Skip to main content
Status: this page is undergoing external legal review. Content is subject to change — in particular as the Korean Digital Asset Basic Act (디지털자산기본법) moves through the National Assembly, several of the SFIA-era citations below will be superseded or augmented.
The FXOrder is Musubi’s core on-ledger coordination record. This page enumerates every field on the FXOrder template and each attestation contract that binds to it, with the JP / KR / FATF statute that justifies each field’s presence. For runtime semantics — when a field populates, what gate enforces it, how the record moves through its lifecycle — see Reporting. For how the audit trail retrieves and retains it, see Audit Trail.

Enums

EnumValues
StatusPENDING, QUOTED, EXECUTING, SETTLED, FAILED, EXPIRED
FailureReasonNO_QUOTE, SLIPPAGE, KYC_FAIL, TIMEOUT, REVERT, SANCTIONS, COMPLIANCE_BLOCK
KYCStatusKYC_NOT_VERIFIED, KYC_VERIFIED, KYC_EXPIRED, KYC_REJECTED
SanctionsStatusSANCTIONS_NOT_SCREENED, SANCTIONS_CLEARED, SANCTIONS_HIT
RiskRatingLOW, MEDIUM, HIGH, PROHIBITED
PEPStatusNOT_PEP, PEP, RCA
AssetTypeSTABLECOIN_FIAT_BACKED, CBDC, COMMERCIAL_BANK_MONEY, CRYPTO
ConsentTypeCROSS_BORDER_PII, BENEFICIAL_OWNER_DISCLOSURE
AlertTypeAML_THRESHOLD, SANCTIONS_HIT, KYC_EXPIRED, VELOCITY, TRAVEL_RULE
SeverityINFO, WARNING, BLOCK
FilingJurisdictionJP_JAFIC, KR_KOFIU

FXOrder

Top-level template. Signatories: operator + sender’s custodian. Observers: sender, receiver, receiver’s custodian, and the market maker (once quote is accepted).
FieldTypeOptional?DescriptionStatute
operatorPartynoMusubi network operator (signatory)
intentIdTextnoUnique identifier (UUID) for this order
createdAtTimenoProposal creation timestamp
expiresAtTimenoDeadline beyond which the order expires
statusStatusnoCurrent lifecycle state
senderSenderInfonoSender side, including IVMS 101 originatorAPTCP Art. 10-5 / SFIA Art. 5-2(5)
receiverReceiverInfonoReceiver side, including IVMS 101 beneficiaryAPTCP Art. 10-5 / SFIA Art. 5-2(5)
sourceAssetSourceAssetnoAsset being sold by the sender
targetAssetTargetAssetnoAsset the receiver is to be paid in
quoteInfoQuoteInfopopulated at QUOTEDWinning quote details
marketMakerInfoMarketMakerInfopopulated at QUOTEDMarket maker identity and quoted amounts
settlementInfoSettlementInfopopulated at SETTLEDAtomic settlement record
complianceComplianceInfonoKYC, sanctions, risk, jurisdictions, purposeAPTCP Art. 4 / SFIA Art. 5-2
failureReasonOptional FailureReasonyesSet on FAILED or EXPIRED
memoOptional TextyesFree-form remittance information

SenderInfo / ReceiverInfo

Mirror records on either side of the trade. Carry IVMS 101 identity + cross-border PII consent per-transfer.
FieldTypeOptional?DescriptionStatute
senderPartyId / receiverPartyIdPartynoCanton PartyId of the institution
senderCustodianPartyId / receiverCustodianPartyIdPartynoCanton PartyId of the custodian
intentSignature (sender only)TextnoOff-chain signature over the intent payload; verifiable by regulators
originator (sender) / beneficiary (receiver)Originator / BeneficiarynoIVMS 101 identity + account numberAPTCP Art. 10-5 + Enforcement Regs Art. 32-2 / SFIA Art. 5-2(5) + Enforcement Decree Art. 10-10
originatingVASP (sender) / beneficiaryVASP (receiver)VASPIdentifiernoIVMS 101 VASP identityFATF Rec 15 IN ¶7(b)
crossBorderConsentConsentRecordnoPer-transfer PII cross-border consentAPPI Art. 27 + Art. 28 / PIPA Art. 17 + Art. 28-8

Originator / Beneficiary

FieldTypeOptional?DescriptionStatute
personIVMSPartynoNatural or legal person variantFATF Rec 16
accountNumberTextnoAccount identifier at the custodianFATF Rec 16 (mandatory at threshold)

IVMSParty (variant)

Sum type: PersonNatural NaturalPerson or PersonLegal LegalPerson. Institutional flows typically use PersonLegal.

