As a beneficiary VASP of a transaction, you will receive a permission request from the originator VASP when a transaction is initiated by the originator user. You will then reply to the permission request to the originator VASP based on the compliance check in place.
- Receive Permission Request
The “Permission Request” will be sent to your API endpoint from the Sygna Bridge server. You will need to set up an API endpoint to receive the Beneficiary/PermissionRequest message. You can whitelist the Sygna Bridge server's IP address if needed.
- Authenticate Originator VASP
Confirm if the VASP code from the VAAI matches the VASP codes list from the Bridge/VASP API.
- Verify signature with Originator VASP public key
Validate the signature of the “Permission Request” with the originator VASP’s public key obtained from the Bridge/VASP API.
- Decrypt private information with Beneficiary VASP private key
Decrypt the Private Information with your own VASP private key. (The VASP private-key and public-key pair are generated when you sign up for the Sygna Bridge service. However, only the VASP public key is kept at Sygna Bridge for all VASP members).
- Store Permission Request and personal private information into database
Store the “Permission Request” and private information in your database for future reference.
- Compliance Check
Put the originator's name into a sanction name screening service. If there is a sanctioned match, reject the permission request with the BVRC
Check if the beneficiary name and their wallet address are matched in your database. If the information is not matched, reject the permission request with the BVRC
- Generate permission message
Based on the compliance check, generate the “ACCEPTED” or “REJECTED” message in Bridge/Permission.
- Generate message signature with Beneficiary VASP private key
Use your own VASP private key to sign the message for Bridge/Permission.
- Reply Permission message
POST Bridge/Permission to the Sygna Bridge server.
- Forwarding Permission message
Sygna Bridge then forwards the signed message back to the Originator VASP.
Updated over 2 years ago