Technical Specifications
Comprehensive technical documentation for Fairway compliance products, including architecture, security standards, and integration details.
Architecture Overview
Supported Blockchains
- Cardano: CIP-113 Identity Tokens
- EVM Chains: ERC-3643 & EAS Integration
- Bitcoin L2s: Extended Support
Supported Networks
Mainnet, Testnet, and Staging environments for all chains
Token Specifications
- CIP-113: Cardano Identity Tokens
- ERC-3643: Regulated Token Standard
- EAS: Ethereum Attestation Service
Token Lifecycle
Issuance, validation, revocation, and expiration management
Security & Encryption
Data Encryption
- AES-256-GCM: Data at rest encryption
- TLS 1.3: Data in transit encryption
- RSA-4096: Key exchange
Key Management
Hardware security module (HSM) backed key storage with automatic rotation
Industry Certifications
- ISO 27001: Information Security Management
- SOC 2 Type II: Security & Availability
- GDPR/eIDAS: EU Data Protection
Audit Trail
Cryptographic audit logs with immutable record generation
Compliance Features
- Identity verification (government ID)
- Sanctions list screening (OFAC, EU, UN)
- PEP (Politically Exposed Person) checks
- Adverse media screening
- Risk scoring & categorization
- EU (AMLD6/eIDAS compliant)
- United States (FinCEN, SEC)
- UK (FCA compliant)
- Singapore (MAS compliant)
- Additional jurisdictions on request
- Real-time sanctions list updates
- Continuous transaction monitoring
- Regulatory change alerts
- Automated compliance rule updates
- Quarterly compliance reviews
API & SDK Specifications
API Endpoints
- POST /api/v1/kyc/verify
- GET /api/v1/kyc/status/{id}
- POST /api/v1/compliance/check
- GET /api/v1/identity-tokens
- POST /api/v1/audit/logs
Authentication
OAuth 2.0 with API key support for server-to-server
Rate Limits
1,000 requests/minute (standard), custom limits for enterprise
Available SDKs
- TypeScript/JavaScript (npm)
- Python (pip)
- Go (go get)
- Rust (cargo)
Blockchain SDKs
Aiken (Cardano), Solidity (EVM), Rust (Bitcoin L2)
Performance & Service Level Agreements
Response Times
- KYC verification: <5 seconds (average)
- Sanctions screening: <2 seconds
- Identity token issuance: <10 seconds
Throughput
10,000+ concurrent verifications per minute
Availability
- Standard: 99.5% uptime SLA
- Enterprise: 99.99% uptime SLA
Support
- Standard: Business hours support
- Enterprise: 24/7 dedicated support
Zero-Knowledge Proof Implementation
ZK Proof Specifications
- Proof System: Plonk/Groth16
- Proof Size: ~128 bytes
- Verification Time: <100ms
- Proving Time: <5 seconds
Provable Claims
- User passed KYC verification
- User is not on sanctions lists
- User meets accreditation requirements
- User is from approved jurisdiction
Data Vault Architecture
Storage Features
- Encrypted at rest (AES-256)
- Geo-redundant backups
- Automatic retention policies
- GDPR right-to-be-forgotten
Access Control
- Role-based access (RBAC)
- Multi-factor authentication
- IP whitelisting
- Audit logging
Compliance
- GDPR compliant
- eIDAS regulation aligned
- Data residency options
- Regular penetration testing
Integration Patterns
Cardano (Aiken)
Validators that check identity token presence and validity before allowing transactions.
CIP-113 CompliantEVM (Solidity)
Smart contracts that verify ERC-3643 tokens and EAS attestations on-chain.
ERC-3643 CompatibleREST API
Direct HTTP endpoints for KYC verification, compliance checks, and identity token queries.
OAuth 2.0Webhooks
Real-time event notifications for verification status changes and compliance alerts.
Event-Driven