NaturalPerson

FieldTypeOptional?Description
primaryNameTextnoFamily name (lastName)
secondaryNameTextnoGiven name(s) (firstName)
dateAndPlaceOfBirthOptional DateAndPlaceyesDate + place of birth (IVMS 101)
nationalIdentificationOptional NationalIDyesStructured national ID
geographicAddressGeographicAddressnoResidence address
customerIdentificationOptional TextyesInternal KYC customer ID at the custodian
countryOfResidenceTextnoISO 3166-1 alpha-2

LegalPerson

beneficialOwners is required to be non-empty for HIGH risk orders — enforced by the FXOrder ensure clause (FATF Rec 10 / D-01).
FieldTypeOptional?DescriptionStatute
legalNameTextnoRegistered legal name
phoneticNameOptional TextyesRomanised / phonetic rendering
bicOptional TextyesSWIFT BIC (8 or 11 chars)
leiOptional TextyesISO 17442 LEI (20 chars)
geographicAddressGeographicAddressnoRegistered office address
nationalRegistrationIdOptional TextyesNational corporate registration ID
countryOfRegistrationTextnoISO 3166-1 alpha-2
beneficialOwners[NaturalPerson]defaults []Natural persons with ≥25% ownership or effective controlAPTCP Art. 4(1)¶4 + Enforcement Regs Art. 11 / SFIA Enforcement Decree Art. 10-5(2)

GeographicAddress

FieldTypeOptional?Description
addressTypeTextnoHOME / BIZZ / GEOG
streetNameTextnoStreet name
buildingNumberTextnoBuilding or unit number
postCodeTextnoPostal code
townNameTextnoCity / district
countrySubDivisionOptional TextyesPrefecture / province
countryTextnoISO 3166-1 alpha-2

NationalID

FieldTypeOptional?Description
nationalIdentifierTextnoID number
nationalIdentifierTypeTextnoPASS / DRLC / NIDN / RAID / SOCS / CCPT / LEIX
countryOfIssueTextnoISO 3166-1 alpha-2

DateAndPlace

FieldTypeOptional?Description
dateOfBirthDatenoCalendar date
placeOfBirthTextnoCity / region
countryOfBirthTextnoISO 3166-1 alpha-2

VASPIdentifier

FieldTypeOptional?DescriptionStatute
legalPersonLegalPersonnoVASP’s legal entity detailsPSA Art. 63-10 / SFIA Art. 5-2(4)
vaspCodeOptional TextyesGLEIF LEI or locally issued VASP codeFATF Rec 15 IN ¶7(b)

ConsentRecord

FieldTypeOptional?DescriptionStatute
consentTypeConsentTypenoCROSS_BORDER_PII or BENEFICIAL_OWNER_DISCLOSUREAPPI Art. 27 / PIPA Art. 17
consentedAtTimenoWhen the data subject consentedAPPI Art. 28 / PIPA Art. 28-8
consentTextTextnoHuman-readable attestation summary
dataRecipientCountryTextnoISO 3166-1 alpha-2 — where PII will be transmittedAPPI Art. 28 / PIPA Art. 28-8
consentScopeTextnoIVMS101_FULL / IVMS101_SANS_NATIONAL_ID
expiresAtTimenoValidity deadline (enforced at settlement)
consentReferenceTextnoPointer to signed consent document in the custodian’s records system

CurrencyIdentifier

Dual-identifier scheme closing audit finding H-03. iso4217 is the three-letter reference currency used by regulator reporting; tokenSymbol is the on-ledger token symbol.
FieldTypeOptional?Description
iso4217TextnoISO 4217 reference currency (3 uppercase alpha)
tokenSymbolTextnoOn-ledger token symbol (e.g. JPYSC0, USDCx)
assetTypeAssetTypenoInstrument classification
issuerOptional TextyesHuman-readable issuer label

SourceAsset / TargetAsset

SourceAsset describes what the sender is selling; TargetAsset describes what the receiver is to be paid. Musubi is receiver-fixed: targetAmount is the primary input; market makers quote sourceAmountMax.
FieldTypeOptional?Description
sourceCurrencyId / targetCurrencyIdCurrencyIdentifiernoDual-identifier currency record (ISO 4217 + token symbol)
sourceAmountMax (source only)Optional DecimalyesSlippage guard: max the sender will pay
sourceAmountActual (source only)Optional DecimalyesActual source amount debited at settlement
targetAmount (target only)DecimalnoReceiver-fixed: exact amount the receiver gets

