CHLOM™ Identity & Fingerprint ID Master Technical Document

Version 1.0 — Issued by CrownThrive, LLC “Decentralized Identity, Consent, Device Binding, Biometrics, and Risk Controls for the Licensing & Compliance Layer.”

Audience: Identity architects, security engineers, compliance leads, wallet/app developers, validator operators, and Help Center editors curating the Identity & Fingerprint ID category. Scope: Canonical reference for how CHLOM models identity (DIDs + VCs), implements Fingerprint ID (biometric template + device fingerprinting), handles consent/privacy, binds accounts to devices, and enforces risk‑aware access—plus which 30+ follow‑on docs to read next.

0 · How to Use this Master Doc (Help Center Index)

Start here for the big picture and concrete build paths for identity enrollment, verification, device binding, authentication, and recovery.
Each section ends with “What to read next” cross‑links into the Identity category.
Code samples are illustrative; the authoritative sources are the runtime repository, identity gateway, and governance records.

1 · System Overview

CHLOM Identity combines decentralized identifiers (DIDs), verifiable credentials (VCs), privacy‑preserving biometrics, and device fingerprinting to secure licenses, operators, and marketplaces without central honeypots of raw personal data.

DIDs & VCs: Portable, revocable credentials (KYC/KYB, age, role, jurisdiction) signed by approved issuers.
Fingerprint ID: Two parts:
Consent & Privacy: Fine‑grained consent artifacts, data‑minimization by default, ZK options for selective disclosure.
Risk Engine: Dynamic policies (geo, device health, velocity, sanctions, KPI flags) drive step‑up auth (liveness, additional proof) before sensitive actions.

Visibility Policy — Read Me First

DIDs are public-facing: resolvable identity handles that may appear in profile pages, receipts, dashboards, and LEX order books where policy requires.
Fingerprint ID is non-public: an internal enforcement/attribution key. It is never shown in UI, never returned by public RPCs or indexers, and never logged in plaintext. Only salted commitments and/or zk-proof verifications are processed.

1.1 High‑Level Architecture

+------------------------------+    +----------------------+    +-----------------------------+
|  Apps & Wallets              |<-->| Identity Gateway     |<-->|  Reference Chain (Runtime)  |
|  (Enroll, Auth, Recover)     |    | (REST/WS + SDK)      |    |  FRAME Pallets              |
+------------------------------+    +----------------------+    +-----------------------------+
                                                                | chlom_identity / attestations|
+------------------------------+    +----------------------+     | oracle_gateway / zkprivacy   |
|  Issuers & Oracles           |<-->| Off-chain Workers    |     | compliance / dla / treasury  |
| (KYC/KYB, liveness, device)  |    | (OCWs; sign attest.) |     | governance / scheduler ...   |
+------------------------------+    +----------------------+     +-----------------------------+

+------------------------------+    +----------------------+
|  Indexers & Analytics        |<-->| SubQuery/Subsquid    |
|  (risk, consent, revocation) |    | + Sidecar            |
+------------------------------+    +----------------------+

1.2 Consensus & Accounts

Consensus: BABE + GRANDPA (reference chain).
Staking: NPoS; identity parameters governed on‑chain.
Accounts: SS58; sr25519/ed25519; multisig & proxy; DID keys may be separate from spend keys.

What to read next: Doc 01 — Identity Architecture & Domain Model; Doc 02 — Network & Keys Handbook.

2 · Core Protocols (Functional Specs)

2.1 DID & Credential Protocol (DCP)

Defines DID registration, issuer allowlists, VC issuance, verification, and revocation lists.

Extrinsics (examples):

identity.registerDid(did_doc_cid)
identity.addKey(did, key_ref, purpose)
identity.registerIssuer(issuer_id, scopes[])
attestations.submitCredential(did, vc_cid, sig)
attestations.revokeCredential(vc_id, cause)

2.2 Fingerprint ID Protocol (FIP)

Visibility: Non‑public. No public API returns or accepts a raw Fingerprint ID. Interactions occur via commitments, attestations, and short‑lived auth tokens. Logs must redact commitments; salts are never stored.

Two lanes with a common verifier:

Biometric Template Lane (optional): on‑device extraction → cancellable template → salted commitment → zk‑proof at auth time (
Device Fingerprint Lane: device attestation (platform APIs) + privacy‑respecting fingerprint vector → hashed, rotated identifier with per‑policy TTL.

