Architecture Overview

Core Components

• Compliance UTXO

  • Holds root, timestamp, epoch, signature, midnight reference.

  • Updated when sanctions/risk lists change, or when new users are onboarded.

• Merkle Proofs

  • Submitted by users in transactions.

  • Leaf = { address, claims, kyc_verified_at }.

• Policy Engine (Aiken)

  • Verifies membership, signature, timestamp vs. max-age, and sanctions epoch freshness.

• Trust Registry (future)

  • Will manage Fairway issuer keys + versioning.

Mermaid (high level)

flowchart LR
  A[User completes KYC once] --> B[Vault stores PII + kyc_verified_at]
  B --> M[Midnight proof UTXO posted]
  M --> C[Compliance UTXO root, kyc_verified_at, sanctions_epoch, sig]
  C --> D[dApp Validator]
  D -->|Proof verified, timestamp ok, epoch fresh| E[YES → allow]
  D -->|fail| F[NO → deny]