Using the CRYMBO API

CRYMBO Oracle provides a secure REST API for VASPs to automate identity exchange processes. This allows interaction with the Oracle off-chain while staying compliant with Travel Rule mandates.

API Authentication

All endpoints require Bearer Token authentication. Tokens are issued post-KYB approval.

Headers:

Authorization: Bearer <your-token>
Content-Type: application/json

Sender API

Used by VASPs to serve encrypted identity data upon request.

Endpoint:

POST /api/getPII

Request Body:

{
	"txHash": "0x...",
	"network": "polygon",
	"receiver": "0xReceiverAddress"
}

Response Body:

{
	"encryptedKey": "<base64-encoded AES key>",
	"encryptedData": "<base64-encoded PII>",
	"nonce": "<base64 nonce>",
	"version": "1.0"
}

Push API

VASPs need to supply endpoint for fetch encrypted PII by CRYMBO.

Endpoint:

POST /api/oracle/pushEncryptedPII

Request Body:

{
	"txHash": "0xabc123...",
	"network": "polygon",
	"sender": "0xSenderAddress",
	"receiver": "0xReceiverAddress",
	"encryptedKey": "<AES key>",
	"encryptedData": "<ciphertext>",
	"nonce": "<GCM nonce>",
	"version": "1.0",
	"timestamp": 1713600000
}

Response:

{
	"status": "received",
	"message": "Encrypted payload accepted"
}

API Error Codes

Code	Meaning
401	Invalid or expired token
404	Missing PII or endpoint
422	Invalid payload format
500	Internal server error

📌 Next Step: Review the Compliance Flow

API Authentication​

Sender API​

Push API​

API Error Codes​

API Authentication

Sender API

Push API

API Error Codes