TrustRoute

TrustRoute is a confidential compliance layer for crypto institutions that solves the FATF Travel Rule privacy paradox. The Travel Rule requires VASPs to share customer PII (names, wallets, account numbers) with counterparty institutions during transfers over $1,000. Every existing solution: Notabene, TRISA, TRP, requires transmitting plaintext PII to counterparties, creating the exact data breach liability institutions are trying to avoid. $927M in Travel Rule fines were issued in 2025 alone.
TrustRoute eliminates this entirely. When a VASP initiates a transfer, TrustRoute's CRE workflow runs inside a Trusted Execution Environment. It screens both sender and receiver against 130+ global sanctions watchlists (OFAC, UN, EU) via Confidential HTTP to OpenSanctions. It verifies both VASPs are legitimately licensed financial institutions via the GLEIF LEI registry. Then it makes a policy decision — AUTHORIZED or BLOCKED — and writes a cryptographic attestation onchain. That attestation gates the Chainlink ACE private token system: no attestation means tokens physically cannot move.
The critical guarantee: customer PII never leaves the TEE enclave. The counterparty never sees it. The blockchain never sees it. The only onchain data is the compliance decision and piiExposed: false. A regulator can verify every compliance decision on Etherscan without seeing a single byte of customer data.

rustRoute is a full-stack TypeScript monorepo with four layers:

1. Smart Contracts (Solidity/Foundry): TrustRouteAttestation.sol records compliance decisions onchain with a secondary index for policy lookups. TrustRoutePolicy.sol implements the Chainlink ACE IPolicy interface — registered in the PolicyEngine, it gates all token transfers. TrustRouteToken.sol is an ERC20 with PolicyProtected, meaning transfer() physically reverts without a valid attestation. 46 tests passing. Deployed on Sepolia.
2. CRE Workflow (TypeScript/@chainlink/cre-sdk): A 9-step pipeline triggered via HTTP. Parses the transfer intent, retrieves the OpenSanctions API key from Vault DON, screens sender and receiver via Confidential HTTP, verifies both VASPs against GLEIF, makes the policy decision, and writes the attestation onchain via KeystoneForwarder's onReport(). All API calls use Confidential HTTP — responses never leave the TEE.
3. Backend API (Bun/Hono): REST API that runs the same compliance pipeline locally (identical logic to the CRE workflow) with progressive status updates. Endpoints: POST /compliance/screen, GET /compliance/:txId, GET /transactions, GET /vasps/verify/:name, GET /stats.
4. Dashboard (Next.js 14/Tailwind): Bloomberg Terminal-style compliance UI with four views — live transaction feed, transfer simulator with animated step indicator, VASP registry with real-time GLEIF search, and compliance report with charts and CSV export.