I noticed the problem while reading through a test transfer that got rejected for "jurisdiction mismatch." Nothing weird on the surface, wallet looked clean, funds were fine.
I assumed it was a stale sanctions list. Figured some cache somewhere hadn't refreshed.
Wrong track entirely. Turned out the rejection had nothing to do with sanctions data at all — it was Persona's residency attribute conflicting with a policy rule tied to a completely different jurisdiction than I expected. The wallet owner's declared state didn't line up with what the policy required for that specific asset class.
That was the first mismatch. I kept assuming "compliance check" meant one static gate. It doesn't. It's several attributes — age, nationality, residency, state — each one checked independently, and the transaction only proceeds if all of them line up with whatever the policy demands for that specific action.
Access ≠ Usage. The wallet had access to the app. It did not automatically have usage rights for that transaction, because usage rights depend on identity attributes evaluated fresh, per action, not once at signup.
Chain looks like: transfer requested → Persona attributes pulled → policy evaluated against jurisdiction rules → TEE processes it privately → attestation issued or denied → settlement or rejection. No attribute ever touches the public chain. Only the yes/no receipt does.
The hidden dependency I hadn't thought about — this whole thing depends on Persona's data being current at the exact moment of the check, not when the user onboarded. Residency status isn't permanent. People move. Regulations shift under them.
I still don't know how often re-verification actually triggers versus just running off cached identity data. Nobody's told me the interval.
What happens when a jurisdiction changes its rules mid-day and thousands of wallets suddenly fail a check they passed that morning? #newt $NEWT
Усі коментарі0НовіПопулярно