Articles on: Key Concepts

Intro to Core Systems

Every application on Mezzanine is built on a shared foundation of core systems. These are financial primitives, access controls, and administrative tooling that work seamlessly across the platform. Rather than each app developer rebuild things like treasury access, user roles, document storage, and notification handling from scratch, we’ve embedded these into a modular architecture available to every app by default. This means faster development, tighter security, and a more cohesive user experience. Our SDK makes these systems accessible and extensible, so teams can ship enterprise-grade apps that just work. Below are the core components that power every organization on Mezzanine.



Treasury & Banking


Reusable Financial Infrastructure for Every App

Mezzanine provides a shared, programmable treasury and banking layer that all applications—first-party or third-party—can rely on. This common foundation makes financial workflows consistent, secure, and composable across the platform. Developers no longer need to rebuild financial plumbing for each new application. Instead, they build once, plug in, and deploy with full access to enterprise-grade financial primitives.

1. Unified Treasury Integration

  • Every organization on Mezzanine has a native treasury that is visible, auditable, and governed by a multi-signature wallet (Safe).
  • Incoming funds (from users, customers, or donors) are received via public wallet addresses or through fiat rails (ACH, wire, card) connected by Mezzanine’s banking integrations.
  • Outgoing funds (for payments, payroll, reimbursements, grants, etc.) are proposed by applications and routed through the organization's Safe for approval and execution.

2. Built-in Multi-Sig Control (Self-Custodial)

  • All treasury actions are gated by customizable multisig logic, giving organizations full control over asset movement and access policies.
  • Mezzanine abstracts away the complexity of Safe setup and operation while allowing complete signer configurability (e.g. 2-of-3, 3-of-5, 5-of-7).
  • Organizations can add or remove Safe signers directly through the interface, maintaining total control without reliance on a third partyMezzanine Labs - Full F….

3. Onchain + Offchain Banking

  • Mezzanine integrates with fiat banking infrastructure, enabling money to flow in and out via ACH, wires, and cards—without apps having to manage bank relationships or compliance.
  • Through Bridge and partner APIs, Mezzanine supports seamless on- and off-ramping between stablecoins and fiat—allowing organizations to treat their crypto and bank accounts as interchangeable as checking and savingsMezzanine Labs - Full D….
  • This lets applications support both onchain-native users and offchain financial flows without adding friction.

4. Reusable SDK & Authorization Layer

  • Developers don’t need to rebuild treasury logic, wallets, or transaction authorization. With our SDK, apps can propose transactions that automatically integrate with the organization’s treasury and authorization logic
  • Each proposed transaction flows through Mezzanine’s access control and approval system. Organizations configure rules, thresholds, and roles once, and every app respects those rules out-of-the-box.

5. Universal Receipt Handling

  • Treasury APIs are symmetric—applications that send money and those that receive money all rely on the same infrastructure.
    • Example: A donation app knows where to send funds (the org treasury), and a payroll app knows how to propose a transfer out (to employees).
  • All receipts and transactions are logged in the organization's unified transaction history, accessible in both summary and granular form

6. Modular, Permissioned Composability

  • The treasury is a shared system but is governed per organization. This means each application can hook into treasury operations without violating organizational control or requiring new custody setups.
  • Developers gain composability without compromising security or governance—every financial action is bound by the org’s access policies.

7. Enterprise-Grade by Default

  • Treasury operations integrate with:
    • Contacts: Human-readable identifiers for payments and receipts
    • Documents: Generated receipts, agreements, and audit logs
    • Notifications: Event triggers and alerts for transaction proposals and approvals
    • History: Detailed transaction records across every application


Roles & Permissions


Roles and Permissions

Every enterprise system needs a way to determine who can do what. In the Web2 world, this is handled by access control tools like Google Admin, Okta, or Rippling. These platforms manage Identity and Access Management (IAM) through role-based access control (RBAC), ensuring the right people have the right permissions at the right time.

Mezzanine takes this concept one step further: we use public keys and smart contracts to enforce access control directly onchain. If you can prove control of a wallet with the correct credential, then you can take actions—whether that’s viewing documents, changing records, proposing transactions, or approving onchain transfers. There are no passwords to reset, no centralized systems to compromise, and no risk of rogue admins changing permissions behind closed doors.