Extrinsics (examples):

identity.bindBiometric(did, bio_commitment, proof_ref, consent_id)
identity.bindDevice(did, device_hash, attestation_ref, ttl)
identity.rotateBiometric(did)
identity.rotateDevice(did, device_hash)
identity.verifySession(did, auth_token)

2.3 Consent & Disclosure Protocol (CDP)

Explicit consent objects for each factor (KYC, biometric, device, marketing). Localized disclosures; withdrawal revokes bindings.

identity.recordConsent(did, consent_cid, scopes[])
identity.withdrawConsent(did, scope)

2.4 Risk & Step‑Up Protocol (RSP)

Risk score computed from velocity, geo, sanctions, DLA flags, device health. Thresholds trigger liveness or secondary proof.

identity.setRiskPolicy(policy_id, curves)
identity.challenge(did, kind)
identity.completeChallenge(challenge_id, proof)

What to read next: Doc 03 — DID & VC Spec; Doc 04 — Fingerprint ID Spec; Doc 05 — Consent & Disclosure Spec; Doc 06 — Risk & Step‑Up Spec.

3 · Runtime Pallets (FRAME)

Pallet	Purpose	Key Storage	Key Extrinsics	Events
`pallet_chlom_identity`	DIDs, keys, consents, device/biometric bindings	Dids, Keys, Consents, Bindings	`registerDid`, `addKey`, `bindDevice`, `bindBiometric`, `rotate*`	`DidRegistered`, `DeviceBound`, `BiometricBound`
`pallet_attestations`	VC registry & revocations	Credentials, Revocations	`submitCredential`, `revokeCredential`	`CredentialRecorded`, `CredentialRevoked`
`pallet_oracle_gateway`	Issuer & liveness feeds	Feeds, Sigs	`registerFeed`, `attest`	`Attested`
`pallet_zkprivacy`	ZK verification (biometric/age proofs)	Circuits, Verifiers	`verifyProof`, `registerCircuit`	`ProofVerified`
`pallet_chlom_compliance`	Regional gates & packs	Packs, Bindings	`bindLicense`, read‑gates	`LicenseBound`
`pallet_chlom_dla` (read)	Enforcement flags	Cases, Sanctions	—	`SanctionApplied`
`pallet_scheduler`	Key/consent expiries	Schedules	`schedule`	`Scheduled`
`pallet_treasury`	Subsidies & bounty	Approvals	`proposeSpend`	`TreasuryProposed`

What to read next: Doc 07 — Pallet Design Deep Dives (Identity Set).

4 · Data Model & Schemas

DidDocument (PUBLIC):
VerifiableCredential:
BiometricBinding (PRIVATE):
DeviceBinding (PRIVATE):
Consent:
RiskPolicy:

What to read next: Doc 08 — Runtime Storage & Schemas (Identity).

5 · Protocol Flows (Sequence Specs)

5.1 Onboard & Enroll

Create DID → record consent → KYC VC issued by oracle → (optional) Fingerprint ID enrollment (biometric + device) → risk baseline set.

5.2 Authenticate with Step‑Up

App requests action → gateway checks risk → if high, trigger liveness and/or biometric zk‑proof → on pass, mint short‑lived auth token for the call.

5.3 Device Loss & Recovery

Mark device compromised → challenge with secondary factor (guardian social recovery / WebAuthn key) → rotate device binding and (optionally) biometric template.

5.4 Credential Revocation

Issuer posts revocation → VC status updated → dependent privileges suspended until new VC provided.

What to read next: Doc 09 — Sequence Diagrams & State Machines (Identity).

6 · Governance & DAO Mechanics

DAO governs issuer allowlists, accepted VC schemas, biometric circuit IDs, retention/TTL defaults, and risk curves. Emergency council can disable biometric lane or raise step‑up levels; post‑hoc referendum ratifies.

What to read next: Doc 10 — Governance Parameters & Processes (Identity).

7 · Token Model (Runtime View)

CHM: vote on issuer lists, schemas, risk policies, subsidies.
CHLOM: fees for DID ops, VC recording, device rotations, zk verifications; 1%→5% sustainability routing on eligible fees.

What to read next: Doc 11 — Token Implementation & Fee Model (Identity).

8 · Oracles & Off‑Chain Workers

Issuers for KYC/KYB, liveness providers, device attestation services. OCWs batch proof records, rate‑limit upstreams, and publish signed attestations.

