# Create and update data

When you first set up your system, the `POST /v1/genesis` API operation creates an initial environment and entities. The `genesis` operation does not require any authentication or governance.

All changes to the system data subsequent to this initial system setup follow the same secure workflow. The following steps describe the workflow for creation of a new domain:

1. Intent proposal: The user submits an intent to create a new domain, including additional security in the form of a digital signature. This ensures that the submitter is correctly authenticated and that the input data is not tampered with. For more information, see [Propose intents](/products/custody/v1.19/api/get-started/key-operations/update/intent-proposal).
2. Intent validation: Based on the data in the request, Ripple Custody searches for an applicable policy, and assigns to the intent both a policy ID and a revision number. Once Ripple Custody finds a matching policy, the intent must be approved by a quorum of users with specific roles, as defined in the approval workflow of the policy. For more information, see [Approve intents](/products/custody/v1.19/api/get-started/key-operations/update/intent-approval).
3. Execution of the intent:  Once the intent is approved, Ripple Custody executes the changes to the system state.


The submitter of the intent acts as the first approver, so if the selected policy includes an approval workflow that does not match the submitter's user role, the intent fails.

For more information about:

- The `genesis` operation, see [Run system setup](/products/custody/v1.19/get-started/deployment/system-setup/setup).
- Intents, policies, and approval workflows, see [Governance framework](/products/custody/v1.19/overview/governance).