6.0.0
21 Product Family 6.0.0 includes major improvements to the API and GUI:
- Auto-approve: TRP 3.0 auto-approve has been implemented.
- New Proof Methods: Visual Proof and Satoshi Test have been added.
- Audit Logs: Audit Logs are generated for all GraphQL mutations and authentication.
- New AOPP GraphQL API: AOPP now has the API on GraphQL.
- Fuzzy Matching: For easier integration of external systems.
- Exports in Microsoft Excel: Switched from csv to xlsx (Excel) format.
- TLS Client Certificate: This allows for mTLS for increased security.
- xPub Support: The new AOPP API supports Xpub submissions as part of the proof.
TRP 3.0 Auto-approve Has Been Implemented
One of the design choices of TRP is that it is open for industry collaboration and adoption. This means simplicity and automation is very important to achieve that.
For this reason 21 Travel Rule now allows you to activate auto-approve for counterparty VASPs that you trust. This will go through the whole TRP flow and automatically approve all transactions.
To reach the auto-approve feature you can mutate the TRP database through the GraphQL API:
1 2 3 4 5 6 7 8 9 10 11 12 13 14mutation { trpd { registerOrUpdateVasp( vasp:{ url: "https://api.testing.21analytics.xyz/", name: "21 Testing AG", lei: "506700T7Z685VUOZL877", autoApproved: true } ){ autoApproved } } }
To do this using the GUI, you can go to the Counterparty VASP's page and check the auto-approve checkbox when adding a new VASP,
New Proof Methods
As part of the new release, some new proof methods have been added and upgraded. You now have Satoshi Tests and the ability to upload videos as proof.
Satoshi Test
21 Travel Rule now supports self-hosted ownership proof using Satoshi Test. A method where the person willing to verify ownership of a wallet sends a small amount to a designated wallet in your VASP.
There are two new graphql mutations requestSatoshiProof(proof) and finalizeSatoshiProof(id, txId). You can also query Satoshi Test entries with the following:
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17query{ aopd{ proofs(limit: 1, offset:0){ ... on AopdSatoshiProof{ id asset amount depositAddress senderAddress status dueAt txId createdAt } } } }
Visual Proof
The Visual Proofs method is an upgrade to the previous Screenshot Proof. You can now upload and store screenshot proofs as either an image or a video.
In a similar fashion to the Satoshi Test case. The API now has a registerMediaProof(proof, media) mutation and the following query:
1 2 3 4 5 6 7 8 9 10 11 12 13query{ aopd{ proofs(limit: 1, offset:0){ ... on AopdMediaProof{ id asset address mediaPath createdAt } } } }
Audit Logs
To help track internal activity 21 Travel Rule now has Audit Logs. This shows a full history of all actions committed in 21 Travel Rule. It will allow teams to see who did what, and will allow everyone to be on the same page when multiuser is implemented.
To query the Audit Logs you can use the following:
Which would yield the following results in a GUI:1 2 3 4 5 6 7 8 9 10query { autod{ auditLogs(limit: 13, offset: 0){ username event target createdAt } } }
New AOPP GraphQL API
AOPP has received a new GraphQL API. The websocket API has been deprecated. In the same way as the Satoshi Test method and the Visual Proof method mentioned above, you can use a requestAoppProof(proof) mutation. The subscription has also changed its name from newProofs to aopdAoppProofs.
Fuzzy Matching
You can now use fuzzy matching for received beneficiary names with expected ones according to the chosen sensitivity. This will use AI to accept a certain margin of error chosen by you when introducing beneficiary names.
The option to ignore cases was also added.
All this makes integration from external custodial systems a lot simpler since it allows more flexibility for inconsistencies that these might have.
Exports in Microsoft Excel
As requested by our customers, the table exports have been switched from .csv to .xlsx (Excel) format.
This can be achieved using the proofAsXlsx(id) for an individual proof export and proofsAsXlsx to export all proofs.
For transactions you can query txAsXlsx(id) for individual transactions or txsAsXlsx(status) for a list of all transactions under a certain status.
The buttons on the GUI remain the same.
TLS Client Certificate
TRP configuration now accepts a TLS client certificate. This allows TRP to use mTLS, ensuring that both the server and the client have strong proof about each other's identity, increasing trust. This addition completes our transition to the latest TRP 3.0 specification.
To add a TLS client certificate, you can use the GUI. First, go to the 'configure your VASP' page here; you will see the 'Attach PEM file' button to upload the PEM file that will generate the TLS client certificate.
xPub Support
The new AOPP API supports xPub submissions as part of the proof. This solves the deposit use case.
Other Improvements
- TRP failed states yield more granular error messages.
- GraphQL API now has more consistent naming.
- GraphQL API inline documentation has improved.
- The created/mutated object is now always returned in the GraphQL API.
- Login has been factored out into its own app. This is a precondition for integrations with third party authentication solutions.
- Travel Addresses are resolved and the result is displayed to the user on the fly on the new GUI.
- General rebranding/design overhaul with customisable logo.
- "Withdraw to Wallet" page has been redesigned, unifying the user interaction for different wallet types.
- Integration for Oporto webextension has been implemented.