Compliance-first Solana payment infrastructure for stablecoin checkout, remittance, and virtual-card funding.
The relayer lets fintech applications accept or send Solana stablecoin payments while enforcing compliance before settlement. Clean transfers are submitted privately and reliably. Risky transfers are rejected before chain submission but retained for audit.
Built for S1lkPay / Frontier-style payment products, it exposes a backend API for merchant checkout sessions, remittance flows, virtual card funding, internal blocklist operations, Range Protocol AML screening, Helius/QuickNode confirmation webhooks, and audit reports merchants can store for compliance review.
- A merchant, wallet, or card program creates a checkout session for a USDC payment using
POST /checkout/sessions. - The customer signs a Solana transfer payload in their wallet. The signed payload includes amount, mint, recipient, and nonce.
- The app submits the signed transfer to
POST /checkout/sessions/{id}/submit-transfer. - The relayer verifies the signature, enforces nonce replay protection, checks the internal blocklist, screens the recipient with Range Protocol, and persists the decision.
- Approved transfers are queued for private/reliable Solana submission. Rejected transfers never settle on-chain.
- The merchant fetches
GET /transfer-requests/{id}/audit-reportto see the final compliance and settlement decision.
curl -X POST http://localhost:3000/checkout/sessions \
-H "Content-Type: application/json" \
-d '{
"merchant_id": "merchant_kz_001",
"merchant_reference": "INV-2026-00042",
"destination_wallet": "DRpbCBMxVnDK7maPM5tGv6MvB3v1sRMC86PZ8okm21hy",
"token_mint": "EPjFWdd5AufqSSqeM2qN1xzybapC8G4wEGGkZwyTDt1v",
"amount": 25000000,
"customer_wallet": "7xKXtg2CW87d97TXJSDpbD5jBkheTqA83TZRuJosgAsU",
"merchant_metadata": {
"purpose": "virtual_card_funding",
"currency": "USDC"
}
}'{
"transfer_id": "550e8400-e29b-41d4-a716-446655440000",
"asset_type": "spl_token",
"token_mint": "EPjFWdd5AufqSSqeM2qN1xzybapC8G4wEGGkZwyTDt1v",
"amount": { "visibility": "public", "amount": 25000000 },
"compliance_status": "approved",
"blockchain_status": "pending_submission",
"risk_decision_summary": "Approved by compliance controls and queued or submitted for settlement.",
"final_decision": "approved_for_settlement"
}Watch the demo on YouTube — dashboard, risk scanning, Jito MEV transaction, and Range Protocol compliance blocking.
Stablecoin payment providers need instant settlement, low fees, and programmable controls, but fintech operators also need compliance evidence before they move money. The Solana Compliance Relayer resolves this with a defense-in-depth payment pipeline for merchant checkout, cross-border remittance, and card-funding flows.
| Challenge | Solution |
|---|---|
| Blinded signing risk | Client-side WASM signing ensures wallets never expose private keys to the server |
| Regulatory compliance | Real-time AML/Sanctions screening via Range Protocol before chain submission |
| Transaction guarantees | Transactional Outbox pattern with PostgreSQL ensures no approved tx is ever lost |
| MEV extraction | Private submission via Jito Bundles bypasses the public mempool |
Core Guarantee: Rejected transactions are persisted for audit but never submitted to the blockchain.
