Automating AML checks for all token holders in smart contracts (Part 2 of 2)
Connect your smart contract to the Chainalysis API with our step-by-step Silent Data [Oracle] job configuration
In this tutorial we will walk you through using Chainalysis and Silent Data [Oracle] to build an automated whitelist contract based on Chainalysis Address Screening in order to issue stable tokens only to AML checked users.
Step 0: Set up Chainalysis
Request Chainalysis documentation for details of configuring risk assessment criteria and obtaining a secret key.
Chainalysis API Key
In order to get data from Chainalysis on-chain, we must connect to a Chainlaysis API, here an Entities API. Given the data on Chainlaysis is private, we require a private API Key to establish this connection.
Request access for the Chainalysis API documentation
Token contract
function transfer(address to, uint256 value) public virtual override returns (bool) {
uint256 lastValidBlock = block.number - 100;
// AML check only valid in last 100 blocks
require(
whitelistContract
.getLastAMLCheckBlock(to) >= lastValidBlock, "AML check not present or not recent enough");
_transfer(_msgSender(), to, value);
return true;
}
Token contract video
The Token contract queries the Whitelist contract to obtain the block number for the last time the address was screened.
In this example, the AML check is only valid for the last 100 blocks.
Step 1: Configure the job and trigger
The video above outlines how to configure a Silent Data [Oracle] job, starting with how to Create a Job and name it.
The Trigger determines how to activate the job. In this case, the job Type is Smart contract as it is a Whitelist contract-triggered use case.
When using the smart contract trigger, the Allowed callers feature sets the allowed smart contract addresses to trigger the Oracle job. Adding allowed callers prevents other contracts from draining your funded jobs. Here only the Whitelist contract, the only allowed caller, can trigger the job.
Trigger Method (Inside the whitelist contract)
// Implement logic to call the funding contract, to emit an event that triggers a job
// Only configured allowed contracts will be able to trigger specific jobs
function requestWhitelist(address _addressToCheck) external {
require(address(fundingContract) != address(0), 'Funding contract not set');
bytes memory encodedArgs = abi.encode(_addressToCheck);
// Add logic for job triggering here
fundingContract.
emitSilentDataJobTriggerArgs
(jobId, encodedArgs);
}
Trigger contract video
This sends the address ‘addressToCheck’ to the Oracle job trigger.
Step 2: Configure the steps
Request #1
The request allows the user to set which API to call for the data required by the job. This is followed by the description of the data needed to complete the configuration.
Method determines what kind of function you require the job to perform. This is subject to the type of API call the AML compliance service requires.
The Endpoint is an API URL i.e. the specific location of accepting requests and returning responses. The endpoint URL is unique to the AML compliance service used and may depend on the type of job you are configuring.
Request access to the Chainalysis documentation for more information regarding the Address Screening Tool API endpoint and Method.
The Header provides authorisation to the bearer of the Chainalysis API key i.e. whoever holds the secret API. The syntax for the authorisation is in a JSON call format, and as seen later in the video, must match the name of the secret you configure.
Depending on the API you call, it may be necessary to send data in the body to the API. Here we must include the address of the wallet we are registering on Chainalysis.
Attestation #1
The attestation outlines the required check on the API’s response.
Next, it is time to create the Rules for your call. The Source determines the variable or value of the data you want to check. Meanwhile, the Target defines what to compare your value to for a successful result. Here we are checking whether the wallet has successfully passed the screening i.e. status 200 (or 201). Otherwise the failure callback will be called.
Step 2(b): Configure Secrets
In order to call upon the Chainalysis API, you must create a Secret in the secrets section. By copying ‘API_KEY’, the Name of the secret is identical to the value in the Header code. The Secret itself is the Secret API key obtained previously (via Chainalysis).
Entering your Silent Data [Oracle] password allows you to update the job configuration without re-uploading your secrets every time - secrets are only saved in the local storage of the browser.
The Silent Data [Oracle] operator never actually sees your API key! Secrets are only decrypted inside the Intel hardware secure enclave.
Step 3: Configure the result
In this example the Blockchain selected is Sepolia given it is a test.
Success
The Contract address is your callback contract. A Callback contract is a smart contract that contains a method Oracle uses to publish information on-chain. Here it is embedded in the whitelist contract and is queried by your Token Contract, or any dApp.
We define the value ‘address’ to inform the whitelist contract which wallet address has been screened. The value ‘true’ confirms the address has passed the risk assessment retrieved. Meanwhile, the value ‘false’ confirms the address has failed the screening test and is not added to the whitelist.
// Implement logic to be executed as the result of the SilentData Job
function silentDataCallback(address _requester, bool
_amlCheckPassed
) public onlyResultsContract {
if(
_amlCheckPassed
) {
lastWhitelisted[_requester] = block.number;
}
}
Callback contract video
The callback contract is defined to consume the result of the AML Check. The boolean returned is either ‘true’ for a successful check or ‘false’ for a risky one.
If ‘true’ (the address has passed the check) then the address is added to the Whitelist with the corresponding block number detailed.
Step 4: Fund and publish your job
Click the ‘Publish’ button to activate the job. Top up the funds for your job (see below). Then execute the trigger contract from your preferred IDE.
Funding configuration
Oracle jobs are currently funded using USDC. In order to add funds to the job and operate, it is necessary to assign a funding manager and select a Token ID. The funding manager has the right to remove any unused funds from the job, this is important in the case of over funding, or changing APIs. Once the job is published, anyone can top up the job.
Jobs are funded under Funding details. This requests a transfer from your wallet which requires approval, as seen in the video using Metamask.
In the video, as we are using the Sepolia testnet network, we must connect our Metamask wallet to Sepolia. Any faucet may be used to supply Seoplia Ethereum (ETHSepolia) - the tokens used for Sepolia testnet.
See Silent Data [Oracle] Documentation for greater detail re Configuration of Job.
Visualise the results
You can visualise the results of your triggered jobs inside Silent Data: Oracle, track which ones have been triggered, and monitor their status.
Chainalysis is only one AML use case for Silent Data [Oracle]. A multitude of other enterprise and DeFi use cases exist, both for triggering a job from the smart contract or webhook. Consult the resources linked throughout for greater detail.
Remember to sign up for our demo environment!
This forms part of a two-part blog, click here to read part 1!