ASP & Compliance
The Association Set Provider (ASP) is ShieldFlow's compliance layer. It maintains a Merkle tree of approved deposits, ensuring only verified users can withdraw privately.
How ASP Works
Event Monitoring
ASP listens for Deposited events on all registered pools. When a new deposit is detected, the compliance pipeline is triggered automatically.
Compliance Screening
Each deposit passes through a local blocklist check (instant) followed by Nominis deep wallet screening, which traces fund sources up to 3 hops back. Screening may take up to 24 hours.
Tree Management
Approved deposits are added to the ASP Merkle tree. Rejected deposits are flagged and never added, preventing sanctioned funds from entering the compliant set.
On-Chain Publication
The Postman service posts the new Merkle root along with an IPFS CID to the Entrypoint contract every 60 seconds, making the latest compliance state available on-chain.
What Gets Screened
Compliance Providers
Nominis
Deep wallet screening across 70+ blockchains. Nominis traces fund sources up to 3 hops back to identify sanctioned wallets, hack proceeds, and high-risk activity. Deposits are scored as low, medium, high, or critical risk.
Screening Mode
Full (depth: 3 hops)
Risk Threshold
Reject high & critical
Max Review Time
Up to 24 hours
Global ASP Root
API Endpoints
The ASP exposes public endpoints for querying Merkle tree state and generating inclusion proofs.
/{chainId}/public/mt-rootsReturns all published Merkle tree roots for the given chain.
/{chainId}/public/mt-leavesReturns all leaf data for the ASP Merkle tree on the given chain.
/{chainId}/public/inclusion-proof/{label}Returns the Merkle inclusion proof for a specific deposit label.
# Fetch the latest Merkle roots for Ethereum mainnet
curl https://asp.shieldflow.xyz/1/public/mt-roots
# Get an inclusion proof for a specific deposit
curl https://asp.shieldflow.xyz/1/public/inclusion-proof/0xabc123...