What to read next: Doc 12 — Oracle Gateway & OCW Patterns (Identity).

9 · Indexing & Analytics

Dashboards for DID growth, VC issuance/revocation, device health, step‑up frequency, biometric success rate (aggregate only), risk outcomes, consent withdrawals; exportable regulator bundles.

What to read next: Doc 13 — Indexing Blueprints; Doc 14 — Observability & Telemetry.

10 · Security, Privacy, and Compliance

Threats: biometric template leakage, correlation tracking, replay, oracle spoofing, SIM‑swap, deepfake liveness. Controls: cancellable templates, on‑device derivation, no raw biometrics on‑chain, zk proofs, nonce‑based liveness, mutual‑TLS to issuers, bounded math, rate limits, consent withdrawal.

Compliance: region‑specific rules (e.g., GDPR/CCPA data rights, age gating, biometric notice/consent statutes). Redaction & export tooling for user requests.

What to read next: Doc 15 — Security Standards & Threat Model; Doc 16 — Privacy/ZK Patterns & Legal Notes.

11 · Sustainability & Impact Hooks

A portion of eligible identity fees routes 1% (scaling to 5%) through Stripe Climate; rotating EcoDrive campaigns (clean water, food, kelp, plastic removal, trees, jobs). Impact logs can be linked to verified identities for community badges (opt‑in).

What to read next: Doc 17 — Sustainability Module & API.

12 · Developer Environment & Tooling

12.1 Prereqs

SDKs, DID/VC libraries, mobile secure enclave access, WebAuthn support, ZK circuits (age, biometric), device attestation integrations.

12.2 Build & Run (Reference Chain)

rustup target add wasm32-unknown-unknown
cargo build -p node --release
./target/release/chlom-node --dev

12.3 Testing

Unit/integration tests; fuzzing for parser/codec; property tests for consent TTL; adversarial tests for liveness/biometric anti‑replay; test vectors for device hash rotation.

What to read next: Doc 18 — Local Dev & Testing Guide (Identity).

13 · Deployment Topologies

DevNet (fake issuers/liveness), TestNet (permissioned issuers; chaos tests), MainNet (SLA’d issuers; governance‑controlled schema updates; snapshots/backups; incident SOPs).

What to read next: Doc 19 — Networks & Chain Specs; Doc 20 — Upgrade Playbook (Forkless Upgrades).

14 · SDKs & API Surfaces

TypeScript SDK & mobile bridges; JSON‑RPC (standard + identity_*).

Examples (TS):

// Register a DID
await api.tx.chlomIdentity.registerDid(didDocCid).signAndSend(account)

// Bind a device fingerprint (attested)
await api.tx.chlomIdentity.bindDevice(did, deviceHash, attestationCid, 2_592_000) // 30d TTL
  .signAndSend(account)

// Prove biometric match via zk circuit (off-chain prove, on-chain verify)
await api.tx.zkprivacy.verifyProof(proofBytes, circuitId).signAndSend(account)

What to read next: Doc 21 — TS SDK Reference (Identity); Doc 22 — Mobile Bridges & WebAuthn; Doc 23 — Custom JSON‑RPC Extensions.

15 · Licensing & Market Interop

Before sensitive calls (license mint/transfer, LEX settlement), apps should verify: VC status, DLA flags, risk score and require step‑up if policy dictates.

What to read next: Doc 24 — Interop: Licensing/LEX/TLAAS Hooks.

16 · KPI Catalogue & Measurement (Identity)

KPIs: DID adoption, VC issuance/revocation rate, device churn %, biometric match success %, step‑up rate, false reject/accept (FRR/FAR), issuer uptime, median recovery time.

What to read next: Doc 25 — KPI Library & Policies (Identity).

17 · TLaaS & TLAAS Interactions

TLaaS (LEX): read‑gates (age/region/role) + ROFR identity checks.
TLAAS (DLA): escalations for identity fraud →

What to read next: Doc 26 — Casebook & Escalation (Identity).

18 · Cross‑Chain & Bridging (Identity Artifacts)

XCM messages for credential attestations; bridge allowlists; rate limits; conflict‑of‑law fallbacks; foreign DID method mappings.

What to read next: Doc 27 — Cross‑Chain Strategy (Identity).

