Version 1.0 — Issued by CrownThrive, LLC “Regulatory Alignment, Automated Enforcement, and Risk Mitigation for the Decentralized Licensing & Compliance Layer.”
Audience: Compliance officers, legal architects, governance councils, validator operators, integrators, and Help Center editors curating the CHLOM Compliance category. Scope: Canonical reference for what CHLOM Compliance is, how it’s built, how it operates in production, and which 30+ follow‑on docs to read next.
0 · How to Use this Master Doc (Help Center Index)
- Start here for the big picture and concrete build paths.
- Each section ends with “What to read next” cross‑links into the Compliance category.
- Code examples are illustrative; the authoritative source is the runtime repository and release notes.
1 · System Overview
CHLOM Compliance is the on‑chain enforcement plane for CHLOM™. It binds licenses to jurisdictional rules, validates KPIs, automates sanctions/rewards, and exports immutable audit trails. Compliance logic is executed by deterministic pallets with attestations from oracles and oversight by DAO governance.
1.1 High‑Level Architecture
+-----------------------+ +-------------------+ +------------------------+
| Clients / SDKs |<------>| JSON-RPC / WS |<----->| CHLOM Node (Runtime) |
| (Ops Console, TS/JS) | | (Polkadot-JS) | | FRAME Pallets |
+-----------------------+ +-------------------+ +------------------------+
| pallet_chlom_compliance|
+-----------------------+ +-------------------+ | pallet_chlom_kpi |
| Oracles & Off-chain |<------>| Off-chain Workers | | pallet_chlom_dla |
| (KYC, Sanctions, IoT) | | + Oracle Pallet | | pallet_attestations |
+-----------------------+ +-------------------+ | pallet_chlom_gov |
| pallet_zkprivacy |
+-----------------------+ +-------------------+ | pallet_sustainability |
| Indexers & Analytics |<------>| SubQuery/Sidecar | | pallet_chlom_lex |
| (Subsquid/SubQuery) | +-------------------+ | pallet_treasury |
| staking, session, ... |
+------------------------+
1.2 Consensus & Accounts
- Consensus: BABE + GRANDPA.
- Staking: NPoS via
- Accounts: SS58; sr25519/ed25519; multisig via
What to read next: Doc 01 — Compliance Architecture Overview; Doc 02 — Network & Keys Handbook.
2 · Core Protocols (Functional Specs)
2.1 Licensing Enforcement Protocol (LEP)
Binds License NFTs to live rule packs and breach policies.
Extrinsics (examples):
- compliance.bindLicense(item_id, pack_id, kpi_profile_id)
- compliance.updatePack(item_id, pack_id)
- compliance.freeze(item_id, reason_code)
2.2 Regulatory Conformity Protocol (RCP)
Applies jurisdictional Compliance Packs (statutes, disclosures, consent, escrow).
- packs.activate(region_code, version)
- packs.deprecate(region_code, version)
2.3 KPI Enforcement Protocol (KEP)
Deterministic KPI thresholds with sanction/reward curves.
- kpi.set_thresholds(class_id, metrics[])
- kpi.report(item_id, metric_id, value, oracle_sig)
- kpi.flag(item_id, code)
2.4 Dispute Resolution Protocol (DRP)
On‑chain case lifecycle with evidence attestations and appeal windows.
- dla.openCase(item_id, reason, evidence_ref)
- dla.applySanction(item_id, sanction_code)
- dla.resolve(case_id, ruling)
What to read next: Doc 03 — Licensing Enforcement Spec; Doc 04 — Compliance Packs Spec; Doc 05 — KPI Enforcement Spec; Doc 06 — Dispute Resolution Spec.
3 · Runtime Pallets (FRAME)
Pallet | Purpose | Key Storage | Key Extrinsics | Events/Errors |
pallet_chlom_compliance | Bind rule packs to licenses; execute enforcement | Bindings, BreachPolicies | bindLicense , freeze , lift | LicenseBound , Frozen |
pallet_chlom_kpi | KPI thresholds & oracle reports | Thresholds, Reports | set_thresholds , report , flag | KpiBreached |
pallet_chlom_dla | Case mgmt & sanctions | Cases, Sanctions | openCase , applySanction , resolve | SanctionApplied |
pallet_attestations | Evidence & signatures | Proofs, Signers | submitProof , revokeProof | ProofRecorded |
pallet_oracle_gateway | Oracle feed registry | Feeds, Sigs | registerFeed , attest | Attested |
pallet_zkprivacy | ZK attestations | Circuits, Verifiers | verifyProof , registerCircuit | ProofVerified |
pallet_chlom_gov | Governance hooks | Weights, Roles | setWeight , assignRole | GovWeightChanged |
pallet_sustainability | Impact ledger & offsets | Impacts, Routes | recordImpact , routeOffset | ImpactRecorded |
pallet_chlom_lex | Exchange w/ compliance gates | Orders, Escrow | list , buy , partialSell | TradeSettled |
pallet_treasury | Fines, bounties, offsets | Balances | spend , slash , bounty | TreasurySpent |
What to read next: Doc 07 — Pallet Design Deep Dives (per pallet).
