Learn

INTRODUCTION

Getting Started

Performance meetssafety and privacy

GRVT is a custodial centralized exchange powered by ZK(zero knowledge) technology. We are first official Appchain on zkSync's Hyperchain and received an investment from Matter Labs, the creators of zkSync.

Testnet

https://testnet.grvt.io/

Mainnet

https://grvt.io/

Architecture Overview

GRVT's hybrid exchange architecture overview

GRVT adopts a hybrid architecture that matches and stores data off chain and provides smart contract level guarantees of their execution on chain. GRVT adopted this architecture to improve throughput by processing transactions off the Ethereum Mainnet.

Offchain

All user actions are initially processed off-chain by GRVT servers. Only actions impacting user funds, such as trades or account creation, are eventually pushed on-chain by GRVT. Non-fund-related actions, like KYC, remain off-chain. The GRVT servers forward relevant user actions to the GRVT chain. Key user actions that are pushed on-chain include transactions processed by the following:

• Matching Engine: Orders that are matched by the matching engine are sent on-chain
• Risk Engine: Liquidations are sent to the chain
• Account Management: Creation of entities such as trading accounts or addition of wallets that can use funds
• Fund Management: Internal and external transfer of funds

Onchain

A subset of the off chain actions are pushed to the GRVT chain. These actions are then published as zero-knowledge proofs to verify off-chain transactions on Ethereum.

• Trade Settlement: Matched orders are settled on chain
• Risk Engine Validation: Liquidations are validated on chain as being fair based on smart contract logic
• Account Management Validations: Account Management actions are validated on chain
• Fund Management: Fund transfers are validated and settled on chain

GRVT Native Deposit Contracts

• GRVTBridgeProxy
  Contract address used for depositing native tokens:
  0xE17aeD2fC55f4A876315376ffA49FE6358113a65

• L1NativeTokenVault
  Contract that holds the deposited funds:
  0xbed1eb542f9a5aa6419ff3deb921a372681111f6

When you deposit native tokens through GRVT, you’ll interact with GRVTBridgeProxy, while your assets will ultimately be stored in the L1NativeTokenVault.

---

CORE CONCEPTS

Accounts and Users

Funding Account

Funding accounts are the highest level on-chain identity in GRVT. The purpose of the funding account is primarily fund management. They process deposits, withdrawals, external Transfers to other funding accounts and internal transfers to linked trading accounts.

Trading Account

Each funding account can link to multiple trading accounts. To trade derivatives, you must transfer funds from your funding account to a specific trading account.

Users

In the case of individual accounts, each account has a maximum of one user. The user has access to all the linked trading accounts.

In the case of business accounts, each account can have one or more users. User can have accessto the funding account and/or trading trading accounts separately depending on their permissions.

User Identifiers

One User, One Email, One Wallet

In GRVT, each user must register both Web2 and Web3 credentials.

Web2 Credentials (Emails)

Each user must sign up via email with a password setup or Google/Microsoft OAuth. This grants access to non-trading features such as completing your KYC, referrals, and more. It also allows you to view your portfolio and positions.

Web3 Credentials (Wallets)

Each user must then register a wallet on GRVT to enable trading features. Only trades signed with registered wallets can be executed by our trading engine. Additionally, actions that affect the ownership of your assets, such as trading, require a registered wallet.

Credential Type	Identifier (Sample)	Secret	Use Case
Web2	email (e.g., [email protected])	password/OAuth	Read + Write (No Trading)
Web3	public key (e.g., 0xb794f5ea0ba39494ce839613fffba74279579268)	private key	Own, Sign Trades

Account Identifiers

The on-chain Funding AccountID matches the wallet address that created the account. Business accounts can have multiple users, each with their own wallet linked to the funding account.

Individual Account Representation

Business Account Representation

Funding Account Off-Chain Representation (Read + Write)

Off-Chain accountIDs	Off chain user email addresses
ACC:2aO9cE9kJkah16urpA7DQKPOEdx	[email protected]
ACC:2aO9cE9kJkah16urpA7DQKPOFxk	[email protected]
ACC:2aO9cE9kJkah16urajkDQKPOEdx	[email protected], [email protected]

Funding Account On-Chain Representation (Own)

On-Chain accountIDs	On-Chain user wallets
0xb794f5ea0ba39494ce839613fffba74279579268	0xb794f5ea0ba39494ce839613fffba74279579268
0xdB055877e6c13b6A6B25aBcAA29B393777dD0a73	0xdB055877e6c13b6A6B25aBcAA29B393777dD0a73
0x40b38765696e3d5d8d9d834d8aad4bb6e418e489	0x40b38765696e3d5d8d9d834d8aad4bb6e418e489, 0xe92d1a43df510f82c66382592a047d288f85226f

API Keys

API keys for programmatic trading

API Keys are only registered at Trading Account level with trade only permissions. Each API key needs to be tagged to a valid Ethereum public address.

How to authenticate using API keys?

• You will receive a session token by authenticating against your API key. This session token must be used then used in your read and write requests.

How to authorize transactions using API keys?

• Each API key must be tagged to a valid Ethereum address. There are two ways of doing so
• Input (Secure): You possess a public/private key pair. You provide the public address, while only you have access to the secret private key.
• Generate (Convenient): The GRVT front-end client generates a public/private key pair in your browser and allows you to copy the secret private key. GRVT does not store the private key after it is generated.
• The Secret Private key must be used to sign orders using EIP-712 signing method.

Mapping of API Keys to Trading Accounts

Learn more: Video Explanation

PBAC for Business Accounts

Permission Based Access Control for Business Accounts

Funding Account Permissions

There are four permissions on a Business funding account. Only those with a Funding Admin role are able to assign permissions to others.

Permission	Permissions
Funding Admin	Highest permission in the exchange, that supersedes all other permissions Can create Trading Accounts Can trigger actions need to meet a multi-signature threshold like adding users to funding account, or adding a withdrawal/transfer address
Internal Transfer	Can transfer funds from the Funding Account to associated Trading Accounts
External Transfer	Can transfer funds to other funding accounts within GRVT if these accounts are in the transfer address book
Withdrawal	Can withdraw funds to pre-approved Layer 1 wallets

Trading Account Permissions

Permission	Access
Trading Admin	Can add users to their Trading Accounts. Inherits "Trade" and "Transfer" permissions
Trade	Can trade from the given Trading Account
Transfer	Can internally transfer funds to Funding Account or other trading accounts within the same Business Account

Visual Representation of Permission Based Access Control for Business Accounts

Multi-signature Admin Operations

Multi-signature operations for Business Account

Privileged operations on the Business Funding Account, like onboarding new users or adding withdrawal wallets, require multi-signature approvals. Only those with the Funding Admin roles are authorized to approve these actions.

Funding Admin can set custom thresholds, such as ⅔ (indicating two out of three Admins must sign off on the action) for these approvals.

Admin Operations

1. Adding/editing permissions of users the Funding Account
2. Setting a new multi-sig threshold
3. Adding/Removing eligible wallets in the Withdrawal Address Book for withdrawals
4. Adding/Removing funding account addresses in the Transfer Address Book for external transfers

---

HELP CENTER

Contact Support