Security & Compliance

Institutional-Grade Security and Compliance by Design

Seven independent layers protect every transaction, every key, and every settlement - with compliance enforced at the protocol layer before finality, not after failure.

Schedule a Call View Security Proof
14-of-20 Quorum 13 Jurisdictions Post-Quantum MPC 2-of-3 Pre-Settlement Compliance 10 Regulatory Frameworks
Security Architecture

Five independent security pillars protect every asset and every transaction.

1. SCN Validator Quorum Consensus

Every settlement requires cryptographic agreement from a supermajority of SCN validators distributed across independent legal jurisdictions.

  • 14-of-20 BFT - every settlement requires agreement from SCN validators across multiple legal jurisdictions
  • Network survives 6 simultaneous SCN validator failures with zero impact to operations
  • No single government, corporation, or individual can unilaterally control the network
  • SCN Validators operate across 13 independent compliance zones worldwide

2. Cryptographic Verification

Dual-layer cryptographic verification combining current-generation algorithms with post-quantum lattice-based cryptography.

  • Post-quantum Dilithium/Kyber lattice-based cryptography for long-term security
  • Ed25519 for high-performance current-generation signing operations
  • Future-proof cryptographic foundation designed for 50+ years against quantum computing advances
  • AES-256-GCM encryption at rest for all key material and sensitive data

3. Key Management (MPC 2-of-3)

True self-custody through multi-party computation threshold signing. The user always holds one key shard - no single party can sign unilaterally.

  • User holds one key shard - true self-custody with no counterparty risk
  • Recovery ceremony protocol with guardian attestation for key restoration
  • No single party can sign transactions unilaterally - requires 2-of-3 agreement
  • $250K automatic protection coverage included with Premium tier

4. On-Chain Attestation and Immutable Record

Every attestation result is signed, recorded immutably on the distributed ledger, and permanently retrievable via API.

  • Attestation enforced before consensus - every transaction completes identity, sanctions, and origin checks
  • Jurisdiction-aware rules covering SEC, MiCA, MAS, FINMA, FCA, BaFin, JFSA, FSRA, CVM, and FATF
  • Zone-based security isolation for different asset classes and risk profiles
  • Immutable blockchain record for every attestation result - retrievable via API at any time

5. Independent Validation

The security model has been independently reviewed by external engineering firms with continuous automated testing across all layers.

  • Independent attestation and security testing by [SOC2-FIRM]
  • BlockChainX security assessment of protocol and infrastructure
  • 512M certified test cases across SOC 2, NIST CSF 2.0, OWASP, FIPS 140-3, and 8 additional frameworks
  • Ongoing security monitoring via SentinelAI Fleet Inspector
Compliance Architecture

Compliance enforced at the protocol layer - before settlement, not after failure.

The Adaptive Transaction Compliance Engine (ATCE) evaluates every transaction against identity, sanctions, jurisdiction, and risk rules before finality is granted.

Adaptive Transaction Compliance Engine (ATCE)

Three security zones - Protected, Unprotected, and Quarantine - with real-time policy evaluation before every settlement.

  • Pre-execution policy evaluation on every transaction
  • Corridor-based compliance gating per jurisdiction pair
  • Automatic quarantine of suspicious activity
  • Settlement pause triggers for anomalous patterns
  • Immutable compliance receipts for every decision

Identity Verification (KYC/KYB)

Multi-layer identity verification stack covering individuals, businesses, and beneficial ownership structures.

  • Business identity verification via GLEIF LEI and OpenCorporates
  • Ultimate Beneficial Owner (UBO) graph analysis with circular ownership detection
  • Email and domain verification (RDAP, MX/SPF/DMARC, disposable blocklist)
  • Document proofing via pluggable third-party providers (Onfido, Jumio, Sumsub)
  • No raw PII stored on-chain - credential-bound identity only

Sanctions and Screening

Real-time sanctions screening embedded at the protocol layer - every transaction is screened before settlement.

  • OFAC SDN list screening on every counterparty
  • OpenSanctions/Yente integration for global watchlists
  • PEP (Politically Exposed Persons) detection
  • Cross-border corridor risk evaluation (FATF/OFAC flags)
  • Batch screening for high-throughput institutional workflows

Risk Scoring and Fraud Prevention

Composite risk scoring engine that evaluates transactions across multiple dimensions before allowing settlement.

  • 0-100 composite risk score per transaction
  • Auto-approve, hold, or reject based on configurable thresholds
  • Velocity and behavioral anomaly detection
  • Beneficiary change hold (72-hour cooling period)
  • Immutable forensic audit trail with hash chaining

Proprietary Compliance Stack

JIL operates a proprietary multi-layer compliance stack covering sanctions screening (OFAC + OpenSanctions), PEP detection, business identity verification (GLEIF LEI + OpenCorporates), email/domain verification, UBO graph analysis, and risk scoring. For identity document proofing and biometric liveness, JIL integrates with third-party providers via a pluggable compliance-api gateway - currently wired for Onfido, Jumio, and Sumsub - selected per-jurisdiction based on regulatory requirements.

Regulatory Alignment

Designed to operate within regulated environments across 13 jurisdictions.

The compliance engine supports jurisdiction-specific rules for each regulatory framework:

United States
SEC, OFAC, FinCEN
European Union
MiCA, AMLD6
Switzerland
FINMA
Singapore
MAS
Abu Dhabi
FSRA / ADGM
United Kingdom
FCA
Germany
BaFin
Japan
JFSA
Brazil
CVM
Global
FATF Travel Rule
  • KYC/KYB validation enforced before settlement
  • Sanctions screening at the protocol layer (not application layer)
  • Jurisdiction fencing per compliance zone
  • FATF Travel Rule support for cross-border corridors
  • Immutable audit traceability for every compliance decision

JIL does not claim regulatory approval. It provides infrastructure designed to operate within regulated environments.

Proof of Security

Every Claim is Verifiable

JIL Sovereign publishes cryptographic proof artifacts, SCN validator attestations, and compliance receipts for independent verification. Every security claim made on this page can be validated through on-chain evidence.

View Proof Artifacts
Roadmap

Security and Compliance Roadmap

External Validation

Independent engineering review by Emerging Technologies LLC and BlockChainX

Q2 2026 - Complete

SOC 2 Engagement

SOC 2 Type II audit formally engaged with [SOC2-FIRM]

Q2 2026

Protocol Audit

Full protocol security audit covering consensus, MPC, and verification layers

Q3 2026

SOC 2 Type II

Certification leveraging 512M+ certified test evidence base across 12 frameworks

Q3 2026

Bridge Verification

Independent verification of cross-chain bridge contracts and relayer security

Q4 2026
Certification Status

Independent Testing and Certification

Independent Testing

512 million test cases certified across 12 frameworks by [SOC2-FIRM]

SOC 2 Type II

Audit engagement in progress - estimated completion [SOC2-DATE]

EDGAR Filing

SEC Regulation D Rule 506(c) filed - EDGAR #9999999996-26-031508 | DUNS #10258665

Certified test results and security documentation available to qualified institutional reviewers and investors upon request.

Request documentation Contact security team
Security & Compliance

Explore the Security and Compliance Architecture

Review the evidence, examine the infrastructure, or connect with our team to discuss institutional security and compliance requirements.

View Evidence Contact Us Infrastructure Detail Institutional Overview