4 · Data Model & Schemas
- CompliancePack:
- LicenseBinding:
- KpiProfile:
- DlaCase:
- AuditLog:
What to read next: Doc 08 — Runtime Storage & Schemas.
5 · Protocol Flows (Sequence Specs)
5.1 Compliance Lifecycle
Apply pack → Bind to license → Operate & report → Monitor thresholds → Auto action or DLA case → Resolve/Appeal → Update pack.
5.2 Breach Handling
kpi.flag
→ dla.openCase
→ evidence via attestations.submitProof
→ dla.applySanction
(slashing, freeze, escrow) → appeal window → resolve
.
5.3 Audit Export
Indexer composes Merkle proof over AuditLog
→ export CSV/JSON + proof → regulator verification via light client.
What to read next: Doc 09 — Sequence Diagrams & State Machines.
6 · Governance & DAO Mechanics
- Voting: CHM stake + reputation weight; quorum/threshold curves; conviction locking; compliance council role.
- Scheduling: Time‑locked execution for sensitive updates; scheduled pack rotations.
- Emergency: Council fast‑track (freeze/unfreeze) with post‑hoc referendum.
What to read next: Doc 10 — Governance Parameters & Processes.
7 · Token Model (Runtime View)
- CHM (governance): stake for voting; validator rewards; council seats gated by rep.
- CHLOM (utility): fees for compliance operations; bonds for license applications; slashing on confirmed breaches; treasury fines routed per policy.
What to read next: Doc 11 — Token Implementation & Fee Model.
8 · Oracles & Off‑Chain Workers
- Feeds: KYC/KYB, sanctions lists (OFAC/PEP), IoT occupancy, POS revenue, sustainability receipts.
- OCWs: batch reports, rate‑limit external calls, sign & submit attestations with retry/backoff.
What to read next: Doc 12 — Oracle Gateway & OCW Patterns.
9 · Indexing & Analytics
- Pipelines: SubQuery/Subsquid for cases, flags, sanctions, offsets, pack versions.
- Dashboards: Compliance posture, breach heatmaps, SLA adherence, appeal timelines.
- Observability: Prometheus exporters; Otel traces from enforcement paths.
What to read next: Doc 13 — Indexing Blueprints; Doc 14 — Observability & Telemetry.
10 · Security, Privacy, and Compliance
- Threats: oracle spoofing, KPI forgery, governance capture, MEV at LEX gate, data leakage.
- Controls: multisig treasuries, code audits, fuzzing, property tests, weight benchmarking, kill‑switch for faulty packs, circuit breakers on mass flags.
- Privacy: ZK‑proofs for sensitive KPIs; selective disclosure; per‑metric redaction; data‑minimization defaults.
What to read next: Doc 15 — Security Standards & Threat Model; Doc 16 — Privacy/ZK Patterns.
11 · Sustainability & Impact Hooks
- recordImpact(kind, amount, ref)
- Treasury routes 1% (scaling to 5%) via Stripe Climate; rotating EcoDrive campaigns; public dashboards & verifiable receipts.
What to read next: Doc 17 — Sustainability Module & API.
12 · Developer Environment & Tooling
12.1 Prereqs
Rust stable + nightly; wasm32-unknown-unknown
; Substrate node template; subkey
; Docker; Polkadot‑JS Apps; regression test data.
12.2 Build & Run
rustup target add wasm32-unknown-unknown
cargo build -p node --release
./target/release/chlom-node --dev
12.3 Testing
Unit tests (cargo test
), integration tests, try-runtime
migrations, property tests (proptest
), fuzzing (cargo fuzz
), scenario tests for breaches/appeals.
What to read next: Doc 18 — Local Dev & Testing Guide.
13 · Deployment Topologies
- DevNet: ephemeral, faucet; mock oracles.
- TestNet: permissioned oracles; sanctions list mirroring; chaos testing.
- MainNet: governed pack updates; SLA enforcement for oracle feeds; snapshot/backup SOPs.
What to read next: Doc 19 — Networks & Chain Specs; Doc 20 — Upgrade Playbook (Forkless Upgrades).
14 · SDKs & API Surfaces
- TypeScript SDK:
- Rust Client: oracle/attestation agents.