At Mezzanine, roles and credentials are one of only two things stored onchain (the other being assets). This decision is deliberate: it guarantees that only the organization itself can modify its access settings. The result is a level of access control that exceeds Web2 standards, ensuring organizational integrity through mechanical enforcement, not just policy.

Core Roles

Mezzanine organizations start with a predefined hierarchy:

  • Signer – Holds the highest authority, can manage Admins
  • Admin – Can manage Support roles
  • Support – Can manage Members and any permissions granted by admins
  • Member – Have any permissions granted by admins
  • Public – what people can see if they have no credentials

Permissions are configured as a tree structure. This top-down hierarchy creates clear and auditable pathways of authority, while still allowing for flexibility and rapid delegation.

In the next version, organizations will be able to define custom roles and arbitrary groups that match their operating structure.

Onchain and Offchain Permissions

Permissions can grant access to both:

  • Onchain actions, such as moving assets or adding a signer
  • Offchain data, such as updating a CRM contact, editing a document, or issuing a payment

Each application added from the Mezzanine App Store can define its own permission set. Common permission types include:

  • Viewer – Determines whether the app appears in a user’s interface
  • Editor – Grants the ability to modify offchain data
  • Approver – Grants onchain signing or transaction approval rights

Built on Hats Protocol

Mezzanine’s permissioning is built on Hats Protocol, an open standard for onchain IAM. By using Hats, we guarantee portability, extensibility, and security. Any external system that recognizes Hats roles can interact with Mezzanine’s permission structure out of the box.

No Need to Rebuild

For developers, this means one simple thing: you don’t have to rebuild roles and permissions. Every app on Mezzanine inherits this shared architecture. Developers can focus on the logic of their product, not infrastructure. IAM works out of the box—across documents, contacts, transactions, and third-party integrations.



UI & UX


Mezzanine delivers a unified and consistent user interface across every application in the ecosystem. Because all apps are natively integrated into the platform, users experience seamless navigation, zero re-authentication friction, and a high degree of visual and functional cohesion.

Every application installed from the App Store appears directly in the organization’s navigation bar. There's no need to open a new tab, re-connect a wallet, or log in through a third-party domain. It all happens in one continuous interface—on a single screen, under a single session.

At the core of this experience is our shared component library. App developers have access to the same design system and UI kit used by Mezzanine itself, making it easy to build apps that look and feel native from day one. As a result, every third-party tool inherits the same professional-grade polish and consistent UX.

Additional UI/UX features include:

  • Embedded Wallets: First-time users receive a Privy wallet by default, reducing onboarding friction. Crypto-native users can connect any wallet and switch with ease.
  • Smart Prompts: If the user is on the wrong network or wallet, the app automatically prompts them to correct it, without breaking context.
  • App-Based Navigation: Organizations can toggle between installed apps in the nav bar. Each org can customize which apps are visible, with the ability to add or remove at any time.
  • No Context Switching: Whether managing compensation, reviewing documents, or approving payments, users stay within one cohesive interface.
  • Reusable UI Elements: Core components—like Contacts, Documents, Notifications, and Approvals—carry over into every app, reducing redundancy and learning curve.
  • Responsive and Intuitive: The platform is optimized for speed, clarity, and legibility across devices, networks, and organizational setups.

This level of UI and UX cohesion is rare in enterprise software, especially in crypto. It’s the difference between a platform that feels like an operating system and one that feels like a collection of fragmented tools. We chose the former.



Contacts & Documents


Mezzanine offers a universal system for managing Contacts and Documents across every application in the platform.

Contacts

Contacts are the connective tissue between apps. Whether you're issuing a payment, vesting tokens, sending an invoice, or onboarding a new teammate, you’re working with the same shared contact system.

  • Every contact entry supports: Name, Email, Public Address, and Type (Person, Organization, or AI Agent).
  • If you add a contact once, they’re available everywhere else, without re-entering their details
  • Contacts are human-readable, portable, and machine-parseable. You can import existing contacts or export your entire address book.
  • Contact entries are deeply integrated into our UI and app ecosystem, streamlining autofill, search, and labeling across your organization.