QuoteInfo

Populated at QUOTED. Rate-source fields carry non-derivable market evidence at the moment the quote was captured (H-04). The fee amount itself is not stored because it is derivable: feeAmount ≡ mmQuotedSourceAmount − (midMarketRate × targetAmount).
FieldTypeOptional?DescriptionStatute
quoteIdOptional TextyesWinning quote identifier
quoteSubmittedAtOptional TimeyesWhen the market maker submitted the quote
quoteAcceptedAtOptional TimeyesWhen the sender accepted the quote
quoteValidUntilOptional TimeyesQuote expiry (typically ~30 seconds after submission)
fxRateOptional DecimalyesPost-spread rate actually offered
midMarketRateOptional DecimalyesObserved mid-market rate at quote captureBest-execution evidence (JFSA / FSC guidance)
rateSourceOptional TextyesREUTERS_REFINITIV / BLOOMBERG_BGN / INTERNAL_OBSERVEDRate-source provenance (H-04)
rateCapturedAtOptional TimeyesTimestamp when the mid-market rate was observed

MarketMakerInfo

Populated at QUOTED.
FieldTypeOptional?Description
marketMakerPartyIdOptional PartyyesWinning MM’s Canton PartyId
mmQuotedSourceAmountOptional DecimalyesSource currency cost quoted by the MM

SettlementInfo

Populated at SETTLED.
FieldTypeOptional?Description
transactionHashOptional TextyesCanton DvP transaction hash covering all four legs atomically
settledAtOptional TimeyesSettlement timestamp

ComplianceInfo

The densest record. KYC + sanctions + jurisdictions + purpose + risk profile per intent.
FieldTypeOptional?DescriptionStatute
kycAmlRefTextnoOpaque ID referencing the custodian’s external KYC clearance recordAPTCP Art. 4 / SFIA Art. 5-2(1)
kycStatusKYCStatusnoVerification statusAPTCP Art. 4 / SFIA Art. 5-2(1)¶2
kycVerifiedAtOptional TimeyesWhen KYC was verifiedAPTCP Art. 4
kycExpiresAtOptional TimeyesKYC expiry — settlement checks thisAPTCP Art. 4-2
kycProviderTextnoProvider name (PERSONA, SUMSUB, INTERNAL, etc.)
sanctionsStatusSanctionsStatusnoScreening outcomeFEFTA Art. 16-17 / TFPA Art. 4
sanctionsScreenedAtOptional TimeyesWhen screening ranFEFTA Art. 17
sanctionsProviderOptional TextyesProvider (CHAINALYSIS, ELLIPTIC, REFINITIV, etc.)
sanctionsListVersionTextnoList version pinned at order creation (S-02)FEFTA / SFIA audit requirement
sanctionsFreshnessWindowRelTimenoMaximum age of screening at settlement (S-01; default 24h)FEFTA Art. 17
jurisdictionSenderTextnoISO 3166-1 alpha-2 — sender side
jurisdictionReceiverTextnoISO 3166-1 alpha-2 — receiver side
purposeCodeTextnoISO 20022 external code set (e.g. GDDS, INTC)ISO 20022
sourceOfFundsOptional TextyesRequired when riskRating = HIGHAPTCP Art. 4 + Enforcement Regs Art. 12
riskRatingRiskRatingdefault LOWCustomer risk profile; PROHIBITED is rejected by ensure clauseAPTCP Art. 4 / SFIA Art. 5-2 + Enforcement Decree Art. 10-5(2); FATF Rec 10
pepStatusPEPStatusdefault NOT_PEPPolitically exposed person statusAPTCP Art. 4 / FSC Notice 2021-1; FATF Rec 12
pepCheckedAtOptional TimeyesWhen PEP screening ran

Attestation contracts

Separate on-ledger contracts bound to an FXOrder’s intentId. ExecuteSettlement validates a subset of these before DvP fires; see Reporting for gate logic.

RegisteredVASP

Operator-maintained VASP whitelist. Signatory: operator.
FieldTypeOptional?Description
operatorPartynoSignatory
vaspCodeTextnoGLEIF LEI or locally issued VASP code
legalNameTextnoVASP’s registered legal name
jurisdictionTextnoISO 3166-1 alpha-2
licenseNumberTextnoRegulator-issued license number
licenseIssuerTextnoJFSA, KoFIU, MAS, etc.
issuedAtTimenoLicense issuance date
expiresAtTimenoLicense expiry
revokedAtOptional TimeyesSet if the license is revoked mid-term
Statute: PSA Art. 63-10 + JFSA CAES Guidelines Ch. III; SFIA Art. 5-2(4); FATF Rec 15 IN ¶7(b).

