Credence
Decentralized identity and compliance protocol that enables institutional-grade compliance with user-centric privacy. Users can verify their credentials using SP1 zero-knowledge proofs and receive n
視頻
描述
**Credence** - Privacy-Preserving Identity & Compliance for RWA
---
## Tagline
*Compliant tokenized assets with zero-knowledge privacy. Prove everything, reveal nothing.*
---
## Project Description
Credence is a production-grade identity and compliance protocol for Real-World Assets (RWA) on Mantle Network. It enables regulatory-compliant security tokens while preserving user privacy through zero-knowledge proofs.
### The Problem
Tokenizing real-world assets faces a fundamental conflict:
1. **Regulatory Requirements**: Securities laws require KYC/AML, accredited investor verification, transfer restrictions
2. **Blockchain Privacy**: Traditional compliance stores sensitive data on-chain
3. **Global Complexity**: Different jurisdictions have different rules
4. **User Experience**: Compliance friction kills adoption
### Our Solution
Credence solves this with:
1. **ERC-3643 T-REX Protocol**: Industry-standard security token with built-in compliance
2. **SP1 Zero-Knowledge Proofs**: Prove credentials without revealing personal data
3. **Soul-Bound Token Credentials**: Non-transferable, verifiable credentials (EIP-5192)
4. **Modular Compliance**: Pluggable rules for any jurisdiction
```
+----------------------------------------------------------------+
| CREDENCE: Privacy-Preserving Compliance |
+----------------------------------------------------------------+
| |
| User's Private Data: On-Chain (Public): |
| - Name: John Smith - Credential Type: Accredited |
| - SSN: 123-45-6789 - Expiration: 2027-01-15 |
| - Address: 123 Main St - Issuer: 0x... |
| - Net Worth: $2.5M - Valid: YES |
| |
| [NEVER ON BLOCKCHAIN] [ZK-VERIFIED] |
+----------------------------------------------------------------+
```
---
## Key Features
### 1. ERC-3643 Security Token
- Every transfer validated for compliance
- Sender and receiver identity verification
- Modular compliance rules engine
### 2. Zero-Knowledge Credentials (SP1)
- Prove KYC, accreditation, AML clearance
- Private data never touches blockchain
- Fast proof generation (~10-30 seconds)
### 3. Soul-Bound Token (EIP-5192)
- Non-transferable credential NFTs
- Revocable by issuer if needed
- Expiration dates enforced on-chain
### 4. Modular Compliance System
- Country restriction module (OFAC compliance)
- Accredited investor module (SEC Reg D)
- Qualified purchaser module (Private funds)
- Max holders module (506(b) compliance)
### 5. RWA Investment Pools
- Credential-gated access
- Multi-asset pool support
- Automated compliance checks
---
## Technical Architecture
```
+------------------------------------------------------------------+
| CREDENCE |
+------------------------------------------------------------------+
| Frontend: Next.js 14 + React 18 + TailwindCSS + wagmi |
+------------------------------------------------------------------+
| ZK Layer: SP1 zkVM (Rust) -> Proof Generation -> Verification |
+------------------------------------------------------------------+
| ERC-3643 Identity System: |
| - IdentityRegistry (Wallet -> Identity mapping) |
| - ClaimTopicsRegistry (Required credentials) |
| - TrustedIssuersRegistry (Authorized credential issuers) |
+------------------------------------------------------------------+
| Compliance & Token Layer: |
| - VerifiToken (ERC-3643 security token) |
| - ModularCompliance (Pluggable compliance rules) |
| - Compliance Modules (Country, Accredited, MaxHolders, etc.) |
+------------------------------------------------------------------+
| Credential System: |
| - SP1CredentialVerifier (ZK proof verification) |
| - CredentialSBT (Non-transferable credential tokens) |
+------------------------------------------------------------------+
| RWA Investment: |
| - RWAGate (Credential-based access control) |
| - RWAPool (Investment pool management) |
+------------------------------------------------------------------+
