ERC-1400

ERC-1400 is a suite of Ethereum security token sub-standards authored by Polymath, submitted as EIP-1400 in 2018. Status: Last Call (never reached Final). The standard comprises four interconnected EIPs that together define a comprehensive security token interface. COMPONENT STANDARDS ERC-1410 — Partially Fungible Token (Partition Model) Core concept: a single token can have multiple "partitions" — distinct buckets with their own transfer rules and potentially different rights. Key functions: - balanceOfByPartition(bytes32 partition, address account) → uint256 - transferByPartition(bytes32 partition, address to, uint256 amount, bytes data) → bytes32 Returns the partition the tokens ended up in after transfer. - operatorTransferByPartition(bytes32 partition, address from, address to, ...) - partitionsOf(address account) → bytes32[] - totalPartitions() → bytes32[] The partition bytes32 value is issuer-defined. Common patterns: keccak256("equity-class-a"), keccak256("debt-senior-tranche"), or structured bytes encoding jurisdiction codes. ERC-1594 — Core Security Token Issuance, redemption, and transfer restriction interface. Key functions: - issue(address to, uint256 amount, bytes data) — controlled minting - redeem(uint256 amount, bytes data) — token holder redemption - redeemFrom(address from, uint256 amount, bytes data) — operator redemption - canTransfer(address to, uint256 amount, bytes data) → (bool, bytes1, bytes32) Returns: (isValid, statusCode, partition). statusCode follows ERC-1066 standard. This is the original pre-flight compliance check function; ERC-7943 canTransact is a direct descendant. - canTransferFrom(address from, address to, uint256 amount, bytes data) → (bool, bytes1, bytes32) - isIssuable() → bool — whether the token can accept new issuances - isControllable() → bool — whether controller override is active ERC-1643 — Document Management Attaches legal documents to the token contract by URI + content hash. Key functions: - setDocument(bytes32 name, string uri, bytes32 documentHash) - getDocument(bytes32 name) → (string, bytes32, uint256) — returns (uri, hash, timestamp) - removeDocument(bytes32 name) - getAllDocuments() → bytes32[] Use cases: attach prospectus, subscription agreement, legal opinion, CUSIP, LEI ERC-1644 — Controller Token Operations Defines forced transfer and freeze authority for the controller (transfer agent) role. Key functions: - controllerTransfer(address from, address to, uint256 amount, bytes data, bytes operatorData) Forced transfer with dual data fields: investor-facing and operator-facing. - controllerRedeem(address from, uint256 amount, bytes data, bytes operatorData) - isControllable() → bool Events: ControllerTransfer, ControllerRedemption ROLES - Issuer/Owner: deploys contract, manages controller list, sets issuance rules - Controller: authorized for controllerTransfer and controllerRedeem; maps to transfer agent - Operator: ERC-20/ERC-777 operator concept applied per-partition TRANSFER STATUS CODES (ERC-1066) ERC-1400 uses ERC-1066 single-byte status codes for canTransfer responses: 0x50 — Transfer Verified (success) 0x51 — Transfer Pending 0x52 — Token Granularity — amount doesn't meet minimum 0x53 — Insufficient funds 0x54 — Funds Locked (frozen) 0x55 — Insufficient Transfer Allowance 0x56 — Invalid Sender 0x57 — Invalid Receiver 0x58 — Invalid Operator 0x59–0x5F — Reserved / Custom INTEROPERABILITY CHALLENGES Because ERC-1400 is a suite rather than a single interface, and because many implementations only partially implement the suite, interoperability in practice requires discovery of which sub-standards a given token implements. The ERC-1643 document functions allow self-description. Many platforms that nominally "support ERC-1400" implement only ERC-1594 (core transfer restrictions) and skip ERC-1643 (document management) or ERC-1410 (full partition support). UPGRADE PATH No built-in upgradeability in the base specification. Some implementations use proxy patterns (OpenZeppelin Transparent Proxy or UUPS) layered on top. Compliance logic is embedded in the token contract or in a controller contract; upgrading requires either a proxy upgrade or token migration. STATUS NOTE EIP-1400 reached Last Call but not Final. Polymath has not actively maintained the EIP since 2019-2020. The standard is effectively frozen in its Last Call state — stable for existing deployments but not receiving active development.

Partition model (ERC-1410): single contract manages multiple security classes (tranches, share classes) with per-partition transfer rulesPre-flight compliance check (canTransfer): standardized function for UI and smart contract pre-validation before transfer submissionDocument management (ERC-1643): attach legal documents (prospectus, subscription agreement) to the token by URI and content hashController operations (ERC-1644): forced transfer and redemption authority for transfer agent functionERC-1066 status codes: standardized single-byte transfer status codes for machine-readable compliance feedbackHistorical ecosystem: large body of audited implementations, developer tooling, and platform integrations from 2018-2022

ERC-1400 was designed with US securities regulatory requirements more explicitly in mind than ERC-3643. The controller model maps directly to the transfer agent function under Section 17A of the Securities Exchange Act — a single authorized entity with the technical ability to perform forced transfers and redemptions. The document management interface (ERC-1643) maps to the obligation to maintain shareholder records with associated legal documentation. The canTransfer status codes provide a machine-readable compliance feedback layer useful for ATS connectivity. The partition model supports Regulation S / Regulation D segmentation: a single token can have different partitions for US-accredited investors and non-US investors, each with its own transfer restrictions and holding period locks. Polymath built an early relationship with US-focused securities platforms specifically around this regulatory alignment. ERC-1400 has been used in US exempt securities offerings including tokenized real estate and private equity fund interests. The main regulatory gap is the absence of a standardized identity layer — implementers must build their own KYC/AML connection.

ERC-1400 was the dominant security token standard for US-adjacent deployments from approximately 2018 to 2022. Key deployers included: Securitize (early infrastructure before building proprietary DS Protocol), TokenSoft (now Trident Digital), and tZERO. Several real estate tokenization platforms (Harbor, before it shifted strategy) and fund tokenization providers built on ERC-1400. Polymath's own Polymesh blockchain was eventually built as a security-token-specific chain that draws on ERC-1400 concepts but moves beyond the Ethereum implementation. As of 2025, ERC-1400 is primarily relevant for: (1) maintaining existing issuances deployed on the standard, (2) platforms with significant sunk cost in ERC-1400 infrastructure, and (3) developers studying the lineage of security token interface design.

Never reached Final EIP status: Last Call only; governance is effectively frozen with Polymath as de facto but inactive maintainerSuite complexity: full compliance requires implementing four sub-EIPs (ERC-1410, ERC-1594, ERC-1643, ERC-1644); partial implementations undermine interoperabilityNo native upgradeability: compliance logic changes require proxy patterns layered on top or full token migrationEthereum-only: no multi-chain architecture in the specificationSuperseded for new builds: ERC-7943 and ERC-3643 have addressed most of ERC-1400's limitations for new issuances; ERC-1400 is primarily relevant for maintaining existing deployments