Chain Interoperability Roadmap
13.11.1 Why Solana First Is Not Solana Only
OTCM Protocol launched on Solana as a deliberate architectural choice. The SPL Token-2022 Transfer Hook is the single most important capability in the platform's design — no equivalent mechanism exists on Ethereum L1 or any current EVM L2. This is not a preference: it is the only chain where the OTCM 42-control compliance architecture as specified can be built today.
|
Property |
Solana |
Ethereum L1 |
EVM L2s |
|
SPL Token-2022 Transfer Hook (native) |
Yes — built-in |
Not available |
Not available |
|
Compliance enforcement at transfer primitive |
Yes — Transfer Hooks |
Application layer only |
Application layer only |
|
Cost per compliance-verified transfer |
~$0.00025 |
$1–$50+ |
$0.01–$0.50 |
|
Settlement finality |
~400ms |
12–15 seconds |
Varies |
|
42-control sequential enforcement |
Yes — within CU budget |
Gas cost prohibitive |
Partially feasible |
Despite Solana's architectural advantages, multi-chain expansion is a strategic imperative: institutional custody infrastructure (Fireblocks, BitGo, Anchorage) has deeper EVM integration; many institutional investors hold capital on EVM chains and prefer not to bridge; and EU (MiCA) and UK (FCA) regulatory frameworks have more Ethereum-specific guidance. Cross-chain capability expands the addressable investor base without compromising the Solana compliance architecture.
13.11.2 Phased Cross-Chain Expansion
|
Phase |
Timeline |
Milestone |
Technical Mechanism |
|
Phase 0 — Solana Native |
Q2 2026 |
Mainnet launch · all 42 controls enforced on Solana |
SPL Token-2022 Transfer Hooks — no bridge |
|
Phase 1 — Wormhole Read Bridge |
Q4 2026 |
Read-only custody attestation accessible on EVM chains |
Wormhole oracle message relay only |
|
Phase 2 — EVM Representation Tokens |
Q2 2027 |
Wrapped ST22 tokens on Ethereum/Base — trading only · compliance enforced on Solana |
Wormhole NTT (Native Token Transfers) |
|
Phase 3 — EVM Compliance Layer |
Q4 2027 |
Subset of Transfer Hook controls ported to EVM via compliance oracle |
ERC-1363 transfer-and-call + compliance oracle |
|
Phase 4 — Multi-Chain Parity |
2028+ |
Independent compliance enforcement on EVM chains for requiring jurisdictions |
ERC-3643 compatibility layer evaluation |
|
Critical Principle: Solana Remains Authoritative Settlement Layer Cross-chain representations are settlement-linked to Solana state at all times. EVM-side wrapped tokens cannot exist without a corresponding Solana position. No cross-chain architecture creates a parallel token supply that diverges from Solana. The Master Securityholder File maintained by Empire Stock Transfer on the off-chain layer remains the legally authoritative ownership record regardless of which chain the token representation is trading on. |
13.11.3 Phase 2 EVM Investor Disclosure
On EVM chains, wrapped ST22 Digital Securities tokens trade under the EVM chain's transfer rules — OTCM's Transfer Hooks do not execute on EVM. This means: EVM-side transfers are not subject to OTCM's 42 security controls; EVM-side OFAC screening must be implemented at the application layer; the authoritative compliance record remains on Solana; and return to Solana triggers full 42-control Transfer Hook enforcement. This limitation is clearly disclosed in all investor materials for Phase 2 products.
13.11.4 Cross-Chain Control Applicability Matrix
|
Control Category |
Solana (Phase 0) |
EVM Phase 2 |
EVM Phase 3 Target |
|
Custody verification (1:1 attestation) |
Every transfer |
Via Wormhole read relay |
Yes — via oracle |
|
OFAC / SDN screening |
Every transfer |
Application layer only |
Partial — gas constrained |
|
AML risk scoring |
Every transfer |
Application layer only |
Partial — gas constrained |
|
KYC / accreditation check |
Every transfer |
Application layer only |
Via ONCHAINID (if ERC-3643) |
|
Circuit breakers |
Every transfer |
Not enforced |
Evaluating |
|
Global Pool sufficiency |
Every transfer |
Not applicable |
Not applicable |
|
Controls 7–42 (all remaining) |
Every transfer |
Not enforced |
Subset only |
13.11.5 Cross-Chain Expansion Governance
Any cross-chain expansion beyond Phase 1 (read-only) requires authorization under the Protocol Governance and Parameter Management framework (Section 7). The multi-sig thresholds and timelock requirements increase with the significance of the change:
|
Decision |
Authorization Required |
Timelock |
Required Documentation |
|
Phase 1 — Wormhole read relay |
3-of-5 multi-sig |
48 hours |
Technical specification + security audit |
|
Phase 2 — NTT wrapped tokens |
5-of-9 multi-sig |
7 days |
Full audit + CLO legal opinion on EVM jurisdiction |
|
Phase 3 — EVM compliance layer |
5-of-9 multi-sig |
14 days |
Full audit + compliance equivalence analysis |
|
ERC-3643 compatibility evaluation |
5-of-9 multi-sig |
14 days |
CLO legal opinion + partnership terms review |
|
Groovy Company, Inc. dba OTCM Protocol | CIK: 1499275 | Version 7.0 | March 2026 | Confidential |