Articles on: Core Systems

Groups

Groups are how Mezzanine organizations manage roles and delegate authority. Every group—Signers, Admins, Support, Members, and Public—has a distinct level of access, structured in a cascading tree. Privileges are tied directly to wallet addresses, enforced onchain, and governed by your organization’s approval rules.



Features and What to Know

  • Tree-Based Hierarchy: Signers sit at the top. They can add Admins, who can add Support roles, and so on. Each group has increasing scope, but decreasing authority.
  • Customized Permissions: based on your role(s), you get granular permissions set in the Permissions section.
  • Onchain Permissions: Group memberships are onchain credentials, assigned to public addresses. There’s no password or username—control of the wallet is the key to access.
  • Approval-Based Changes: Adding or removing a Signer or Admin requires approval from your organization’s multisig, according to your configured threshold.
  • Real-Time Access Control: The system checks wallet permissions dynamically, ensuring only authorized users can view, edit, or execute specific actions.
  • Integrated Across Apps: Every application respects group-based permissions. Whether it's issuing payments, viewing compensation, or managing documents, access is role-aware.
  • Public Group: The “Public” group has the lowest level of access, useful for publishing information that anyone can see—even outside your team.

Roles & Permissions →


Signers

Signers are the most powerful role in a Mezzanine organization. They hold the keys to the treasury—literally. To move money, approve major changes, or promote someone into a higher role, Signer approval is required.

Think of Signers like a board of directors for your wallet. They decide who gets added or removed from the group, and they can adjust the threshold of how many approvals are needed for sensitive actions (like requiring 2 of 3 signers instead of just one). This threshold-based model ensures important decisions require consensus.

Signers can:

  • Approve transfers from the organization’s treasury
  • Add or remove other Signers
  • Adjust the signing threshold (e.g. 2-of-3)
  • Promote Admins or downgrade roles

Because these decisions have real consequences—like moving funds or granting control—every Signer action is enforced onchain and visible to your organization. That makes Signers both powerful and accountable.


Admins

Admins have near-total control of the organization—except when it comes to moving money. They’re the operational leads, trusted with configuring settings, managing apps, inviting teammates, and overseeing daily functions. Admins are added and removed by Signers, and they can delegate authority by promoting users into Support or Member roles.


Support

Support roles are typically filled by people who assist the organization: accountants, lawyers, consultants, or trusted advisors. They have deeper access to the organization’s tools and documents, often with permission to read and write across most apps. Support roles are granted by Admins and can, in turn, add Members.


Members

Member roles are ideal for flatter organizations or communities that value transparency. While Members don’t have the ability to change settings or manage others, they are often granted read-only access to internal tools. This helps projects share operational visibility with contributors, token holders, or internal stakeholders without compromising control.


Public

The Public group isn’t a role—it’s a visibility setting. It allows an organization to share parts of its workspace with anyone, no wallet required. Public access is useful for teams working on public goods, nonprofit efforts, or community projects where radical transparency is part of the mission. Any application configured for public access becomes viewable by the outside world—no login, no permission needed.

Updated on: 04/08/2025