Whisky Cask CRE

Whisky cask fraud is a real problem. Braeburn Capital, Nant Distillery, and dozens of smaller operators have defrauded investors by selling casks that don't exist, double-pledging inventory, or misrepresenting maturation status. The global whisky cask investment market has no standardized verification layer.
Whisky is arguably the ideal real-world asset for tokenization. A barrel sits in a bonded warehouse for 5, 10, 20+ years — and unlike most assets, it appreciates. Angel's share reduces volume but concentrates flavor and increases per-unit value, creating a natural yield curve driven by chemistry, not financial engineering. You can't physically inspect it without breaking the seal. Ownership frequently transfers during maturation. The warehouse operator is the sole source of truth — and that's exactly the single point of trust that bad actors have exploited. Unlike real estate or commodities with public registries and spot markets, whisky casks have no independent verification mechanism. An onchain attestation layer unlocks financial primitives — collateral that strengthens over time, yield from physical aging, fractionalized ownership with provenance — that are impossible without verified reserve data. CRE workflows replace blind trust with cryptographic proof.
Whisky Cask CRE connects physical warehouse systems to on-chain attestation through Chainlink CRE. Four automated workflows — Proof of Reserve, Physical Attributes, Lifecycle Webhook, and Lifecycle Reconcile — pull real gauge data from warehouse APIs, encode it in TTB-native units (proof gallons, wine gallons, proof degrees), and submit cryptographic attestation reports to a Solidity contract via KeystoneForwarder.
The contract enforces a cask lifecycle state machine (FILLED → MATURATION → REGAUGED → TRANSFER → BOTTLING_READY → BOTTLED) and stores both public and confidential attestations.

Confidential mode — powered by CRE's ConfidentialHTTPClient — stores only a boolean pass/fail and a keccak256 hash on-chain, keeping commercially sensitive inventory data private while still proving reserve integrity.

A Next.js dashboard displays reserve health, individual cask explorer with angel's share estimation, and lifecycle event feeds, with rendering that adapts based on attestation privacy mode.

Smart Contract: Solidity (Foundry), 432 lines with 20 tests. Oracle receiver dispatching to 4 report types via onReport(bytes). Full lifecycle state machine with transition validation and stale timestamp rejection.
CRE Workflows: 4 TypeScript workflows using CRE SDK — CronCapability and HTTPCapability triggers, HTTPClient/ConfidentialHTTPClient for warehouse API calls, EVMClient for onchain reads, report submission via submitReports. Each has a CRE entrypoint and a local simulation script.
Warehouse API: Hono/TypeScript, 11 endpoints, mock warehouse adapter with 47 seeded casks. Angel's share estimation model, reference valuation, keccak256 attestation hash computation. WarehouseAdapter interface designed for real system integration.
Dashboard: Next.js 15, React 19, viem. Three pages: Reserve overview, Cask Explorer, Lifecycle Feed. Privacy-aware rendering — confidential attestations show boolean + hash only.
Domain Model: All units follow 27 CFR 19.618/619 TTB gauge record standards.