Compliance

The standard framing is that financial privacy and regulatory compliance are opposed. Raycash rejects that framing. We follow the compliance of a bank with the trust model of a self-custodial wallet — bringing the best of both worlds together.

The split

Two layers, solving two different problems:

• The asset layer — who holds what, who sent what to whom. Encrypted onchain, hidden from unauthorized third parties.
• The policy layer — are you a real, verified person? Are you in a permitted jurisdiction? Have you completed KYC? This is a set of checks about who you are, not about your balance.

A policy check doesn't need to publish your balance to the world to be effective. It only needs to answer yes/no questions about who you are.

How the wrapper works — and why deposits are quarantined

Your confidential balance is minted by a wrapper contract that takes a cleartext stablecoin (USDC, initially — producing cUSDC) and issues you an equal amount in encrypted form. That wrapper is the compliance perimeter: money that enters it has to be tied to a verified user.

When you deposit, the app gives you a unique deposit address generated just for that deposit. Cleartext USDC sent to that address sits there as an isolated quarantine — it belongs to nobody in the protocol yet. It only gets wrapped into your confidential balance once the compliance checks pass: your address has a valid KYC attestation, the deposit clears sanctions screening, and the source looks legitimate.

If anything fails the check, the funds don't enter the confidential system. They stay in the quarantine address and can be returned. Dirty money never mixes with the encrypted pool.

How KYC attestations work

When you sign up, you complete identity verification. Our authorized KYC attester issues an onchain attestation through the Ethereum Attestation Service (EAS) — a small signed statement that says "this address is KYC-verified." The attestation lives onchain, independently of your balance.

The protocol's transfer hook checks that attestation before allowing a transfer to complete. If the attestation is present and valid, the transfer proceeds. If not, the transfer is blocked.

The hook never sees your balance. It sees your address and your attestation. That's all it needs.

What gets checked, when

Exit is always callable

This is the protocol's strongest guarantee. Even if your KYC is revoked, even if the hook contract is broken, even if the attester disappeared — you can still withdraw. The exit path uses try/catch around hook calls; if the hook reverts, the wrapper emits an event and proceeds anyway.

Why is this important? Because the alternative — a system that can trap funds under compliance rules — looks a lot like a bank, and defeats the point of self-custody. The design principle is: policy at entry, freedom at exit.

What happens if your KYC is revoked

• You can still sign in, see your balance, and withdraw onchain.
• New incoming transfers to your confidential balance will be blocked.
• Outgoing confidential transfers will be blocked.
• Your card may be suspended by our BaaS partner, independently of the protocol.

In other words: you keep your money, you lose the service. You can always get your cleartext USDC out.

Best of both worlds

A bank is compliant because regulators have full visibility into accounts — but as a user you trust the bank completely with your money. A classic crypto wallet is self-custodial but doesn't help with compliance — and so regulated services can't build on top of it.

Raycash is compliant to the same standard as a bank (KYC, sanctions, quarantine, reporting) while keeping the trust model of a self-custodial wallet (we can't move your money, we can't confiscate your balance, the exit is always callable). That combination is the design insight.

Deep dive

• Protocol → Hooks — transfer hook and exit hook semantics
• Protocol → Attestation — EAS, attester policy, revocation
• Protocol → Deposits — the deposit address and wrapper mechanics