- JSON‑RPC: standard Substrate +
Example:
await api.tx.chlomCompliance.bindLicense(itemId, packId, kpiProfileId)
.signAndSend(account)
What to read next: Doc 21 — TS SDK Reference; Doc 22 — Custom JSON‑RPC Extensions.
15 · Royalty & Compliance Interplay
Royalty routes can be held/escrowed on breach; staged releases post‑remediation; fines slashed to treasury; proof receipts attached to settlements.
What to read next: Doc 23 — Royalty Engine & Compliance Gates.
16 · KPI Catalogue & Measurement
Vertical packs (suites, media, commerce) with canonical metrics, windows, and breach policies; normalization & units; ZK‑eligible metrics list.
What to read next: Doc 24 — KPI Library & Policies.
17 · LEX Market Compliance Gates
Order listing checks license binding; sealed‑bid with commit‑reveal for high‑value transfers; oracle‑gated transfers for restricted jurisdictions.
What to read next: Doc 25 — LEX Market Design (Compliance Edition).
18 · DLA Case Management
Lifecycle: Open → Investigate → Sanction/Remediate → Resolve; SLA timers; evidence chain; appeal flow; public redaction policy.
What to read next: Doc 26 — DLA Casebook & Sanction Matrix.
19 · Cross‑Chain & Bridging Compliance
XCM‑based commands; bridge allowlist; jurisdictional constraints enforced at ingress/egress; rate limits & circuit breakers.
What to read next: Doc 27 — Cross‑Chain Strategy (Compliance Hooks).
20 · Compliance Packs by Jurisdiction
Pluggable rule packs per state/country; mapping tables; version calendars; conflict‑of‑law fallback; localized disclosures.
What to read next: Doc 28 — Regional Compliance Packs.
21 · Operational Runbooks (Compliance & Validators)
Compliance Ops (review SLAs, evidence templates, regulator liaison). Validator SRE (monitoring, incident response, key rotation, backups).
What to read next: Doc 29 — Validator Runbook (SRE); Doc 30 — Compliance Ops Manual.
22 · Contribution, Versioning, and SLA
Semantic versions; migration notes; state version bumps; deprecation policy; doc SLAs after each runtime release; change approval via compliance council.
What to read next: Doc 31 — Contributing & Release Process.
23 · Full Documentation Roadmap (30+ Items)
- Compliance Architecture Overview
- Network & Keys Handbook (SS58, Sessions, Staking)
- Licensing Enforcement Spec
- Compliance Packs Spec
- KPI Enforcement Spec
- Dispute Resolution Spec
- Pallet Design Deep Dives (per pallet)
- Runtime Storage & Schemas
- Sequence Diagrams & State Machines
- Governance Parameters & Processes
- Token Implementation & Fee Model
- Oracle Gateway & Off‑chain Workers
- Indexing Blueprints (SubQuery/Subsquid)
- Observability & Telemetry (Prometheus/Otel)
- Security Standards & Threat Model
- Privacy & ZK Patterns
- Sustainability Module & API
- Local Dev & Testing Guide
- Networks & Chain Specs
- Upgrade Playbook (Forkless Upgrades)
- TypeScript SDK Reference
- Custom JSON‑RPC Extensions
- Royalty Engine & Compliance Gates
- KPI Library & Policies
- LEX Market Design (Compliance Edition)
- DLA Casebook & Sanction Matrix
- Cross‑Chain Strategy (Compliance Hooks)
- Regional Compliance Packs
- Validator Runbook (SRE)
- Compliance Ops Manual
- Disaster Recovery & Backups
- Performance & Benchmarking (Weights)
24 · Final Notes for Help Center Editors
- Keep this master up to date with each runtime release.
- Every new pallet/upgrade must link back to this index and add a child doc entry.
- Cross‑check examples against the repository CI snapshot before publishing.
Appendix A — Example Types (Rust)
pub struct CompliancePack {
pub pack_id: u32,
pub region_code: Vec<u8>,
pub version: u32,
pub rules_cid: Vec<u8>,
pub active_from: u64,
pub deprecated: bool,
}
pub struct DlaCase {
pub case_id: u64,
pub item_id: u64,
pub reason: Vec<u8>,
pub evidence: BoundedVec<Vec<u8>, ConstU32<32>>,
pub status: u8,
pub sanction: u32,
}
Appendix B — Example TS SDK Call
await api.tx.chlomCompliance.bindLicense(itemId, packId, kpiProfileId)
.signAndSend(account, ({ status, events }) => { /* ... */ })
Disclaimer: Technical documentation; not legal advice. Always align deployments with applicable laws and the CHLOM Governance decisions.