# Architecture Overview #### Core Components * **Compliance UTXO** * Holds root, timestamp, epoch, signature, midnight reference. * Updated when sanctions/risk lists change, or when new users are onboarded. * **Merkle Proofs** * Submitted by users in transactions. * Leaf = `{ address, claims, kyc_verified_at }`. * **Policy Engine (Aiken)** * Verifies membership, signature, timestamp vs. max-age, and sanctions epoch freshness. * **Trust Registry (future)** * Will manage Fairway issuer keys + versioning. *** #### Mermaid (high level) ```mermaid flowchart LR A[User completes KYC once] --> B[Vault stores PII + kyc_verified_at] B --> M[Midnight proof UTXO posted] M --> C[Compliance UTXO root, kyc_verified_at, sanctions_epoch, sig] C --> D[dApp Validator] D -->|Proof verified, timestamp ok, epoch fresh| E[YES → allow] D -->|fail| F[NO → deny] ```