DD 64: Algorithm for transactions with KYC checks

10.64. DD 64: Algorithm for transactions with KYC checks#

10.64.1. Summary#

This design document specifies the algorithm that wallets and merchants should use for processing and (re-)trying transactions where KYC checks may apply.

10.64.2. Motivation#

The exchange requires the customer to pass KYC checks and satisfy AML rules for various transactions. However, the corresponding rules are dynamic and may also be hidden from the client for regulatory purposes.

10.64.3. Requirements#

  • Minimize the time time the user has to wait (=> long-poll efficiently)

  • Minimize the number of requests that the exchange has do process (=> do not quickly retry when it’s clear the the request is unlikely to succeed now)

10.64.4. Proposed Solution#

Steps for processing operation of type op and amount amt:

  1. Initialize last_op_attempt := null, last_rule_gen := null

  2. Check if a zero limit for op is applicable.

    • If the zero limit denies op, proceed with step 3.

    • Proceed with step 2.

  3. Attempt to make a request for op at the exchange. Set last_op_attempt to the current time.

    • If the request succeeds, halt.

    • If last_rule_gen is not null (Note 2), proceed with step 4.

    • Proceed with step 3.

  4. Request the /kyc-check/... endpoint applicable for op (no long-polling!)

    • If the request returns 204 No Content, proceed with step 2.

    • If the request returns 200 Ok or a 202 Accepted:

      • Set last_rule_gen := response.rule_gen

      • If the exposed limits do not deny op, proceed with step 2.

    • Proceed with the next step 4.

  5. Request the /kyc-check/... endpoint applicable for op with long-polling for min_rule set to last_rule_gen.

    • If the request returns 204 No Content, proceed with step 2.

    • If the request returns 200 Ok or a 202 Accepted:

      • Set last_rule_gen := response.rule_gen

      • If the exposed limits do not deny op, proceed with step 2.

    • If if the last_op_attempt is null or is more than 10 minutes in the past, proceed with step 2. (See Note 1)

    • Proceed with step 4.

Notes:

  • Note 1: In practice, this might not be necessary, but there could be a non-exposed rule that the client needs to trigger to proceed.

  • Note 2: We must long-poll for the next rule generation here, since we can assume that the current set of rules contains non-exposed rule that prevents the current operation.

Open questions:

  • What should the lpt parameter be in step 4?

10.64.5. Definition of Done#

N/A

10.64.6. Alternatives#

N/A

10.64.7. Drawbacks#

N/A

10.64.8. Discussion / Q&A#

(This should be filled in with results from discussions on mailing lists / personal communication.)