19 · Compliance Packs by Jurisdiction (Identity)

Pluggable packs that encode disclosure, retention, biometric consent wording, age‑gating, and regulator export schemas per region.

What to read next: Doc 28 — Regional Compliance Packs (Identity).

20 · Operational Runbooks (Identity Ops)

Enrollment QA, issuer onboarding, key rotation calendars, revocation list publication, device hash rotation cadence, incident response for compromised issuers.

What to read next: Doc 29 — Identity Ops Runbook; Doc 30 — Governance Ops Manual (Identity).

21 · Contribution, Versioning, and SLA

Semantic versions for schemas/circuits; migration notes; deprecation policy; documentation SLAs; circuit audit requirements before activation.

What to read next: Doc 31 — Contributing & Release Process (Identity).

22 · Accessibility & Inclusion

Guidelines for liveness challenges that respect accessibility needs; alternative step‑up paths (voice OTP, guardianship); inclusive UX copy; localized consent.

What to read next: Doc 32 — Inclusive Identity UX Guide.

23 · Full Documentation Roadmap (32+ Items)

Identity Architecture & Domain Model
Network & Keys Handbook
DID & VC Spec
Fingerprint ID Spec (Biometric + Device)
Consent & Disclosure Spec
Risk & Step‑Up Spec
Pallet Design Deep Dives (Identity Set)
Runtime Storage & Schemas (Identity)
Sequence Diagrams & State Machines (Identity)
Governance Parameters & Processes (Identity)
Token Implementation & Fee Model (Identity)
Oracle Gateway & OCW Patterns (Identity)
Indexing Blueprints
Observability & Telemetry
Security Standards & Threat Model
Privacy/ZK Patterns & Legal Notes
Sustainability Module & API
Local Dev & Testing Guide (Identity)
Networks & Chain Specs
Upgrade Playbook (Forkless Upgrades)
TS SDK Reference (Identity)
Mobile Bridges & WebAuthn
Custom JSON‑RPC Extensions
Interop: Licensing/LEX/TLAAS Hooks
KPI Library & Policies (Identity)
Casebook & Escalation (Identity)
Cross‑Chain Strategy (Identity)
Regional Compliance Packs (Identity)
Identity Ops Runbook
Governance Ops Manual (Identity)
Disaster Recovery & Backups (Identity)
Circuit Audit & Activation Process
Accessibility & Inclusion Guide

24 · Final Notes for Help Center Editors

Keep this master current with each runtime, schema, and circuit release.
Every new issuer, circuit, or risk policy must link back here and add a child doc entry.
Cross‑check examples against the latest CI snapshot and governance decisions before publishing.

Appendix A — Example Types (Rust)

pub struct DidDocument { pub did: Vec<u8>, pub keys: BoundedVec<(Vec<u8>, u8), ConstU32<16>>, pub services: BoundedVec<Vec<u8>, ConstU32<16>>, pub controller: Option<Vec<u8>>, pub version: u32, pub doc_cid: Vec<u8> }
pub struct BiometricBinding { pub did: Vec<u8>, pub bio_commitment: [u8;32], pub circuit_id: u32, pub consent_id: u64, pub enrolled_at: u64, pub rotated_at: Option<u64> }
pub struct DeviceBinding { pub did: Vec<u8>, pub device_hash: [u8;32], pub attestation_ref: Vec<u8>, pub ttl: u64, pub last_seen: u64 }

Appendix B — Example TS SDK Calls

// Register a DID (PUBLIC identifier — safe to display)
await api.tx.chlomIdentity.registerDid(didDocCid).signAndSend(account)

// Bind Fingerprint ID (biometric commitment) — PRIVATE: do NOT log bioCommitment/proofs
await api.tx.chlomIdentity.bindBiometric(did, bioCommitment, proofCid, consentId).signAndSend(account)

// Bind device fingerprint — PRIVATE: do NOT log deviceHash/attestationCid
await api.tx.chlomIdentity.bindDevice(did, deviceHash, attestationCid, 2_592_000).signAndSend(account)

Disclaimer: Identity documentation; not legal advice. Always obtain explicit consent, comply with regional biometric/privacy laws, and align with CHLOM Governance decisions.

Help Center Cross‑References

See: 🔐 CHLOM Fingerprint ID – In‑Depth Overview (public article)

Was this article helpful?

DID + Fingerprint ID + ZKP + SBTs + NFTs + FTs — Integrated Architecture in CHLOM™