Issuing a Token

The Token Manager program is compatible with the vast majority of Solana NFTs, including all Metaplex master editions and editions.
To initialize a token-manager, the issuer must be owner of the NFT mint being issued. Then, from the relevant NFT, a PDA is derived from the public key of the NFT’s mint account to store specific data including clawback rights, expiration, transferability, payment rate, and state (initialized, issued, claimed, or invalidated).
The issuer can choose to set
  • Claim approver - the authority who can approve someone to claim the token from escrow
  • Transfer authority - the authority who can approve transfers of the token
  • Invalidators - One or more accounts who can invalidate the token-manager
The cardinal protocol supports arbitrary plugins for any of the above. A simple example is a paid-claim approver that requires a fixed payment to claim the token, coupled with a time-based invalidator that invalidates the token manager after a specified duration. Rentals are an intuitive use case for this combination of plugins - see our documentation for implementation details.
An escrow token account for the mint is created to store the token after it is issued. Once issued, the state is set to “issued”.
After being claimed out of escrow, the token is transferred to the claiming party. It's new host token account is simultaneously delegated to the token-manager and frozen by the program to cement the delegacy. Finally, the token manager's state is set to “claimed”.
It is worth noting that the program also supports token manager-governed issuance for fungible tokens using a slightly nuanced model. Most of the aforementioned instruction flow is the same in the FT case with the exception of the PDA derivation which uses the token account rather than the mint account. This allows for multiple certificates to be outstanding for a given mint at once.