Skip to main content

KYC/KYB Flow

CRYMBO Connect supports a flexible, metadata-based KYC/KYB system designed for institutional onboarding, wallet registration, and Travel Rule compliance. It enables platforms to enforce identity verification and disclosure only when required, such as during crypto withdrawal or cross-VASP transfers โ€” not at the point of user signup.

๐Ÿ’ก Key Principlesโ€‹

  • No default KYC at signup โ€” enforcement is configurable per policy
  • Metadata first โ€” identity is represented via wallet metadata and custom attributes
  • Selective enforcement โ€” require KYC/KYB only when interacting with specific services or networks
  • Travel Rule integrated โ€” identity submission happens via encrypted payloads only when legally required

๐Ÿงพ User & Business Metadataโ€‹

All compliance flows start by attaching metadata to the user or VASP.

Endpoint:
POST /v3/users/meta/update

Payload example:

{
	"userId": "user_001",
	"meta": {
		"KYC_STATUS": "pending",
		"RISK_SCORE": 72,
		"JURISDICTION": "DE",
		"USER_TYPE": "individual"
	}
}

This metadata is used later to determine whether to trigger a PII request or allow a transaction.

๐Ÿ” Conditional KYC Triggeringโ€‹

Compliance policies can be enforced dynamically:

Policy ConditionEnforcement Action
RISK_SCORE > 80Require enhanced questionnaire
Crypto Withdrawal > $10,000Require PII submission
Destination wallet is a VASPTrigger Travel Rule identity check
User country = restricted jurisdictionRequire KYB & manual review

๐Ÿ“ Submit KYB for a Businessโ€‹

Endpoint:
POST /connect/api/kyb/onboard

Payload includes business metadata and contact details. Documents can be attached later.

๐Ÿ” Submit Questionnaire (Dynamic Form)โ€‹

Endpoint:
POST /v3/users/meta/submitQuestionnaire

Use this to gather jurisdiction-specific or risk-based answers before advancing the user flow.

๐Ÿงฉ Link to On-Chain Transactionโ€‹

Once a transaction occurs, the Oracle determines if identity is required via metadata rules.

If so, it emits PIIRequested and expects encrypted identity data to be submitted to:

POST /deposits/pii

โœ… Marking KYC Completeโ€‹

When the institution or Oracle confirms identity validation, update user status:

Endpoint:
POST /v3/users/meta/update

{
	"userId": "user_001",
	"meta": {
		"KYC_STATUS": "verified"
	}
}

This metadata state will skip further verification unless new rules are triggered.

Let me know if youโ€™d like to proceed with the next doc: Travel Rule & Encrypted PII Submission.