TOPASS tokens represent access rights to various assets. It can be for example access to content on a website or right of admission to a concert. The applicability of our tokens is much greater. Most importantly, the issuance, delivery, use and validation of the token is done online using a public Blockchain platform.

Before we start discussing how our tokens work, we should explain what roles we can distinguish here:

  1. TOPASS platform administrator – by default we play this role. The administrator pays all costs related to the use of the Blockchain platform. If for some reason business model requires someone else to play this role we are ready for such eventuality.
  2. Issuer of the TOPASS token – entity which grants access rights e.g. website owner who issues token for its user
  3. Recipient of a TOPASS token – this is an entity which acquires access rights, e.g. the above-mentioned website user



Process of issuing and delivering TOPASS token

  1. Administrator grants access to Issuer to the TOPASS platform
  2. Issuer creates token by defining its parameters:
    • name, visible after the token is added to the wallet
    • description, visible from the wallet level
    • recipient wallet address (optional)
    • PIN (optional), allows protection against unauthorized use of the token
    • expiration date (optional), allows for limiting the use of the access right granted with the token to a specific date
    • other parameters
  3. MetaData tokens are stored on a durable medium
  4. Administrator generates/mints TOPASS token with QR code and provides token ID to the Issuer
  5. Issuer delivers the token to the Recipient
  6. The Recipient can import the token into a wallet (this is required for physical access rights e.g. entry to concerts, matches, conferences and other events at a real venue)
  7. The recipient uses the token by using it to log in to a website or participate in an event
  8. The administrator verifies each time the possibility of using the token online, and gives such a possibility for on-site events (in the wallet the token is visible as a QR code, which can be scanned with a smartphone camera. Once scanned, a website will open with information about the token including whether it is valid and what asset it relates to)


Token verification is also possible via API, which enables integration with user authentication modules in web applications. The API also allows you to generate and use the token.