Shyft Network and Veriscope Core Concepts

Veriscope is made up of several components that together enable VASPs to seamlessly create a "trust anchor" account on the Shyft Network, post attestations to the network, and transfer data peer-to-peer with other VASPs.

The Veriscope installation package/Install Script simplifies the installation and makes it possible for VASPs to get up and running in ~30-60 minutes.

To install Veriscope, VASPs first need to provision a machine that:

  1. Is reachable over the internet on ports 80 and 443

  2. Has a DNS name that points to it (e.g. subdomain.domain.com)

Veriscope Components

Component Description

Shyft Network Relay Node

A Nethermind Proof Of Authority (POA) client that synchronizes with the Shyft Network. Veriscope communicates with the Relay Node over an RPC connection (HTTP and websocket).

NodeJS HTTP Server

The interface between the Web Application and the Relay Node and various web3 libraries for cryptography functions.

Web Application

A Laravel/PHP web application that VASPs can login to, manage their organization, post data on-chain, and view KYC templates. The web app is hosted at your DNS name.

PostgreSQL Database

For storing all on-chain & local data.

Rest API and Webhook

The Veriscope API abstracts away a lot of the complexities of dealing with on-chain smart contracts and peer-to-peer data transfer. Data such as attestations and "discovery layer" data can be posted on-chain and KYC/IVMS data transferred peer-to-peer between VASPs using the API.

It is recommended that VASPs run & manager their own Relay Node. There are many benefits to this, including:

  • Relay Nodes can be protected by firewalls

  • VASPs can post transactions to their own Relay Node

  • VASPs receive notifications from Shyft Network via their own Relay Node

Veriscope high-level architecture

veriscope architecture

Attestations

Attestations represent an intent to withdraw to a particular wallet address and are discoverable based on that same address.

  • VASPs broadcast attestations for each withdrawal request

  • VASPs listen/respond to attestations on their addresses

Broadcasting attestations

Example 1. endpoint
`POST` {{baseUrl}}/api/v1/server/set_v3_attestation
Example 2. params
"ta_account":"0xF937c412e7172c2c8978cEdD850DDD08e0D95e60"
"user_account":"0x96ee3769a2422215626b8a32594e8fbd5dd1b61a"
"jurisdiction":"196"
"coin_blockchain":"ETH"
"coin_token":"POOL"
"coin_address":"0x5481fabc980af705c556517426c81a963af5657d"
"coin_memo":"end-to-end walkthrough"
  • user_account is the originator/sender user account_address from Create Shyft User

  • jurisdiction is the originator/sender VASP jurisdiction id from Get Jurisdictions

Responding to attestations

Responding to an attestation is done off-chain by creating an initial version of a KYC template and sending it to the VASP that posted the attestation, the sender/originator VASP.

