Identity Exchange Flow

CRYMBO Oracle enables VASPs to exchange encrypted identity information in a secure, on-chain-coordinated process that complies with global Travel Rule requirements.

Key Concepts

PII (Personally Identifiable Information) is never stored on-chain.
All identity data is end-to-end encrypted using the receiver’s public key.
CRYMBO Oracle ensures that only authorized VASPs can initiate and respond to requests.

Flow Overview

1. Initiate Identity Request

The sending VASP triggers a request by calling the CRYMBO smart contract:

requestPIIForTransaction(string network, bytes32 txHash, address receiver)

This emits a PIIRequested event picked up by the CRYMBO Oracle.

2. Data Fetch or Push

Two possible flows are supported:

a. Receiver-Pull (Default)

The CRYMBO Oracle pulls the encrypted PII from the sender’s API endpoint.

b. Sender-Push (Optional)

The sender proactively pushes encrypted PII to CRYMBO via:

POST /api/oracle/pushEncryptedPII

3. Secure Routing

The encrypted payload is routed by the CRYMBO Oracle to the receiver VASP. Only the intended receiver can decrypt the data using its private key.

4. Compliance Visibility

All transactions are timestamped and event-driven
Auditable metadata is maintained off-chain for compliance tracking
Replay protection is enforced with nonce + timestamp

Example (JavaScript using Ethers.js)

const tx = await oracleContract.requestPIIForTransaction('polygon', ethers.encodeBytes32String(txHash), receiverAddress);
await tx.wait();

📌 Next Step: Explore API Usage

Key Concepts​

Flow Overview​

1. Initiate Identity Request​

2. Data Fetch or Push​

a. Receiver-Pull (Default)​

b. Sender-Push (Optional)​

3. Secure Routing​

4. Compliance Visibility​

Example (JavaScript using Ethers.js)​