Country Restrictions
CountryAllowList and CountryBlockList modules for geographic transfer restrictions. Covers sanctions/OFAC use cases, EU MiCA jurisdiction selection, and ISO 3166-1 country codes.
Purpose: Reference for country-based compliance modules.
- Doc type: Reference
- What you'll find here:
- CountryAllowList and CountryBlockList — geographic transfer restrictions
- Interface tables showing on-chain capabilities
- ISO 3166-1 numeric codes reference
- Key invariants, operational signals, and failure modes
- Related: Compliance Overview, Identity Verification, Identity Lists, Supply & Investor Limits, Asset Contracts
Where these modules apply
| Concern | CountryAllowList | CountryBlockList |
|---|---|---|
| Minting | Checks recipient country | Checks recipient country |
| Transfers | Checks recipient country | Checks recipient country |
| Burns | — | — |
| Forced transfers | — | — |
Modules
| Module | Purpose | Configuration |
|---|---|---|
| CountryAllowList | Only allow transfers to investors from approved countries | Array of ISO 3166-1 numeric country codes |
| CountryBlockList | Block transfers to investors from prohibited countries | Array of blocked country codes |
Country modules check the recipient's country code from the identity registry storage. This value is set by KYC providers during identity verification and stored as a claim on the investor's OnchainID identity contract.
Interface (capabilities)
CountryAllowList
| Capability | Who can call | Inputs | On-chain effect | Emits | Notes |
|---|---|---|---|---|---|
setModuleParameters | Token admin (via compliance) | Array of ISO 3166-1 numeric country codes | Stores allowed country list | — | Empty list blocks all transfers |
canTransfer | Compliance engine | Sender, recipient, amount | Checks recipient's country code against allowed list | — | Country code read from identity registry storage |
CountryBlockList
| Capability | Who can call | Inputs | On-chain effect | Emits | Notes |
|---|---|---|---|---|---|
setModuleParameters | Token admin (via compliance) | Array of blocked country codes | Stores blocked country list | — | Empty list blocks none |
canTransfer | Compliance engine | Sender, recipient, amount | Checks recipient's country code against blocked list | — | Country code read from identity registry storage |
Use cases
| Use case | Module | Example |
|---|---|---|
| MiCA EU compliance | CountryAllowList | 27 EU member state codes |
| OFAC sanctions screening | CountryBlockList | Sanctioned jurisdiction codes |
| Reg D (US only) | CountryAllowList | [840] (United States) |
| Singapore MAS | CountryAllowList | [702] (Singapore) |
| Japan FSA | CountryAllowList | [392] (Japan) |
| UK FCA | CountryAllowList | [826] (United Kingdom) |
ISO 3166-1 numeric codes
Selected common codes:
| Country | Code |
|---|---|
| United States | 840 |
| United Kingdom | 826 |
| Japan | 392 |
| Singapore | 702 |
| Germany | 276 |
| France | 250 |
Full EU 27 member state codes are included in the MiCA EU Standard template. Use the full ISO 3166-1 numeric code list for other jurisdictions.
Key invariants
- Country check applies to the recipient (buyer/transferee), not the sender
- Country code must be set in the identity registry before any transfer is attempted
- Using CountryAllowList and CountryBlockList together creates a combination restriction (both must pass)
- An empty allow list blocks all transfers; an empty block list blocks none
Operational signals
No events emitted by these modules. Monitor for ComplianceCheckFailed revert errors in failed transactions when transfers violate country restrictions.
Failure modes & edge cases
- Country code not set in identity registry — transfer reverts (recipient cannot be checked)
- Sanctioned country added to block list after tokens already transferred — existing holders are not affected until they attempt a new transfer
- Using both CountryAllowList and CountryBlockList creates a combination restriction — both must pass independently
See also
- Compliance Overview — module architecture and regulatory templates
- Identity Verification — verifying that country claims are properly attested
- Identity Lists — granular identity and address-level access control
- Supply & Investor Limits — InvestorCount enforces per-country investor limits
Overview
Architecture of DALP's modular compliance engine, 7 system-seeded regulatory templates, and 9 compliance modules covering geographic, identity, supply, collateral, and time-lock controls.
Identity Lists
IdentityAllowList, IdentityBlockList, and AddressBlockList modules for granular access control. Covers private placement whitelists, sanctions screening, and the distinction between identity-level and address-level blocking.