Smart Contracts
DPO2U utilizes the the host chain and its Compact language to write smart contracts that guarantee compliance immutability without ever compromising sensitive personal data.
Compact is the host chain's purpose-built smart contract language. Unlike Solidity, Compact compiles to zero-knowledge circuits — every operation is privacy-preserving by default. There are no arbitrary loops or dynamic memory; circuit size is deterministic at compile time.
The zero-knowledge principle
The core principle governing our entire smart contract suite is Privacy by Design. No personally identifiable information (PII) or raw company data is stored on the ledger. We only store:
- Identifying Hashes (like the hashed CNPJ of the company).
- The CID (Content Identifier) pointing to the IPFS storage containing the encrypted document.
- The overall Compliance Score.
- Timestamps of evaluation.
- The digital signature / DID of the Agent who emitted the Attestation.
To achieve this, the network uses native zk-SNARKs (Zero-Knowledge Succinct Non-Interactive Argument of Knowledge) to prove that the validation rules were met without disclosing the underlying data that was validated.
Compact example
A simplified view of how a compliance registration might look in Compact:
// Simplified conceptual smart contracts
contract ComplianceRegistry {
state attestations: Map<Hash, Attestation>;
transition registerAttestation(
company_id: Hash,
agent_did: DID,
policy_cid: CID,
score: Uint8
) {
// Agent signature verified via zk-SNARK
// Only the hash is stored — no PII
attestations[company_id] = Attestation {
agent_did, policy_cid, score, timestamp: now()
};
}
}
Contract overview
| Contract | Purpose | Key function | Status |
|---|---|---|---|
ComplianceRegistry | Central attestation registry | registerAttestation() — stores score + CID | Deployed (the host chain Testnet) |
DocumentTimestamp | Temporal existence proofs | Proves a document existed at a point in time | Deployed (the host chain Testnet) |
AgentWalletFactory | Agent wallet creation | Programmatic wallet initialization | Deployed (the host chain Testnet) |
FeeDistributor | Agent compensation | Allocates the native token to agents per task | Deployed (the host chain Testnet) |
Treasury | Fund management | Receives client payments in the native token | Deployed (the host chain Testnet) |
AgentRegistry | Agent identity ledger | Maintains approved did:dpo2u:agent:* DIDs | Deployed (the host chain Testnet) |
PaymentGateway | Client payment interface | Accepts the native token for services | Deployed (the host chain Testnet) |
Implemented contracts
1. ComplianceRegistry.compact
The central registry. It holds the map of all generated Attestations.
registerAttestation(company_id, agent_did, policy_cid, score): Validates the signature of the Auditor Agent and stores the score associated with the company hash.
2. DocumentTimestamp.compact
Guarantees the temporal existence of a document via Zero-Knowledge proofs. Useful for demonstrating that a specific privacy policy existed at a specific point in time before a data breach incident.
3. AgentWalletFactory.compact
Facilitates the programmatic creation of network wallets for newly deployed Autonomous Agents.
4. FeeDistributor.compact & Treasury.compact
The financial layer of the protocol.
When a company pays for a compliance check, the funds go to the Treasury. The FeeDistributor allocates the correct amount of the native token tokens to the Auditor Agent who processed the operation, acting as an economic incentive for accurate validations.
5. AgentRegistry.compact
Manages the full agent lifecycle: registration with DID, ownership-based deactivation, and compliance task tracking. Agents are registered entities with verifiable task history, bridging to ERC-8004 agent identity patterns.
Circuits: registerAgent(secret_key, did, block_height), deactivateAgent(secret_key), recordTask(secret_key), verifyAgent()
Ledger fields: agent_owner (Bytes<32>), agent_did (Bytes<32>), agent_active (Uint<64>), registered_at (Uint<64>), task_count (Uint<64>)
Ownership: Only the registered owner (via secret_key comparison) can deactivate or record tasks.
6. PaymentGateway.compact
The interface the frontend or external API uses to accept the native token tokens from clients requesting new LGPD Kits or Audits.
PaymentGateway is in preprod — deployed on the host chain testnet but not yet integrated with the production Application Layer. All other contracts are deployed and active on testnet.
What's next
- Architecture — how contracts fit into the 5-layer protocol stack
- Agents — the autonomous agents that interact with these contracts
- Schemas — the
dpo2u/lgpd/v1schema that feeds intoComplianceRegistry - Tutorial: Zero-knowledge compliance verification — end-to-end walkthrough from policy generation to on-chain proof