In addition to a lack of automation, current approaches to compliance on general-purpose blockchains are unable to deploy a complex compliance framework due to higher and higher computing costs. For example, general-purpose chains like Ethereum rely on layer-2 solutions built on top of the chain to implement these complex frameworks. As users begin to layer on successive rules for their compliance, the number and complexity of such rules pushes the chain to its computational limits, driving up costs and processing time.
Polymesh addresses these challenges by having Compliance built into the core of the chain, providing comprehensive automation to check the rules configured into the token, enabling faster processing and lower protocol fees. Once security token rules are set by the issuer, the chain ensures they are checked, and most importantly must be met, before a transfer can be completed. Issuers no longer need to approve things like individual transfers involving their token through manual or semi-automated means; with Compliance on Polymesh, compliance management is built into the security token. Now, any action that meets the rules set by the issuer can proceed, expanding the range of activities that can occur, ultimately increasing the investor pool and liquidity available to the issuer.
Compliance on Polymesh will also apply to corporate actions in the token lifecycle like elections and entitlements, though these use cases will not be available for the mainnet launch.
Like the other 3 pillars (Identity, Confidentiality and Governance), Compliance is built into the core of Polymesh, helping issuers implement on-chain compliance rules efficiently. For users, Compliance comes to life through attestations, which assist issuers meeting the regulatory requirements of their security token, and forming the foundation for how compliance is automated.
So what is an attestation? Think of it as the on-chain evidence that an attribute of a user’s identity (e.g., residency; accreditation) is true, provided by a trusted third party. Compliance rules set by issuers automatically check that the right attestations are in place for token transfers to occur. Attestations are a two-sided coin — the issuer side and the tokenholder side. With recommendations from their advisors, issuers set the rules for their security token based on applicable regulations. The smart extension then compares the rules against the proposed tokenholders’ attestations to determine if a transfer is permitted or not. Sometimes these attestations are based on the token, needing no action on the user’s part (e.g. buy or sell lockups tied to when a token was issued). Other times, attestations are based on the unique identity of the user and need to be verified through third-party service providers (e.g. where they live). Through rules and attestations, Polymesh enables an issuer to automate the compliance framework applicable for their security tokens.
The future of Compliance
With Polymesh, investors’ on-chain attestations are linked to on-chain IDs tied to real-world identities. For security token issuers, this means they no longer need to manage the permission lists for who can own, and what can be done with, their tokens, materially reducing administrative back office costs. When distributing a security token to an investor, they can choose to rely on the attestations issued by a third-party rather than having to capture all the information about an investor and store that information centrally.
The Polymesh Pillar Series
As a blockchain built for security tokens, Polymesh needs to remove the roadblocks that affect adoption and acceptance by the industry as a whole. To do this, we’ve built Identity, Confidentiality, Governance, and Compliance as pillars at the core of the chain and its design. In the Polymesh Pillar Series, we dive deep on each of these 4 pillars, why they’re needed, and how they come to life.
Check out the other blog posts in our series for more information on the other pillars and how they form the foundation of Polymesh.