◆ For fintech + payments

DeFi that passes
a sanctions audit.

Permissionless chains can't refuse a transfer. That makes them unusable for any regulated institution — banks, fintechs, broker-dealers, payment processors. Khromosome bakes OFAC + EU + UK sanctions screening into the bridge layer, anchored on chain, synced daily. Your compliance officer reads the same registry the relayer reads — no surprises, no off-chain "trust us."

01

What happens when a sanctioned address sends.
Same workflow, two chains, very different audit story.

A typical EVM bridge

Transfer goes through. Compliance discovers later.

User submits a bridge tx. Bridge contract has no concept of sanctions. Tokens move. Days or weeks later, a forensic vendor flags the address; the institution has now received tainted funds and is on the hook for OFAC violations they can't prove they prevented.

  1. User initiates transfer
  2. Bridge mints destination tokens
  3. Forensic flag arrives 7–28 days later
  4. Institution scrambles to freeze + report
  5. Audit asks: "why didn't you check?"
Khromosome

Transfer is blocked. Audit trail is automatic.

User submits a bridge-out tx. Relayer reads SanctionsScreen.isSanctioned() for sender AND recipient before signing the mint. Sanctioned addresses are silently blocked — never minted. The block reason + sanctions-list ref hash lands in AuditLog. Your compliance team queries one contract for the daily-synced list.

  1. User initiates transfer
  2. Relayer queries on-chain sanctions registry
  3. If listed → tx never relayed, AuditLog entry written
  4. If clean → relay proceeds normally
  5. Audit query: "show me every blocked tx in Q3" → on-chain
02

What your compliance officer will ask.
Every one of these has an on-chain answer.

Q1

"How fresh is the sanctions list?"

OFAC SDN list synced daily at 03:17 UTC via a dedicated daemon. Every entry on chain carries the SDN reference + evidence hash. List operators are restricted to a specific compliance-officer wallet. Stale-list alarms fire if the daemon misses a sync.

SanctionsScreen 0xE138…b9f3
Q2

"Can the bridge be drained by a bug?"

Both bridge endpoints formally verified — 15 of 15 invariants proven by Halmos SMT solver. Includes "only-relayer can mint", "no-replay", "conservation of value", "pause halts mints". Math, not testing. Bridges are the #1 hacked surface in crypto; ours are provably correct.

Full report
Q3

"Who controls the keys?"

Validator BLS keys behind Web3Signer with Postgres slashing protection on both validator hosts. YubiHSM2 migration in progress. Bridge admin keys: Trezor hardware wallet → 1-of-1 Gnosis Safe on mainnet. No hot-EOA admin path anywhere — verifiable on Etherscan.

Safe 0x5301…78a7
Q4

"Are admin actions logged?"

Every bridge admin action (relayer rotation, pause, ownership transfer) emits on-chain events. Forta runtime monitoring alerts our team Critical on any high-value bridgeIn (>100k KHROME) and High on any admin event. Self-hosted L2 watcher serves a webhook your SOC can subscribe to.

Monitoring config
Q5

"Have these contracts been audited?"

Code4rena bridge-audit submission in flight ($7.5k bounty). Sourcify exact-match verification on every contract; Etherscan-native for BridgedKHROME on mainnet. We can publish the audit certificate at signing. The bytecode running today matches the published source byte-for-byte.

Sourcify ✓ · Etherscan ✓
Q6

"What jurisdiction is your validator stack in?"

OperatorRegistry has every validator's ISO-3166 jurisdiction tag, operator legal-entity name, BAA hash, and KYC reference. Today: 2 hosts in DE; partner onboarding for US-east, US-west, and SG in progress for jurisdiction redundancy. Regulators read this contract directly.

Live operator page
03

Run a production pilot.
Settle real value, with compliance, in 90 days.

For fintechs, payment platforms, broker-dealers, treasury-management firms

$25k · 90 days · settlement layer.

We onboard your treasury / settlement flows onto Khromosome with full sanctions-screening, hardware-key custody, and a real-time audit feed. Your existing compliance stack (Chainalysis, TRM, Elliptic) plugs in via webhook. By day 30 you're settling test transactions; by day 60 you're running a controlled live volume; by day 90 you have a production decision.

  • Dedicated bridge instance with your KYC-restricted relayer (or use the shared relayer with custom screening rules)
  • Custom OFAC + your-own-blocklist integration via direct registry writes
  • Forta + your-SOC webhook for every relayed and every BLOCKED transfer
  • Direct-relationship validators in your jurisdiction (US-east available Q4)
  • Audit-log export to your data warehouse (S3, BigQuery, Snowflake)
Book a pilot call →
Not in fintech? See: For healthcare → For investors → Full pitch →