```
---
## Deployed Contracts (Mantle Sepolia)
| Contract | Address | Purpose |
|----------|---------|---------|
| ClaimTopicsRegistry | `0xd59A380EDEC7A7c5b0ec4D383ED9B833121AB7c2` | Required credentials |
| TrustedIssuersRegistry | `0x524602055273d0484730DC1B8AD7Dd346a5E4d3d` | Trusted issuers |
| IdentityRegistryStorage | `0xeA647A33fDd14Fa5cE8D4981A7DF03DbdF1EceCd` | Identity storage |
| IdentityRegistry | `0xAe5C1B0821e75Cbceca39e4Aa0e5f3691D7340e3` | Identity mapping |
| ModularCompliance | `0x49e048Ac1Ab63Cb26B30d14A115d5Ce610116139` | Compliance engine |
| VerifiToken | `0x932029D18aED907867DEa9B468EC4b299e43C0dA` | Security token |
| SP1CredentialVerifier | `0x4335C610aFfdA179b8C1d7e71eA38ff0F54B2F9b` | ZK verification |
| CredentialSBT | `0xfaEF33E2f26FdA8581ED46F93936E40D0168b0CB` | Credential tokens |
| RWAGate | `0x869D70699C93E29A2538558Cd35Ac0997c644414` | Access control |
| RWAPool | `0x5611192b09ED58d389ccc186F1ebAf43eFeE11D8` | Investment pool |
---
## Credential Types
| Type ID | Name | Requirement | Use Case |
|---------|------|-------------|----------|
| 1 | KYC | Government ID verified | Basic access |
| 2 | Accredited Investor | $1M net worth OR $200K income | SEC Reg D |
| 3 | Qualified Purchaser | $5M+ in investments | Private funds |
| 4 | Institutional | Licensed financial institution | Wholesale |
| 5 | AML | Anti-money laundering clear | All regulated |
---
## How It Works
### Investor Onboarding Flow
```
1. Connect Wallet
└── User connects any EVM wallet
2. Submit KYC (Off-chain)
└── Trusted issuer verifies identity documents
3. Generate ZK Proof (Client-side)
└── SP1 proves credentials without revealing data
4. Verify & Mint SBT (On-chain)
└── Proof verified, credential SBT minted
5. Register Identity
└── Wallet linked to verified identity
6. Access RWA Pools
└── Credential-gated investment access
7. Trade Security Tokens
└── All transfers auto-verified
```
### Transfer Compliance Check
```
Every transfer() call validates:
[x] Sender identity verified in IdentityRegistry
[x] Receiver identity verified in IdentityRegistry
[x] ModularCompliance.canTransfer() returns true
[x] Neither party is frozen
[x] Token is not paused
If ANY check fails --> Transaction reverts
```
---
## Privacy Guarantees
| Data | On-Chain | Verifiable |
|------|----------|------------|
| Name, DOB, Address | NO | Yes (via ZK) |
| Credential Type | YES | YES |
| Expiration Date | YES | YES |
| Country Code | YES | YES |
| Issuer Address | YES | YES |
---
## Compliance Modules
| Module | Function | Use Case |
|--------|----------|----------|
| CountryRestrictModule | Allowlist/blocklist countries | OFAC sanctions |
| AccreditedInvestorModule | Require accreditation | SEC Reg D |
| QualifiedPurchaserModule | Require QP status | Hedge funds |
| MaxHoldersModule | Limit investor count | 506(b) |
| TransferLimitModule | Max transfer size | Risk management |
---
## Technology Stack
| Layer | Technology |
|-------|------------|
| Frontend | Next.js 14, React 18, TailwindCSS |
| Web3 | wagmi v2, viem |
| ZK Proofs | Succinct SP1 zkVM (Rust) |
| Contracts | Solidity 0.8.24, Hardhat, OpenZeppelin 5.x |
| Standards | ERC-3643 (T-REX), EIP-5192 (Soulbound) |
| Network | Mantle Sepolia (Chain ID: 5003) |
---
## Regulatory Compliance
| Regulation | How Credence Addresses |
|------------|----------------------|
| SEC Reg D | Accredited investor verification via SBT |
| OFAC | Country restriction module |
| KYC/AML | ZK-verified identity credentials |
| GDPR | No personal data on-chain |
| MiCA | Modular compliance for EU rules |
---
## Use Cases
### For Asset Issuers
- Tokenize real estate, private equity, debt
- Automated compliance enforcement
- Global investor access with local compliance
### For Investors
- Privacy-preserving credential verification
- Access to previously illiquid assets
- Portable credentials across platforms
### For Regulators
- Full transfer audit trail
- Real-time compliance monitoring
- Programmable enforcement
黑客松進展
Built entirely during the hackathon
技術堆疊
SP1
Solidity