--- eip: 8040 title: ESG Tokenization Protocol description: Environmental, Social, and Governance (ESG) asset tokenization with metadata, attestations, and lifecycle integrity. author: Leandro Lemos (@agronetlabs) discussions-to: https://ethereum-magicians.org/t/erc-8040-esg-tokenization-protocol/25846 status: Draft type: Standards Track category: ERC created: 2025-09-06 requires: 20, 721, 1155 --- ## Abstract This ERC defines an overlay interface and metadata schema for representing Environmental, Social, and Governance (ESG) assets with existing token standards. Compliant contracts expose ESG metadata through a token-specific URI and an optional on-chain metadata view, record attestations as cryptographic digests, and emit events when assets are minted, audited, attested, or retired. The interface is intended to be implemented alongside [ERC-20](./eip-20.md), [ERC-721](./eip-721.md), or [ERC-1155](./eip-1155.md) so that ESG assets can keep their normal transfer semantics while adding machine-readable lifecycle state. ## Specification The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", "NOT RECOMMENDED", "MAY", and "OPTIONAL" in this document are to be interpreted as described in [RFC 2119](https://www.rfc-editor.org/rfc/rfc2119) and [RFC 8174](https://www.rfc-editor.org/rfc/rfc8174). This ERC is an overlay for tokenized ESG assets. Implementations maintain normal token ownership and transfer behavior through a base token standard, and add this ERC's functions for ESG metadata retrieval, audit recording, attestation recording, and retirement. Each token has a lifecycle status of `issued`, `audited`, or `retired`. ### Metadata Structure Tokens MUST expose a metadata JSON document with the following minimum fields. Implementations MUST make this document available from `esgURI(uint256 tokenId)`. Implementations MAY also return the same values through `getMetadata(uint256 tokenId)` when storing the metadata on-chain. ```json { "standard": "ERC-8040/1.0", "category": "carbon", "geo": "BR-RS", "carbon_value": 12.5, "cycle": "2025-Q3", "digest": "sha3-512:...", "physical_id": "seal:XYZ123", "attestation": { "atf_digest": "sha3-512:...", "signer": "did:atf:ai:..." }, "status": "issued|audited|retired", "evidence": "cid:Qm..." } ``` The `standard` field identifies the metadata version. The `category` field describes the ESG asset class. The `geo` field identifies the geographic area for the asset. The `carbon_value` field represents the asset value for carbon assets. The `digest`, `physical_id`, `attestation`, and `evidence` fields bind the token to source records, external attestations, and supporting documentation. The `status` field records the lifecycle state. ### Smart Contract Interface Contracts implementing this standard MUST support the following interface: ```solidity pragma solidity ^0.8.0; interface IERC8040 { /// @notice Metadata structure for Environmental, Social, and Governance tokens. /// @dev Digest fields use bytes to support SHA3-512 values without truncation. struct Metadata { string standard; string category; string geo; uint256 carbon_value; string cycle; bytes digest; // SHA3-512 digest of the metadata or source document. string physical_id; Attestation attestation; string status; string evidence; } /// @notice Attestation structure for an external audit or validation result. /// @dev atf_digest is a SHA3-512 digest of the attestation record. struct Attestation { bytes atf_digest; string signer; } /// @notice Mints a new ESG token with provided metadata. /// @dev The caller MUST be authorized by the implementation to issue ESG assets. /// The initial lifecycle status MUST be issued. /// @param metadata The ESG metadata structure. /// @return tokenId The ID of the newly minted token function mintESGToken(Metadata memory metadata) external returns (uint256 tokenId); /// @notice Records an audit for an existing ESG token. /// @dev The caller MUST be authorized by the implementation to audit ESG assets. /// The lifecycle status MUST become audited after a successful audit. /// @param tokenId The token to audit. /// @param auditDigest SHA3-512 digest of the audit report. function auditESGToken(uint256 tokenId, bytes memory auditDigest) external; /// @notice Retires an ESG token permanently. /// @dev The caller MUST be the token owner, an approved operator, or otherwise /// authorized by the implementation. Retired