OathLayer

OathLayer is a trustless SLA enforcement protocol for tokenized real-world asset infrastructure. Today, when a cloud provider breaks their uptime SLA, the customer files a ticket, waits weeks, and maybe gets a service credit. OathLayer replaces that with automated, on-chain enforcement.
How it works:

1. Providers register with World ID verification (Sybil-resistant identity) and bond ETH as collateral
2. Chainlink CRE monitors provider uptime every 15 minutes via cron trigger
3. When metrics degrade, a 3-agent adversarial AI Tribunal (Risk Analyst, Provider Advocate, Enforcement Judge) deliberates using Groq/Llama 3.3 — all inference runs inside TEE enclaves via ConfidentialHTTPClient
4. Unanimous breach verdict + uptime below SLA threshold → bond automatically slashed on-chain. No human intervention.
5. Disputed penalties can be challenged through World ID-gated human arbitration
   The protocol uses 5 CRE capabilities (cron trigger, EVM log trigger, ConfidentialHTTPClient, Secrets, cross-chain relay), runs on two Tenderly Virtual TestNets with State Sync, and bridges World ID cross-chain from World Chain to Sepolia via CRE — enabling Sybil-resistant identity on chains where World ID isn't natively supported.

How It's Built

• Smart Contracts — Solidity ^0.8.20, Foundry for testing/deployment. SLAEnforcement on Sepolia handles SLA creation, bond management, breach recording, and claims. WorldChainRegistry on World Chain Sepolia handles World ID proof verification and emits events for CRE relay.
• CRE Workflow — TypeScript with Chainlink CRE SDK. Cron trigger scans SLAs every 15 minutes. EVM Log triggers react to claims, provider registrations, and arbitrator registrations. ConfidentialHTTPClient encrypts compliance checks and AI inference calls in TEE enclaves.
• AI Tribunal — 3-agent sequential deliberation using Groq (Llama 3.3 70B). Risk Analyst evaluates metrics, Provider Advocate defends with historical context, Enforcement Judge weighs both arguments with 1.5x vote weight. All agents called via ConfidentialHTTPClient — API keys never leave the TEE.
• World ID — IDKit v4 on dashboard, MiniKit in World Mini App. ZK proofs verified on-chain via WorldChainRegistry, relayed cross-chain to Sepolia by CRE. Two use cases: provider registration (Sybil-resistant identity) and arbitrator access (human override of AI decisions).
• Tenderly — Two Virtual TestNets with State Sync enabled: Sepolia fork for enforcement, World Chain Sepolia fork for identity. Public explorers for judge verification. evm_increaseTime for cooldown testing.
• Frontend — Next.js 14, wagmi v2, viem, RainbowKit. Ponder v0.12 indexes all contract events into a GraphQL API. Dashboard polls Ponder every 5 seconds for real-time updates.
• Deployment — Dashboard on Vercel. Mock API, Mini App, and Ponder Indexer on VPS via Docker + Traefik reverse proxy with auto-SSL.