Pre-launch privacy review
Operator checklist for reviewing on-chain fields, evidence storage, transaction routing, and legal approval before a regulated asset uses a public EVM network.
Use this checklist before a regulated asset programme uses a public EVM network. The goal is simple: confirm what becomes public, keep private evidence off-chain, and record which privacy choices belong to the deployment architecture.
This page is for operators, security reviewers, and compliance teams preparing a launch. For the decision frame, start with Public chain privacy. For the chain-visible data model, read Public EVM visibility model.
Review the on-chain data set
- List every field written to token contracts, identity registries, OnchainID claims, trusted issuer registries, compliance modules, feeds, and transaction inputs.
- Remove personal data, confidential commercial terms, document identifiers, private URLs, raw evidence, and internal notes from public-chain fields.
- Confirm token names, symbols, metadata, claim topics, issuer labels, feed topics, and event parameters are approved for public discovery.
- Confirm wallet, identity, issuer, custodian, and operator addresses can be associated with their roles.
Keep source evidence off-chain
- Store KYC, KYB, AML, sanctions, beneficial ownership, investor files, review notes, and legal evidence in approved off-chain systems.
- Configure claims and compliance modules to enforce eligibility from attestations and rules, not from raw evidence.
- Confirm the off-chain evidence owner, retention period, access-control model, and audit-export path.
- Check the privacy policy and terms of service for the legal treatment of blockchain data.
Classify routing and ordering controls
- Decide whether pending mints, burns, redemptions, treasury actions, reserve updates, freezes, forced transfers, or role changes can be visible before finality.
- Classify each mempool, ordering, privacy-framework, proof-system, stealth-address, and private-order-flow requirement as one of these:
- a DALP platform pattern
- a configured EVM network capability
- a deployment-specific provider integration
- outside the default DALP capability
- If a private route is required, record the provider, supported chains, submission route, failure behaviour, monitoring, audit evidence, and fallback path.
- Confirm the configured network in supported networks is the intended EVM environment.
Approval record
| Area | Required decision | Typical owner |
|---|---|---|
| On-chain metadata | Public values are safe for disclosure. | Product owner and compliance reviewer |
| Identity and claims | Claim topics expose eligibility state without source evidence. | Compliance reviewer and verifier owner |
| Evidence storage | Source files remain in approved off-chain systems. | Operations owner and legal reviewer |
| Transaction routing | Public or private submission path matches the asset risk. | Architect and operator |
| Network choice | The selected EVM network matches visibility, access, and recovery requirements. | Architect and business sponsor |
Where to go next
- Public chain privacy for the decision summary.
- Public EVM visibility model for the data that becomes visible.
- Transaction ordering privacy for pending transaction exposure.
- Privacy architecture patterns for deployment choices.
Privacy architecture patterns
Compare public eligibility, private evidence, permissioned EVM networks, privacy layers, and metadata minimisation patterns for regulated DALP assets.
Security overview
DALP security separates identity, access, wallet verification, on-chain compliance, and custody controls so reviewers can see which gate owns each asset-operation decision.