Compliance and custody boundary
Understand how DALP separates identity and compliance decisions from custody approvals and signing policies when token operations are executed.
DALP is EVM-only. The platform separates compliance decisions from custody decisions before token operations are submitted to an EVM network. Compliance controls decide whether an address or transfer is eligible under the asset's rules. Custody controls decide whether an approved transaction can be signed by the wallet or custody service that holds the key. This page describes vendor-neutral control boundaries and does not define vendor-specific behaviour.
Why the boundary matters
Issuers and operators often connect both compliance services and custody services to the same asset workflow. They serve different purposes:
| Control area | Primary question | Enforced by |
|---|---|---|
| Platform authorization | Is this user or API key allowed to request the action? | DALP authentication, organization membership, and role checks |
| Wallet verification | Has the user-session operator confirmed the write operation? | DALP wallet verification before browser-session blockchain writes |
| Compliance eligibility | Is the identity, claim, or transfer allowed? | On-chain identity claims and token compliance modules |
| Custody signing policy | Can this wallet or signing service sign this transaction? | Configured signer backend or custody service |
Passing one layer does not bypass the others. A compliant investor address still needs an authorized platform action and a valid signature path. A custody approval does not create KYC claims or override on-chain transfer rules.
Compliance controls
Compliance integrations normalize external verification outcomes into DALP compliance events. Those events update identity claims, monitoring status, or audit records without exposing vendor-specific API payloads to every downstream consumer.
On-chain compliance remains the transfer gate. Token hooks and compliance modules evaluate the asset rules that apply to each operation before state changes land on the EVM network. The active asset type and configured modules determine which rules run.
| Operation or rule area | On-chain control boundary |
|---|---|
| Minting and issuance | Supply-management roles call mint functions; token hooks apply identity, compliance, freeze, collateral, and supply-limit checks configured for the asset. |
| Transfers and holding eligibility | Transfer hooks apply frozen-address, partial-freeze, identity, country, investor-count, allowlist, blocklist, time-lock, approval, and similar compliance modules when those modules are configured. |
| Burning and redemption | Supply-management roles call burn functions; burn hooks apply custodian freeze checks before balances change. |
| Collateral and reserve coverage | Stablecoin assets can require valid collateral claims or ratios before minting or transfer activity proceeds. |
| Freezing and partial freezing | Custodian-role functions update frozen-address and frozen-balance state on-chain. Transfer and burn hooks enforce those states. |
| Pausing | Emergency-role pause functions stop token operations through the token's pausable update path until the asset is unpaused. |
| Forced transfers and wallet recovery | Custodian-role forced-transfer and recovery functions execute through the token contract and emit on-chain balance changes. |
External verification verdicts can supply claim evidence, but a compliance-service verdict is not custody approval and does not replace these token rules.
Use the compliance documentation when you need to understand:
- how identity claims support KYC, KYB, AML, or jurisdiction checks
- how token compliance modules evaluate transfer eligibility
- how verification verdicts and monitoring alerts become normalized compliance events
- how trusted issuers and claim topics affect on-chain identity state
Custody controls
Custody integrations protect private keys and transaction signing. DALP hands a prepared transaction to the configured signing infrastructure, which applies its own policy engine and approval flow before releasing or rejecting the signature.
Custody services do not decide whether an investor has the required compliance claim. The custody service evaluates signing policy for a prepared transaction, such as approval thresholds, wallet policy rules, or custody-side transaction authorization.
Use the custody documentation when you need to understand:
- which signing path is used for a wallet or asset operation
- whether a transaction requires a custody-side approval flow
- how browser-wallet verification differs from institutional custody signing
- which key-management service owns final signature release
End-to-end control sequence
A typical token operation crosses the boundary in this order:
- DALP authenticates the user or API client and checks platform permissions.
- DALP validates the requested operation and prepares the blockchain write.
- DALP requires wallet verification for sensitive browser-session write operations. API-key flows use API-key authorization instead of wallet verification.
- The token's on-chain identity and compliance modules determine whether the action is allowed.
- The configured key service or custody service evaluates signing policy and releases or rejects the signature.
- The signed transaction is submitted to the EVM network.
This sequence is defense in depth. Compliance handles eligibility. Custody handles key protection and signature release. Platform authorization and wallet verification run first.
See also
- Identity and compliance for identity claims, KYC and AML status, and verification lifecycle
- Compliance modules for token-level transfer rules and restrictions
- Compliance integrations for normalized verification intake and monitoring events
- Custody integrations for signer backend and custody boundaries
- Authorization for platform roles and resource-level permissions
- Wallet verification for PIN, TOTP, and backup-code checks before blockchain writes
Identity & Compliance
Architecture of the DALP identity and compliance system built on ERC-3643 and OnchainID (ERC-734/735). Covers on-chain identity binding, claim-based permissions, compliance engine orchestration, and the two-layer policy model.
From External Mint Instruction to On-Chain Transaction
How DALP protects EVM mint instructions from duplicate client retries, replayed requests, nonce conflicts, and unauthorized supply changes.