# Decentralized Vaults ### Compliance Context #### FATF & AML Requirements * **Customer Due Diligence (CDD)** → Collect and verify customer identity documents. * **Record Keeping** → Maintain records for 5–10 years, available for regulators on request. * **Sanctions Screening** → Check against updated lists (UN, OFAC, EU, local). * **Ongoing Monitoring** → Reassess at regular intervals or when risk events occur. #### KYC Regulations * **Document Verification** (passport, national ID, proof of address). * **Risk-based Approach** → Different levels (KYC1, KYC2, Enhanced Due Diligence). * **Accreditation/Eligibility** → Investor class checks for RWA access. #### GDPR / eIDAS * **Data Minimization** → only necessary data collected. * **Right to Erasure / Portability** → users can revoke and migrate. * **Encryption & Scoped Access** → Vault encrypts data at rest and in transit. * **Separation of Concerns** → Vault handles PII; blockchains only handle proofs & commitments. *** ### Architecture ```mermaid flowchart TD subgraph Off-Chain [Off-Chain Layer] U[User submits KYC data] --> V[Fairway Vault encrypted decentralized storage] V --> A[Fairway Cloud Agent Witness] A -->|ZK proof| M[Midnight Compact Circuit] end subgraph On-Chain [On-Chain Layer] M --> L[Midnight Ledger: Proof UTXO] L --> C[Cardano Merkle UTXO] L --> E[EVM EAS Attestation] C --> D[dApp/Protocol Guard] E --> D end ``` *** ### Data Lifecycle 1. **Collection** → user submits KYC docs to Vault (off-chain, encrypted). 2. **Verification** → Cloud Agent validates docs (document checks, sanctions screening, AML rules). 3. **Proof Generation** → Witness calls Cloud Agent and Compact circuit produces ZK-proof bound to a wallet address. 4. **Recording** → Proof stored as a UTXO on Midnight (immutable audit trail). 5. **Reference** → Merkle roots (Cardano) or EAS attestations (EVM) include `midnight_ref` and Fairway signature. 6. **Usage** → dApps only check eligibility flags; no direct access to PII. *** ### Data Model (Vault Entry) ```json { "user_id": "uuid-v4", "wallets": ["addr1...", "0xabc..."], "kyc_level": 2, "jurisdiction": "EU", "accredited": true, "sanctions_status": "clear", "docs": { "passport_hash": "sha256:0x123...", "proof_of_address_hash": "sha256:0x456..." }, "created_at": "2025-09-22T10:15:00Z", "updated_at": "2025-09-22T11:00:00Z" } ``` *** ### Compliance Properties * **FATF R.10 / R.11 (Recordkeeping)** → Vault maintains secure audit trail; regulators can request full trace via `midnight_ref`. * **AML Directives (AMLD5/6, EU)** → sanctions screening + enhanced due diligence supported by Vault Agent workflows. * **GDPR Articles 5 & 25 (Minimization, Privacy by Design)** → only commitments/flags on-chain, never PII. * **eIDAS** → cryptographic signatures and proofs meet EU electronic trust service requirements. * **Auditability** → any `midnight_ref` can be checked against Vault + Issuer records under regulator supervision. *** ### What Vaults Are (and Are Not) * ✅ **Are** → encrypted, decentralized KYC data stores aligned with FATF/AML/GDPR. * ❌ **Are Not** → on-chain databases (no PII ever published). * ❌ **Are Not** → public APIs for dApps (only the Witness Agent reads them). * ❌ **Are Not** → proof stores (ZK-proofs live on Midnight). *** ### Benefits * **Privacy-first** → regulators can audit, but protocols see only “YES/NO”. * **Regulatory alignment** → satisfies FATF, AMLD, KYC, GDPR/eIDAS simultaneously. * **Future-proof** → Vault workflows adapt to new directives (e.g., FATF Travel Rule, MiCA). * **Trust-minimized** → Fairway signature + Midnight proofs decouple compliance checks from raw data custody. *** ### Next Steps * See Witnesses → how Cloud Agents read Vaults and generate proofs. (Not public yet) * [Learn Zero-Knowledge Proofs (Midnight).](https://docs.fairway.global/~/revisions/ANJ44LbwfWAXIHTM56W0/developers/core-concepts/zero-knowledge-proofs-midnight) * [Explore Compliance Guides for regulator mapping.](https://docs.fairway.global/~/revisions/LmhbGZ8szY6vRl5kdqPa/learn/compliance-and-risk-management-guides) --- # Agent Instructions: Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter: ``` GET https://docs.fairway.global/developers/core-concepts/decentralized-vaults.md?ask= ``` The question should be specific, self-contained, and written in natural language. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.