| Feature | Description |
|---|---|
| MEV Protection (Ghost Mode) | Private transaction submission via Jito block builders—no frontrunning, no sandwich attacks |
| Real-Time Compliance | Automated AML/Sanctions screening via Range Protocol with configurable risk thresholds |
| Merchant Checkout Sessions | Durable sessions for stablecoin checkout, remittance, and virtual-card funding flows |
| Compliance Audit Reports | Machine-readable settlement and risk decision reports for merchants and operators |
| Authenticated Admin Controls | /admin/* routes support ADMIN_API_KEY for production blocklist management |
| Client-Side WASM Signing | Ed25519 via ed25519-dalek compiled to WebAssembly—private keys never leave the browser |
| Replay Attack Protection | Cryptographic enforcement of request uniqueness via nonces |
| Double-Spend Protection | Status-aware retry logic prevents duplicate submissions during network failures |
| Confidential Transfers | Full Token-2022 ZK confidential transfer support with automated rent recovery |
┌─────────────────────────────────────────────────────────────────────────┐
│ FRONTEND (Next.js) │
│ ┌───────────────────┐ ┌──────────────────┐ ┌─────────────────┐ │
│ │ Terminal Panel │ │ WASM Signer │ │ Monitor Panel │ │
│ │ (Transfer UI) │──▶│ (Ed25519-dalek) │ │ (5s Polling) │ │
│ └───────────────────┘ └────────┬─────────┘ └─────────────────┘ │
└────────────────────────────────────┼────────────────────────────────────┘
│ Signed Request
▼
┌─────────────────────────────────────────────────────────────────────────┐
│ BACKEND (Axum + Rust) │
│ ┌─────────────────────────────────────────────────────────────────┐ │
│ │ API Layer │ │
│ │ POST /transfer-requests │ GET /transfer-requests/{id} │ │
│ │ POST /webhooks/helius │ GET /health, /health/live, /ready │ │
│ │ POST /risk-check │ /admin/blocklist (CRUD) │ │
│ └─────────────────────────────┬───────────────────────────────────┘ │
│ │ │
│ ┌─────────────────────────────▼───────────────────────────────────┐ │
│ │ Application Layer │ │
│ │ ┌─────────────┐ ┌───────────────────┐ ┌──────────────────┐│ │
│ │ │ AppService │──▶│ ComplianceProvider│──▶│ DatabaseClient ││ │
│ │ └─────────────┘ │ (Range Protocol) │ │ (PostgreSQL) ││ │
│ │ └───────────────────┘ └──────────────────┘│ │
│ └─────────────────────────────────────────────────────────────────┘ │
│ │ │
│ ┌──────────────────────────────▼──────────────────────────────────┐ │
│ │ Infrastructure Layer │ │
│ │ ┌──────────────────┐ ┌───────────────────┐ │ │
│ │ │ Background Worker│──▶│ BlockchainClient │──▶ Helius RPC │ │
│ │ │ (10s poll cycle) │ │ (Strategy Pattern)│ │ │
│ │ └──────────────────┘ └───────────────────┘ │ │
│ └─────────────────────────────────────────────────────────────────┘ │
└─────────────────────────────────────────────────────────────────────────┘
The official dashboard and UI for this relayer is a separate repository:
- Repository: solana-compliance-relayer-frontend
- Live demo: solana-compliance-relayer-frontend.berektassuly.com/
It provides a real-time dashboard (analytics, metrics, terminal, monitor), client-side WASM signing, risk scanner, and admin blocklist management. Built with Next.js, React, Tailwind CSS, and a Rust/WASM signing module.
- Rust 1.85+ (2024 edition)
- Docker & Docker Compose
- PostgreSQL 16+
# Clone the repository
git clone https://github.com/berektassuly/solana-compliance-relayer.git
cd solana-compliance-relayer
# Start PostgreSQL
docker-compose up -d
# Run database migrations
cargo sqlx migrate run
# Start the backend
cargo runThe backend runs on http://localhost:3000. Swagger UI is available at /swagger-ui.
- Backend: Rust 1.85+, Axum 0.8, SQLx 0.8, Tokio 1.48
- Frontend: solana-compliance-relayer-frontend — Next.js, Tailwind CSS, Zustand, Rust/WASM signing
- Cryptography: ed25519-dalek (WASM), solana-zk-sdk, ElGamal/AES
- RPC Providers: Helius, QuickNode (auto-detected)
- Compliance: Range Protocol Risk API
- MEV Protection: Jito Bundles via QuickNode
| Document | Description |
|---|---|
| Architecture | Hexagonal architecture, directory structure, and data flow diagrams |
| Submission Brief | S1lkPay / Frontier problem, product, architecture, demo script, and roadmap |
| Security | MEV protection, double-spend prevention, replay protection, blocklist manager |
| API Reference | Endpoints, signing message format, and example requests |
| Configuration | Environment variables, RPC provider strategy, deployment |
| Client Integration | SDK integration notes and CLI tools |
| Technical Operations Guide | Infrastructure config, database ops, and troubleshooting |
| Contributing | Contribution guidelines |
| Phase | Feature | Status |
|---|---|---|
| 1–6 | Core relayer, worker, WASM signing, webhooks, frontend | ✅ Complete |
| 7–10 | Confidential transfers, blocklist, risk checks, CLI tools | ✅ Complete |
| 11–15 | Jito MEV, rent recovery, double-spend protection, nonces | ✅ Complete |
Mukhammedali Berektassuly
This project was built with 💜 by a 17-year-old developer from Kazakhstan
- Website: berektassuly.com
- Email: [email protected]
- X/Twitter: @berektassuly
This project is licensed under the MIT License. See LICENSE for details.