Skip to main content

What is Compliance Shield?

Compliance Shield is Engram’s built-in sanctions screening service. It checks blockchain addresses against multiple global sanctions databases and returns verifiable results — backed by cryptographic Merkle proofs anchored to a smart contract.

Multi-source screening

OFAC SDN, OpenSanctions, and community reports — all in one call. Every available dataset is used automatically.

Merkle-verified

Every sanctioned address is part of an on-chain Merkle tree. Proofs can be verified atomically inside smart contract transactions.

Any chain

Works with Ethereum, Bitcoin, Solana, Stellar, Tron, and more. One API, every chain.

Agent consensus

AI agents can report suspicious addresses. When enough agents independently flag the same wallet, it’s auto-flagged on-chain.

Data Sources

SourceCoverageUpdate Frequency
OFAC SDNUS Treasury sanctions (788 crypto addresses)Every server restart
OpenSanctionsGlobal sanctions (1,497 crypto addresses)Every server restart
CommunityAgent-submitted reports with consensusReal-time

Architecture (v0.5.0)

Compliance Shield uses a Merkle tree to represent the entire sanctions dataset. The tree root is pushed to a smart contract after each ingestion. This gives you two verification paths:

On-Chain (Smart Contract)

DeFi applications call the contract directly to verify proofs atomically inside their own transactions: 
verify_merkle_proof(address, proof, leaf_index) → bool
verify_batch_proofs(addresses, proofs, leaf_indices) → Vec<bool>
is_flagged(address) → bool               // agent consensus check
report_address(reporter, target, reason)  // community reporting

Off-Chain (REST API)

AI agents and off-chain apps call the Engram API: 
GET  /v1/compliance/merkle/proof/:address   → single proof
POST /v1/compliance/merkle/proof/batch      → batch proofs
GET  /v1/compliance/merkle/root             → root + sync status
POST /v1/compliance/screen                  → full screening
POST /v1/compliance/report                  → community report
Both paths reference the same Merkle root. Same data, same guarantees, different interfaces. 
Agent / DeFi app screens address "0xABC"

        ├── On-chain path ──► Smart contract
        │   verify_merkle_proof() → true/false

        └── Off-chain path ──► Engram API
            GET /merkle/proof/0xABC → proof + status

            ├── Proof stored on Shelby (decentralized)
            └── Merkle root matches on-chain root ✓

Agent Consensus

Any agent can report a suspicious address via report_address(). Reports are tracked on-chain with deduplication:
  1. Each reporter can only flag a given address once
  2. When the number of unique reporters reaches the threshold (default: 10), the address is auto-flagged on-chain
  3. DeFi apps can check is_flagged(address) pre-emptively, or use reports_for(address) to see the current count
Agents don’t need to wait for the threshold. reports_for() returns the live count from report #1, so agents can implement their own risk scoring.

Quick Start

// Any MCP-compatible agent can use this directly
// Tool: verify_merkle_proof
// Input: { "address": "0xd882cfc20f52f2599d84b8e8d58c7fb62cfe344b" }
// Result: { sanctioned: true, proof: [...], leafIndex: 42 }

DApp Integration (On-Chain)

Any smart contract or DApp on Stellar/Soroban can call the Compliance Oracle contract directly — no API key needed.
The oracle is currently deployed on Stellar Testnet. Mainnet deployment is planned for production launch.

Contract Address

CCDAXPPXNXCM25QHYVEWDYBU3FJTNU6Z6BYCHTRRHJEXU6RGVD32PWQF

Public Functions (Anyone Can Call)

FunctionDescriptionCost
verify_merkle_proof(addr, proof, leaf_index)boolVerify a single address is in the sanctions datasetFree
verify_batch_proofs(addrs, proofs, indices)Vec<bool>Batch verify up to 200 addressesFree
merkle_root()BytesN<32>Get the current Merkle root hashFree
data_hash()BytesN<32>SHA-256 of the full off-chain datasetFree
entity_count()u32Total sanctioned addresses in the treeFree
last_updated()u64Ledger timestamp of the last root updateFree
is_flagged(addr)boolCheck if an address was auto-flagged by agent consensusFree
reports_for(addr)u32Number of unique reporters for an addressFree
report_address(reporter, target, reason)u32Submit a community report (requires auth)Free

DeFi Pre-Transaction Check

Use verify_merkle_proof() atomically inside your own transactions to block sanctioned addresses: 
use soroban_sdk::{contract, contractimpl, Address, Env, String, Vec, BytesN};

// Import the compliance oracle client
mod oracle {
    soroban_sdk::contractimport!(
        file = "compliance_oracle.wasm"
    );
}

const ORACLE_ID: &str = "CCDAXPPXNXCM25QHYVEWDYBU3FJTNU6Z6BYCHTRRHJEXU6RGVD32PWQF";

#[contract]
pub struct MyDeFiProtocol;

#[contractimpl]
impl MyDeFiProtocol {
    /// Swap tokens — rejects sanctioned addresses
    pub fn swap(env: Env, user: Address, amount: i128) {
        user.require_auth();

        // 1. Get proof from Engram API (off-chain, before submitting tx)
        //    GET /v1/compliance/merkle/proof/{address}

        // 2. Verify on-chain (proof passed as tx argument)
        let oracle = oracle::Client::new(
            &env,
            &Address::from_string(&String::from_str(&env, ORACLE_ID)),
        );

        // Also check agent consensus flags
        let addr_str = String::from_str(&env, "user_address_here");
        if oracle.is_flagged(&addr_str) {
            panic!("Address flagged by agent consensus");
        }

        // ... proceed with swap
    }
}

Leaf Encoding

The Merkle tree uses this leaf hash: 
leaf = SHA-256(address.to_xdr())
The XDR envelope wrapping is applied automatically by the Soroban runtime. Off-chain provers (the Engram API) replicate this exact encoding when building the tree.

Typical DApp Flow

1. User submits tx to your DApp

2. Your frontend calls Engram API:
   GET /v1/compliance/merkle/proof/{address}

3. API returns: { sanctioned, proof, leafIndex }

4. Your contract calls oracle.verify_merkle_proof()
   with the proof data as a tx argument

5. If sanctioned → revert. If clean → proceed.
For maximum security, verify on-chain inside your contract. For convenience, the API response alone is sufficient for most use cases — the proof is cryptographically tied to the on-chain Merkle root.

Pricing

TierCost
Merkle proofs (single + batch)Always free
Merkle root statusAlways free
On-chain contract callsAlways free (gas only)
Community reportsAlways free
Stats & proof lookupsAlways free
Full screening (first 10/hour)Free
Full screening (additional)1 credit each