Explanation
Apr 22, 2026
Where crypto exchanges and custodians get stuck
A single bad write can lose customer funds
A typo in a withdrawal allowlist, approval policy, or fee schedule can send funds to an attacker — with no clawback on-chain. The database write is the liability, long before the audit catches it.
Custody tables reachable by anyone on-call
Allowlists, approval policies, KYC records, and oracle config live in off-chain databases — but the only control on who writes to them is a shared bastion and a trust culture.
Compliance, trading, and product all need prod in different shapes
Compliance pulls suspicious transactions for SAR filings, trading pulls liquidity data, product pulls user analytics. One 'read-only' role doesn't fit — and no team should ever see raw KYC.
How web3 companies run databases on Bytebase
Governance that matches the stakes
Stricter review on custody-adjacent tables, multi-party approval for high-stakes writes, and audit trails that export to SOC 2, MiCA, and BitLicense without reformatting.
Fine-grained SQL review
Allowlists, policy tables, and fee schedules carry stricter review rules than user preferences or product config — the same policy engine runs on every change before it ships.
Multi-party approval on high-stakes writes
Changes to withdrawal allowlists, approval policies, and fee schedules route to two or more approvers before execution — a single compromised account can't move customer funds.
Audit trails ready for regulators
Every schema change, permission grant, and query execution is captured with actor and diff — exportable for SOC 2, MiCA, and BitLicense reviews in the shape auditors expect.
Ship schema changes across every network without drift
Batch changes, pre-release validation, and GitOps delivery replace per-network deploys — so compliance monitoring on staging matches what runs on mainnet.
Batch change across networks
Roll one migration out to mainnet, testnets, devnets, and staging in a single issue, with per-target progress tracking — no more per-environment drift breaking compliance feeds.
Validation before release
Syntax checks and object-name verification catch broken SQL early; dependent VIEW and index definitions surface automatically so a migration doesn't silently break a monitoring query.
GitOps with approval gates
Schema migrations live alongside application code, reviewed and merged through your existing VCS — with extra approval gates on custody-adjacent tables enforced at the platform, not in a checklist.
Access control built for custody and incident response
Unified RBAC across services, masking so each team sees only what it needs, and just-in-time credentials that expire before the next on-call rotation starts.
Unified RBAC across services
Manage access centrally across custody, trading, analytics, and compliance services without issuing raw database credentials — a role change updates every project it covers.
Per-team masking and data access
KYC documents stay masked from trading desks, liquidity data stays masked from product, and raw analytics stay out of compliance — every team gets a safe, auditable slice of prod.
Just-in-time incident access
Request production access for a specific chain reorg, bridge outage, or exchange halt; permissions expire automatically once the incident closes, so 3am exploration never leaves behind standing privilege.
Clear roles, shared controls, and predictable workflows
Integrations
Designed to integrate across modern enterprise environments
Bytebase connects to databases, developer tooling, and collaboration platforms to fit naturally into complex, multi-tool enterprise ecosystems.
Resources