TravelRuleAttestation

Custodian’s on-ledger confirmation that the IVMS 101 payload was transmitted via an approved Travel Rule network. Signatories: operator + originating custodian.
FieldTypeOptional?Description
operatorPartynoCo-signatory
originatingCustodianPartynoCustodian that transmitted the payload
intentIdTextnoBinds this attestation to a specific FXOrder
providerTextnoCODE, VERIFY_VASP, NOTABENE, TRUST, SYGNA, etc.
providerMessageIdTextnoProvider-opaque transmission ID for regulator lookup
payloadHashTextnoSHA-256 of the canonical IVMS 101 JSON transmitted
originatorVaspCodeTextnoMust match SenderInfo.originatingVASP.vaspCode
beneficiaryVaspCodeTextnoMust match ReceiverInfo.beneficiaryVASP.vaspCode
transmittedAtTimenoTimestamp from provider ACK
counterpartyAckAtOptional TimeyesOptional — recorded if the provider surfaces an ACK
Statute: APTCP Art. 10-5 + Enforcement Regs Art. 32-2; SFIA Art. 5-2(5) + Enforcement Decree Art. 10-10; FATF Rec 16 IN ¶7(b).

ComplianceClearance

Dual-signed officer attestation. Existence of an unexpired clearance contract is the attestation that alerts are resolved, KYC is verified, and sanctions are cleared — the officer verifies those preconditions off-ledger before co-signing. Signatories: operator + complianceOfficer.
FieldTypeOptional?Description
operatorPartynoCo-signatory
complianceOfficerPartynoDistinct party from operator (dual control)
intentIdTextnoBinds the clearance to a specific FXOrder
clearanceAtTimenoWhen clearance was granted
expiresAtTimenoShort TTL (default 1 hour) forces re-attestation
attestationTextTextnoFree-text attestation written to audit
alertSnapshotHashes[Text]noSHA-256 of each witnessed alert
Statute: APTCP Art. 11 / Art. 11-2 + JFSA AML Guidelines §III-2; SFIA Art. 5(3) + FSC AML Internal Control Notice; FATF Rec 18.

ComplianceAlert

Raised automatically by backend monitoring when thresholds / velocity / sanctions-hit triggers fire. BLOCK-severity alerts must be resolved via an STRFiling before settlement proceeds.
FieldTypeOptional?Description
operatorPartynoSignatory
complianceOfficerPartynoObserver; can exercise Resolve
intentIdTextnoFXOrder this alert is linked to
alertTypeAlertTypenoClassification
severitySeveritynoINFO, WARNING, BLOCK
thresholdDecimalnoConfigured threshold that tripped
observedDecimalnoObserved value
currencyTextnoCurrency of threshold / observed
createdAtTimenoAlert creation
resolvedAtOptional TimeyesSet via Resolve
resolutionOptional TextyesResolver’s notes
resolvedByOptional PartyyesWho resolved
strFilingCidOptional (ContractId STRFiling)yesRequired for BLOCK resolution (M-01)
Resolve choice fields (exercised by complianceOfficer): resolver, notes, resolvedAtTime, linkedFilingCid. The choice enforces the 72h raise-to-file SLA when severity is BLOCK. Statute: APTCP Art. 8 + Enforcement Regs Art. 28; SFIA Art. 4 + Enforcement Decree Art. 8; FATF Rec 20.

STRFiling

On-ledger record that a Suspicious Transaction Report was submitted to JAFIC (JP) or KoFIU (KR). Signatories: operator + complianceOfficer.
FieldTypeOptional?Description
operatorPartynoCo-signatory
complianceOfficerPartynoCo-signatory
intentIdTextnoFXOrder that triggered the STR
filingJurisdictionFilingJurisdictionnoJP_JAFIC or KR_KOFIU
filerIdTextnoRegistered compliance officer’s license ID
filedAtTimenoSubmission timestamp
externalReferenceIdTextnoRegulator-acknowledged submission ID
payloadHashTextnoSHA-256 of the submitted form (JSON or XML)
slaMetBoolnoRaise-to-file ≤ 72h?
Statute: APTCP Art. 8 (疑わしい取引の届出 → JAFIC); SFIA Art. 4 (의심거래보고 → KoFIU); FATF Rec 20.
  • Reporting — lifecycle narrative: when each field populates and what gate checks it.
  • Audit Trail — how the audit record accretes, retention, dossier retrieval.
  • Compliant Payments — the compliance thesis at a glance.