Example 3. endpoint
`POST` {{baseUrl}}/api/v1/server/create_kyc_template
Example 4. params
"attestation_hash": "0xfad4deb39b71171e0ce68e019d0c3b73873aa9a25220a018334b91e705e2ae76"
"user_account": "0x279623a9378725fe271dccd8a390228f81c87a5e"
"user_public_key": "0x0409e8d4a705e9dff75c5d082b601a8326b77c61b763df76ec242f24b85abd070fcada35335033ec0bfe8308dfcf0ea551b0193836219bbb535f059ade08140772"
"user_signature": "{"r":"0x8edb489caf90ea1ec47b185099825b763b0dbfee72cf0685c0662fe96b178dd5","s":"0x3eb2f91b549512aeb8438fac961cca34c47873c11ce17f383f54c4346458b149","v":"0x26"}"
"user_signature_hash": "0x7ec005c40fadb64f4180dcc14d9f5927f649096a08478a4a5a112a3aa77ca549"
"ivms_encrypt": (optional)
"coin_transaction_hash": (optional)
"coin_transaction_value": (optional)
"ivms_state_code": (optional)
"coin_address_crypto_proof": (Optional)
Example 5. response (200 OK)
{
    "attestation_hash": "0xfad4deb39b71171e0ce68e019d0c3b73873aa9a25220a018334b91e705e2ae76",
    "status": "BE_TA_VERIFIED",
    "webhook_status": "START",
    "ivms_status": "START",
    "updated_at": "2022-06-27T02:51:36.000000Z",
    "created_at": "2022-06-27T02:51:35.000000Z",
    "id": 12,
    "coin_blockchain": "ETH",
    "coin_token": "POOL",
    "coin_address": "0x5481fabc980af705c556517426c81a963af5657d",
    "coin_memo": "end-to-end walkthrough",
    "coin_transaction_hash": "",
    "coin_transaction_value": "",
    "sender_ta_address": "0xF937c412e7172c2c8978cEdD850DDD08e0D95e60",
    "sender_user_address": "0x96Ee3769a2422215626b8A32594e8fBD5Dd1b61a",
    "beneficiary_ta_address": "0x1358D8FF6bF65002d051c059b95E60f54007516e",
    "beneficiary_ta_public_key": "0e67d158116a7c330953bde9d53dac5db35a7af64337f5b3de5246ab576d98e4d2f32cb96e0b291332573eed2884edb0a626e58525e7d89ce1ecb1dd50d9ee89",
    "beneficiary_ta_signature_hash": "0x0b709dd4809f36a22fe48250b24a5e41e8aea491bace26627f5c68ea9b4fad3f",
    "beneficiary_ta_signature": "{\"r\":\"0x221ad084d6a3eaa93446508033ed746a831d5fd31748dfb5a8eb1c850555218e\",\"s\":\"0x0e731078734180087e61fcd7c9248e8172608c2a645a438c379fc08aedbbaa70\",\"v\":\"0x26\"}",
    "beneficiary_user_address": "0x279623a9378725fe271dccd8a390228f81c87a5e",
    "beneficiary_user_public_key": "0x0409e8d4a705e9dff75c5d082b601a8326b77c61b763df76ec242f24b85abd070fcada35335033ec0bfe8308dfcf0ea551b0193836219bbb535f059ade08140772",
    "beneficiary_user_signature_hash": "0x7ec005c40fadb64f4180dcc14d9f5927f649096a08478a4a5a112a3aa77ca549",
    "beneficiary_user_signature": "{\"r\":\"0x8edb489caf90ea1ec47b185099825b763b0dbfee72cf0685c0662fe96b178dd5\",\"s\":\"0x3eb2f91b549512aeb8438fac961cca34c47873c11ce17f383f54c4346458b149\",\"v\":\"0x26\"}",
    "sender_ta_url": "https://ks-node-3.veriscope.network/kyc-template",
    "beneficiary_ta_url": "https://ks-node-4.veriscope.network/kyc-template",
    "beneficiary_user_crypto_proof":"",
    "beneficiary_user_crypto_proof_status":""
}

Discovery Layer

The discovery layer comprises all data that is posted on-chain, on the Shyft Network. This includes VASP profile data (aka "key-value" pairs) that make a VASP discoverable as well as attestations.

shyft discovery layer

VASP IVMS Profile

Central to the travel rule is the exchange of KYC/IVMS data between VASPs. To facilitate this, the InterVASP Messaging Standard (IVMS) has been established which sets forth the information that is required to be sent back and forth between VASPs.

The purpose of the VASP IVMS Profile is to capture this information upfront so that it can be added to "KYC templates" when data is being transferred between VASPs. IVMS data is not posted on-chain.

Peer-to-peer data transfer

All sensitive data is encrypted and transferred off-chain between peers via a KYC template. The KYC templates contains all the data a VASP needs to conduct due diligence and determine if they wish to accept or reject a transfer. Both an originator VASP (oVASP) and beneficiary VASP (bVASP) can decide whether to accept or reject a transfer.