tokens MUST NOT be reactivated. /// @param tokenId The token to retire. /// @param reason Human-readable retirement reason. function retireESGToken(uint256 tokenId, string memory reason) external; /// @notice Returns the ESG metadata Uniform Resource Identifier (URI) for a token. /// @param tokenId The token ID. /// @return The URI string pointing to the metadata JSON document. function esgURI(uint256 tokenId) external view returns (string memory); /// @notice Returns the complete on-chain metadata for a token. /// @param tokenId The token ID. /// @return The complete Metadata structure. function getMetadata(uint256 tokenId) external view returns (Metadata memory); /// @notice Emitted when a new ESG token is minted. /// @param tokenId The ID of the minted token. /// @param category The ESG category, such as carbon. /// @param geo Geographic identifier, such as an ISO 3166-2 subdivision code. event Minted(uint256 indexed tokenId, string category, string geo); /// @notice Emitted when an ESG token is audited. /// @param tokenId The ID of the audited token. /// @param auditDigest SHA3-512 digest of the audit report. event Audited(uint256 indexed tokenId, bytes auditDigest); /// @notice Emitted when a token receives an external attestation. /// @param tokenId The ID of the attested token. /// @param atfDigest SHA3-512 digest of the attestation record. /// @param esgURI The URI of the ESG metadata. event Attested(uint256 indexed tokenId, bytes atfDigest, string esgURI); /// @notice Emitted when a token is permanently retired. /// @param tokenId The ID of the retired token. /// @param timestamp The retirement timestamp. /// @param reason Human-readable retirement reason. event Retired(uint256 indexed tokenId, uint256 timestamp, string reason); } ``` ### JSON-RPC Example ```json { "method": "eth_call", "params": [ { "to": "0xContractAddress", "data": "0x..." } ], "example_metadata": { "category": "carbon", "geo": "BR-RS", "carbon_value": 12.5, "digest": "sha3-512:abc123def456...", "attestation": { "atf_digest": "sha3-512:xyz789...", "signer": "did:atf:ai:validator-001" } } } ``` ### Mapping & Compatibility This ERC does not replace [ERC-20](./eip-20.md), [ERC-721](./eip-721.md), or [ERC-1155](./eip-1155.md). A compliant contract implements this ERC in addition to at least one base token standard. - [ERC-20](./eip-20.md): Each unit represents a standardized fraction, such as 1e18 units representing one metric tonne of carbon dioxide equivalent (tCO2e). - [ERC-721](./eip-721.md): Single credit with unique `esgURI` and immutable metadata. - [ERC-1155](./eip-1155.md): Homogeneous batch with common URI, metadata, and fungible amounts. ## Rationale - **Deterministic flows**: Lifecycle follows strict state transitions (`issued` to `audited` to `retired`). - **Immutable metadata**: SHA3-512 digests bind metadata and evidence documents to the token record. - **Machine-verifiable audit trails**: Attestation digests and events allow off-chain systems to verify audit records deterministically. - **Post-quantum readiness**: SHA3-512 hash functions provide preimage resistance suitable for long-lived audit records. - **Full hash storage**: Using bytes instead of bytes32 allows complete SHA3-512 digest storage (64 bytes). ## Security Considerations 1. **Metadata immutability**: All metadata fields MUST be cryptographically sealed after minting. 2. **Validation independence**: Implementations MUST NOT rely on unauthenticated off-chain statements. Attestations MUST be represented by verifiable digests and events. 3. **Digest integrity**: SHA3-512 (64 bytes) ensures audit-trail integrity. Implementations MUST use bytes type to store complete 512-bit digests. 4. **Post-quantum cryptography**: Hash functions and signature schemes MUST be quantum-resistant. SHA3-512 provides 512-bit security suitable for post-quantum scenarios. 5. **Irreversible retirement**: Once retired, tokens cannot be reactivated. 6. **Physical seal validation**: On-chain digest MUST match physical seal cryptographic hash. 7. **Input validation**: All off-chain documents MUST be hashed using SHA3-512 and publicly referenced on-chain. 8. **Hash truncation prevention**: Implementations MUST NOT truncate SHA3-512 digests. The bytes type MUST be used instead of bytes32 to prevent loss of cryptographic security. ## Copyright Copyright and related rights waived via [CC0](../LICENSE.md).