Overviews

Stablecoin Custody

Tesser provides both non-custodial and third-party custodial options for financial institutions to hold and manage stablecoins. We generally recommend a non-custodial model (also called self-custodial) to eliminate dependency on third-party custodians and maintain full operational control. In the self-custodial model, you or your customer is the owner and custodian of the provisioned wallet. This section covers non-custodial (self-custodial) wallets.

Wallet Security

Tesser provides enterprise-grade security with a non-custodial architecture, meaning:

Who can custody: Either your organization or your customers can be the custodians of wallets Tesser provisions. Typically, your organization will custody all the wallets, whether you opt to have a few omnibus wallets for all originator activity or establish one wallet per originator, or a combination of the above.
You maintain control: Tesser cannot move your funds without your or your customer’s authorization. For wallets custodied by your customer, your customer can delegate access and authorization for payment instructions to your organization.
Private key isolation: Raw private keys are never exposed to Tesser, your software, or your team.
Secure enclaves: Private API keys are generated and used for access to the wallet. These keys are generated and stored in hardware-isolated secure enclaves.

Wallet Provisioning

During integration, wallets can be created for your team to support testing. Certain payment operations are gated until full production approval is granted.

Once in production, wallets can be provisioned on-demand for omnibus treasury management purposes or per customer.

Retrieve wallets:

Code
 
curl -X GET https://api.tesser.xyz/wallets \
  -H "Authorization: Bearer your-access-token"

Each wallet includes id, workspace_id ,address (and one or more associated token addresses ata_addressfor Solana), and friendly name . Optionally, wallets can be assigned to a counterparty by specifying a counterparty_id . Wallets can hold balances in more than one stablecoin, denominated by currency_symbol, and operate on one or more network, denominated by network .

Last modified on February 24, 2026

Compliance and Risk Management Liquidity Providers

Wallet Security

Tesser provides enterprise-grade security with a non-custodial architecture, meaning:

Who can custody: Either your organization or your customers can be the custodians of wallets Tesser provisions. Typically, your organization will custody all the wallets, whether you opt to have a few omnibus wallets for all originator activity or establish one wallet per originator, or a combination of the above.
You maintain control: Tesser cannot move your funds without your or your customer’s authorization. For wallets custodied by your customer, your customer can delegate access and authorization for payment instructions to your organization.
Private key isolation: Raw private keys are never exposed to Tesser, your software, or your team.
Secure enclaves: Private API keys are generated and used for access to the wallet. These keys are generated and stored in hardware-isolated secure enclaves.

Wallet Provisioning

During integration, wallets can be created for your team to support testing. Certain payment operations are gated until full production approval is granted.

Once in production, wallets can be provisioned on-demand for omnibus treasury management purposes or per customer.

Retrieve wallets:

Code

curl -X GET https://api.tesser.xyz/wallets \
  -H "Authorization: Bearer your-access-token"

Last modified on February 24, 2026