PassportCreds Node
White-label Compliance Passport for regulated onchain access — powered by Chainlink + Privy
Project Description
PassportCreds by Node is a white-label Compliance Passport for regulated onchain access. It started as an internal problem at Node PropTech: how do you verify investors accessing a regulated deal room are KYC-cleared and accredited — without storing sensitive documents and without building a bespoke integration for every compliance provider?
A wallet connects via Privy Embedded Wallet, uploads compliance evidence, and the Chainlink Confidential AI Attester evaluates it inside a TEE. No PII leaves the enclave. The verdict is delivered via webhook to our backend, which triggers a Chainlink CRE workflow — the sole authorized writer to our smart contracts on Base Sepolia. CRE writes verified claims to ClaimRegistry and mints or updates a soulbound Compliance Passport (ERC-721 + ERC-5192). The AccessGate contract reads the passport and unlocks the Node PropTech Deal Room.
No raw documents are stored. No PII is written onchain. Only keccak256 hashes.
How it's Made
Frontend: Next.js 14 with TailwindCSS and Privy Embedded Wallet for social/email login — no browser extension needed.
Backend: NestJS on Railway with Prisma + PostgreSQL. It orchestrates verification sessions, calls the Chainlink Confidential AI Attester, receives the verdict via webhook, and triggers the CRE workflow with a verificationId only — no PII, no raw documents ever cross that boundary.
Chainlink Confidential AI Attester: we send compliance documents (KYC/AML and Accredited Investor evidence) to a TEE running Gemma4 with structured system prompts. The model returns a minified JSON verdict — approved, confidence, reasonCode, summary. The document is discarded. Only a keccak256 attestation hash goes onchain.
Chainlink CRE: a TypeScript workflow running on Railway. It is the only actor with CRE_UPDATER_ROLE — the sole key allowed to write to our smart contracts. It fetches the sanitized result from our backend, validates it, hashes the verificationId for replay protection, and fires two transactions: ClaimRegistry.submitClaim and CompliancePassport.syncPassport.
Smart contracts: three Solidity contracts deployed and verified on Base Sepolia via Foundry. ClaimRegistry stores verified claims. CompliancePassport is a soulbound ERC-721 + ERC-5192 passport with status derived live from ClaimRegistry. AccessGate is a stateless read contract that answers canAccessDealRoom and canAccessInvestorArea.
