Institutional authorization layer

Luvion

Decentralized high-threshold MPC authorization for institutional digital asset operations.

Start a conversation View GitHub Follow Luvion

Why now

The key is not only where assets are stored. It is who can authorize movement.

Recent incidents keep pointing to the same operational gap: private-key custody, multisig UI, and smart-contract admin rights are not enough when authorization itself lacks strong separation, threshold discipline, and reviewable evidence.

01

Signer concentration

Low-threshold multisigs can still fail when a small set of signers, devices, or workflows are compromised.

02

Opaque approval context

A signature alone often does not prove whether the underlying request, policy, committee, and risk path were valid.

03

Admin action risk

Mint, upgrade, treasury, bridge, and emergency controls need stronger authorization than ordinary wallet transfers.

Product surface

From protocol core to an integration layer for institutional teams.

The current implementation supports technical review of the core threshold-signing path. The product surface is being shaped as SDK/API integration, signing-session orchestration, and evidence export for design partners.

First product direction

Authorization infrastructure, not another wallet interface.

Luvion is aimed at teams that already operate treasuries, protocol admin keys, bridges, mint/burn roles, or institutional digital asset workflows and need stronger authorization before execution.

  • SDK / APIStructured authorization requests for teams that want to embed Luvion into existing operations.
  • Session engineHigh-threshold committee participation, challenge generation, partial responses, aggregation, and verification.
  • Evidence packageReadable records of request context, policy path, committee participation, and final signing result.
  • Integration pathSui-first MVP is in progress; the market scope remains broader institutional digital asset operations.

Build with Luvion

A developer-facing path for high-threshold authorization flows.

The website should make the technical path visible: what to build, what to review, and what is not production-ready yet. This mirrors the clarity of mature protocol companies without overstating Luvion's stage.

01

Luvion Core

Rust protocol core for threshold ML-DSA signing, DKG/VSS, resharing, view change, and orchestration review.

02

Luvion Sessions

Product layer for turning treasury, mint, upgrade, and bridge actions into policy-bound signing sessions.

03

Luvion Evidence

Readable output for operators, auditors, and investors: request context, committee path, and verification result.

04

Luvion SDK

Planned integration surface for teams that want to embed authorization requests into existing workflows.

05

Sui Adapter

In-progress MVP path for Sui-first integration while the market scope remains broader than one ecosystem.

Protocol shape

Luvion turns critical operations into policy-bound signing sessions.

Instead of treating authorization as a final click, Luvion models each high-value action as a session with request data, policy checks, decentralized committee participation, threshold signing, and audit-ready output.

1

Request

A treasury transfer, mint, upgrade, or bridge action enters as a structured authorization request.

2

Policy

The request is checked against context such as asset type, destination, amount, role, and operational intent.

3

Committee

Signing power is distributed across a high-threshold participant set rather than a small static signer group.

4

Evidence

The output is designed to explain what was authorized, by which committee path, and under which policy conditions.

System view

Decentralized authorization before execution.

Luvion is not positioned as another consumer wallet. The first product direction is an infrastructure layer for teams that already manage valuable on-chain operations and need a stronger authorization primitive.

01 Request

Structured critical action enters Luvion before execution.

02 Policy

Amount, role, destination, asset, and operation intent are checked.

03 Committee

Authorization is distributed across a high-threshold participant set.

04 Signing

Partial responses are aggregated into a verifiable threshold signature.

05 Evidence

The session creates a reviewable authorization record.

06 Execution

Approved operation can move to the target chain or system path.

Architecture

One authorization layer, multiple operational entry points.

The architecture story should be explicit: where requests enter, where policy is evaluated, where committee signing happens, and what evidence leaves the system.

InputTreasury transfer
InputProtocol upgrade
InputMint or burn
Luvion session Policy-bound high-threshold MPC authorization
OutputThreshold signature
OutputSession proof package
OutputAudit-readable trace

Initial use cases

Built for the operations where a bad signature is catastrophic.

The first design-partner conversations should focus on institutional workflows where security budgets already exist and where decision evidence matters.

A

Treasury transfer approval

A foundation or protocol team requires stronger authorization before moving treasury assets to a new destination.

B

Stablecoin mint / burn control

An issuer needs mint and burn actions to pass a higher-threshold authorization path with reviewable evidence.

C

Protocol upgrade authorization

A ProxyAdmin or security committee action should require stronger separation than a small signer set.

D

Bridge operator key rotation

Validator, operator, or route changes can be treated as high-risk sessions before the execution path is touched.

Demo

The current demo proves the core signing path, not production custody.

For technical and investor review, the local demo shows a full request-to-verification flow in a deterministic environment. It is useful for proving protocol mechanics, not for making a production security claim.

  • inputnew high-value authorization request
  • round 1participants create commitments
  • challengecoordinator binds public key, commitment, and message
  • round 2accepted partial responses are aggregated
  • resultthreshold signature verifies successfully
Review boundary

Available for qualified review.

The demo uses synthetic local shares and a pre-audit codebase. External security review and production hardening remain required before deployment.

Request demo materials

Docs and review

Give developers and investors a clear next step.

Until the SDK/API is production-ready, the public path should be honest: read the code, review the whitepaper, request demo materials, and talk to the team about pilot scope.

Read the core repo

Implementation status, security boundary, and runnable demo live in the protocol repository.

Open GitHub

Review the deck

Investor-facing context for problem, market, product direction, current stage, and funding path.

Open deck

Request demo materials

Qualified reviewers can request the demo video, technical notes, and pilot discussion materials.

Email Luvion

Follow updates

Short product updates, incident analysis, and technical progress will be published through X.

Open X

Current stage

Prototype first. Audit next. Pilots with the right partners.

We keep the public claims precise: Luvion has a running core protocol demo, is not yet production or audited, and is moving toward a Sui-first MVP and external security review.

Available

Core protocol demo

A local deterministic demonstration of the high-threshold signing path for investor and technical review.

Available

Whitepaper-code mapping

Core modules map to signing, Lagrange logic, DKG/VSS, resharing, view change, orchestration, and network facades.

In progress

Sui-first MVP integration

The first productized path is being shaped around critical digital asset operations rather than consumer wallet traffic.

Planned

External security review

Formal review is part of the financing plan before any production security claim is made.

Boundary

Pre-audit, non-production

No third-party audit, production deployment, or ECDSA/secp256k1 backend claim is made at this stage.

Go-to-market

Start with technical design partners, then expand through security-reviewed deployments.

The commercial path is B2B: design-partner pilots, SDK/API integration, enterprise support, and security-driven deployment support for teams managing valuable digital asset workflows.

Design partners

Teams with real treasury, admin, bridge, or mint/burn authorization pain points.

Security reviewers

Security reviewers who can validate the cryptographic design, implementation assumptions, and review scope.

Ecosystem integrators

Infrastructure teams that can help turn the core protocol into practical deployment paths across institutional workflows.