Gravv — IT Systems Infrastructure & Architecture Overview ========================================================== **Platform Reference Document** :Version: 1.0 :Last Updated: July 2026 :Audience: Prepared for internal, partner, and audit circulation About Gravv ----------- Gravv is a business-to-business financial infrastructure platform for global money movement. It combines cross-border transfers, multi-currency accounts and virtual accounts, FX and OTC trading, card issuing and card collections, fiat-to-stablecoin on-ramping, and stablecoin payment links into a single API-first platform. Businesses integrate through a REST API (secured by API keys) or operate through the Gravv dashboard, and can move value across local African rails, US and European banking rails, and public blockchain networks. Gravv is a financial technology company, not a bank. Banking, card issuing, payout execution, and custody services are delivered through regulated partner institutions and licensed providers in each jurisdiction where Gravv operates. Purpose of This Document ------------------------ This document describes the IT systems, infrastructure, and architecture underpinning the Gravv platform. It is intended for internal engineering and compliance teams, partner financial institutions, external auditors, and prospective enterprise clients who require a structured reference on how the platform is built, deployed, secured, and operated. All component names, service responsibilities, integrations, and data flows in this document reflect the actual Gravv codebase and deployment topology. Document Scope -------------- The scope of this document covers: - The high-level system architecture of the Gravv platform. - The core services and their responsibilities. - Data flows, sensitive-data handling, and the transaction record model. - Integrations with third-party providers across banking, payouts, cards, compliance, and crypto custody. - The hosting, networking, deployment, and environment topology. - Security and compliance controls. - Operational practices: monitoring, incident response, change management, and backup and recovery. Out of Scope ~~~~~~~~~~~~ This document does not cover individual API endpoint specifications, detailed data schemas, or partner-specific integration contracts. Those are maintained in separate technical documentation (including the ``specifications`` protobuf contract repository) and are made available to integrators under the relevant agreements. Table of Contents ----------------- .. list-table:: :widths: 30 70 * - :doc:`overview` - Product scope, tenancy model, and platform surface. * - :doc:`architecture` - Architectural principles, system layers, and conceptual transaction flow. * - :doc:`data-architecture` - Data domains, sensitive data classification, data flow principles, and storage components. * - :doc:`core-service` - API Gateway, Identity, Customers, Accounts, Transfers, Transactions, Payees, FX, Billing, Onramp, Web3, Risk, Integrations, Webhooks, Audit. * - :doc:`api` - Third-party providers across banking, payouts, cards, compliance, and crypto. * - :doc:`deployment` - Cloud hosting model, environments, network topology, release process, and backup & recovery. * - :doc:`security` - Defence-in-depth controls, secrets management, and regulatory posture. * - :doc:`operations` - Operational consoles and key workflows. * - :doc:`roles` - Role-based access control and responsibilities across all platform roles. * - :doc:`glossary` - Definitions of key terms and acronyms used throughout this document. .. toctree:: :maxdepth: 2 :hidden: overview architecture data-architecture core-service api deployment security operations roles glossary At a Glance ----------- - 19 microservices across Go, Rust, and Angular/TypeScript - 30+ third-party provider integrations across banking, payouts, cards, and crypto - 8 blockchain networks supported (Ethereum, Polygon, Solana, Stellar, Avalanche, Sui, Tron, Base) - Dual live / sandbox environments with per-request routing - API-first: every capability exposed through a single authenticated gateway