Contacts →

Documents

Documents are automatically generated or manually uploaded and persist across apps. These include contracts, receipts, payment records, compensation agreements, invoices, and more.

  • Every app that produces or requires documentation writes to the same canonical repository.
  • Generated documents (e.g. pay stubs, invoice PDFs, receipts) are standardized, timestamped, and verifiable.
  • Evergreen Documents are a special class of live, real-time reports. These include your Contact List, Balance Sheet, Invoice History, Payments History, and Compensation History. They update continuously and are formatted to be easily interpreted by humans—no need to use a block explorer or query raw data.

Documents →

Permissions

Document and Contact access are governed by our role-based access control (RBAC) system. Admins can provision permissions to view, edit, or act on documents and contacts. Support roles can be restricted to limited scopes. Since roles are stored onchain, access controls are immutable by design—only authorized roles can modify or access sensitive information, with better-than-Web2 guarantees.


Accounting & Bookkeeping


Every application in the Mezzanine App Store benefits from integrated accounting and bookkeeping services managed directly by the Mezzanine team and our vetted partners. By joining the platform, developers don’t need to reinvent financial reporting. We ensure that financial activity across all applications automatically flows into compliant, real-time accounting infrastructure.

Key Features:

  • Evergreen Financial Documents

Every organization on Mezzanine receives live, continuously updated documents—Balance Sheets, Compensation History, Invoice History, and Payment Records—that reflect the current financial state without requiring manual reconciliation.

  • Unified Onchain + Offchain Visibility

Our system aggregates both crypto wallet activity and traditional bank data (via integrations), offering a complete financial view across assets, liabilities, and cash flow. The Treasury Dashboard presents this information in a unified, real-time interface.

  • End-to-End Accounting Stack

Mezzanine supports full-stack accounting—from daily transaction logging to year-end financial statements and tax preparation. This includes:

    • General ledger support
    • Chart of accounts
    • Payroll and invoicing logs
    • Compliance-aligned records
    • Export-ready CSVs and document formats
  • Accountant and Lawyer Integration

Organizations can onboard trusted legal and accounting professionals—either from our certified partner network or their own—directly into their Mezzanine workspace. These service providers have permissioned access to view, generate, and verify documents based on role-based controls.

  • Audit-Ready by Default

All transactions executed through the platform—whether batch payments, salary payouts, reimbursements, or invoices—are automatically captured and linked to verifiable approvals via Safe multisig. Our ledger supports easy audit trails, and transaction histories are exportable in human-readable and machine-readable formats.

  • Tax Filing-Grade Infrastructure

For teams that need it, we offer integrations with tax specialists who can use your Mezzanine account to generate tax-ready filings—whether for LLCs, DAOs, or C-Corps—with full transparency and traceability.


Notifications & Logs


Every application built on Mezzanine has access to a unified event and alerting system. These notification and logging primitives can be used out-of-the-box by application developers, or customized by admins within each organization.

Event-Based Notifications

  • Each application defines key events (e.g. payment submitted, invoice issued, transaction failed, document signed).
  • Organizations can choose which events trigger notifications.
  • Notifications can be scoped by role, user group, or individual user.
  • Admins can enable or disable specific event alerts and configure them to escalate if unacknowledged.

Multi-Channel Delivery

  • We support multi-channel delivery, including:
    • Email
    • SMS (coming soon)
    • Webhook integrations or future channels (e.g., Slack, Discord).
  • Each user can manage their own personal notification preferences.

Audit Logs and Event History

  • Every event within Mezzanine is recorded in a comprehensive event log, creating a real-time audit trail across all applications.
  • This includes transactions, document changes, Safe authorizations, and configuration updates.
  • The logs are available through a visual dashboard and can be exported or queried by admins for compliance or internal reviews.

Security & Compliance

  • Logs are tamper-resistant and permissioned—ensuring that only authorized roles can view or audit historical records.
  • This system enables stronger internal controls and improves readiness for third-party audits, compliance checks, or legal reviews.

Updated on: 04/08/2025