# Key operations

This section describes the key operations you use to request changes to Ripple Custody data in the UI, such as creation and update of environment and accounting entities, and transaction management tasks.

All changes to the system data subsequent to system setup follow the same secure workflow. The following steps describe the workflow for creation of a new domain:

1. Intent proposal: The user submits an intent to create a new domain. For more information, see [Propose intents](/products/custody/v1.26/ui/get-started/key-operations/intent-proposal).
2. Intent signature: The user adds their digital signature to the intent, to ensure that the submitter is correctly authenticated and that the input data is not tampered with. For more information, see [Sign intents](/products/custody/v1.26/ui/get-started/key-operations/intent-signature).
3. Intent validation: Based on the data in the request, Ripple Custody searches for an applicable policy, and assigns to the intent both a policy ID and a revision number. Once Ripple Custody finds a matching policy, the intent must be approved by a quorum of users with specific roles, as defined in the approval workflow of the policy. For more information, see [Approve and reject intents](/products/custody/v1.26/ui/get-started/key-operations/intent-approval).
4. Intent execution: Once the intent is fully approved, Ripple Custody executes the changes to the system state. The user can now check that the domain was created correctly. For more information, see [Check updates](/products/custody/v1.26/ui/get-started/key-operations/check).


The submitter of the intent acts as the first approver, so if the selected policy includes an approval workflow that does not match the submitter's user role, the intent fails.

For more information about intents, policies, and approval workflows, see [Governance framework](/products/custody/v1.26/overview/governance).