The SCO operates as a zero-trust, cryptographically secured compliance middleware layer bridging legacy mobile money rails to decentralized networks. All endpoints require TLS 1.3 and payload serialization.
The gateway intercepts inbound payloads and executes real-time Zero-Knowledge Proof (ZKP) identity verification against Tier-1 banking signatures before authorizing downstream ledger state transitions.
- Base URL:
https://sco.agribackup.com - Content-Type:
application/json
POST /v1/compliance/route-mpesa
Ingests the legacy transaction receipt, evaluates the payload against the Central Bank of Kenya (CBK) VASP Regulations 2026 and FATF Recommendation 16 (Travel Rule), and executes atomic ledger reconciliation.
| Field | Type | Description |
|---|---|---|
daraja_receipt |
String | Unique Safaricom M-Pesa transaction reference (e.g., OAK441JDF). |
amount |
Number | Gross transaction value in Kenyan Shillings (KES). |
user_did |
String | Cryptographic Decentralized Identifier of the originator (did:hedera:testnet:...). |
vc |
Object | The signed Verifiable Credential object issued by an authorized custodian bank. |
{
"daraja_receipt": "OAK441JDF",
"amount": 10000,
"user_did": "did:hedera:testnet:6c8347a45aa362b66991c4a9debb3162ec6d58327530c53567f37f855410e279",
"vc": {
"@context": [
"https://www.w3.org/2018/credentials/v1"
],
"id": "urn:uuid:584e0dcc-ed16-486f-a0dc-0859cb312a38",
"type": [
"VerifiableCredential",
"FATFTravelRuleCredential"
],
"issuer": "did:hedera:testnet:d2fb3c98df54d081439f7cb33e886568adb56c1b728012b2240f3e0b0b16c293",
"issuanceDate": "2026-06-20T21:38:22.260Z",
"credentialSubject": {
"id": "did:hedera:testnet:6c8347a45aa362b66991c4a9debb3162ec6d58327530c53567f37f855410e279",
"walletAddress": "0xABC123DEF456",
"kycStatus": "CLEARED",
"amlRiskScore": 0,
"clearanceLevel": 3
},
"proof": {
"type": "Ed25519Signature2018",
"created": "2026-06-20T21:38:22.260Z",
"verificationMethod": "did:hedera:testnet:d2fb3c98df54d081439f7cb33e886568adb56c1b728012b2240f3e0b0b16c293",
"signatureValue": "fc0955f6807aa12c2bf966d80bf9c8cdcdad01f2061ca872b876a3c48a3b7ab5d09b5b4b93fa65b8f11a665cdab7bec6fc0d7a0f3daac60677bc485ffc00b905"
}
}
}{
"status": "success",
"message": "Atomic Compliance Achieved",
"hedera_sequence": "4695471",
"financials": {
"gross": 10000,
"tax": 5,
"net": 9995
}
}The engine enforces absolute compliance boundaries. Failures return deterministic JSON error payloads accompanied by standard HTTP status codes.
Triggered when the client-provided Verifiable Credential has an invalid cryptographic signature or fails signature extraction.
{
"error": "Compliance Halt: Invalid Verifiable Credential signature."
}Triggered by the cbkThrottler middleware when a single user DID projects a cumulative daily volume exceeding the Central Bank of Kenya statutory transaction limit of KES 500,000.
{
"error": "CBK Limit Exceeded. Projected volume KES 510000 exceeds daily limit of KES 500000."
}Triggered by the Proof-of-Reserves (PoR) Oracle when algorithmic verification detects insufficient fiat or T-Bill liquidity backing relative to token circulating supply.
{
"error": "Proof of Reserves Failed. Minting Halted."
}