Change Log
Last updated
Last updated
Upgraded to Node.js version 22 for increased stability and security
(Bugfix) Fixed a hashing error during legal person verification
Fixed to support database SSL connection
Added environment variables for database SSL configuration in .
Fixed to not throw INVALID-FORMAT error
(Bugfix) Fixed a bug where buildingNumber and buildingName were transposed when saving personal information with a geographic address.
To improve security, the Enclave server has been modified to operate as a non-root user.
Added the option to use a custom schema instead of using the public schema when using PostgreSQL.
Added the vout field.
Added the vout field to the Request body.
Added the vout field to the Response body.
(BREAKING CHANGE) Added the vout column to the verifications database table.
Fixed an uncommon IVMS101 parsing error that occurred very infrequently.
Fixed a rare occurrence of a database deadlock bug.
Added Passthrough feature for VerifyName Response API.
Fixed a bug where changing the connection state with other VASPs through the 'Vasp Connect' feature did not immediately apply the connection state.
Added APIs for Risk Assessment
Added the network field.
Added the network field to the Request body.
Added UNKNOWN-NETWORK to the Reason type.
(BREAKING CHANGE) Added the network column to the verifications database table.
Added NOT-ALLOWED to the Reason type.
Fixed: low probability that user verification result not stored properly in the enclave DB.
Modified to allow interoperability with CODE.
VASPs using CODE protocol are also displayed in the list when the list lookup API is called.
Fixed a bug in the logic to remove information from the enclave when the user-verified VASP API returned information that was not in requiredBeneficiaryInfo .
The verification failure issue with UNDEFINED-ERROR code on user verification VASP API request without ivms101 data fields has been resolved.
An error occurrence from commands table on the Oracle database has been removed.
The problem has been fixed that the authorization header value is misconfigured when VEGA_VERIFICATION_AUTHORIZATION_TOKEN variable is not configured.
Major changes
The user address verification API was expanded to a user 'account' verification API.
Now it supports a selective name matching verification in addition to the existing wallet address check.
Utilize a robot VASP for more test cases coverage
Now you can experience more various error case handling when you test the withdrawal verification with the robot VASP.
API policy of Transaction Result Report API has been updated.
It requires to call this API as soon as the VASP finds the transaction ID (txHash) now, in contrast to the former version of the guide that required calling it after the transaction finality check.
Error code specifications have been provided for each API.
Only required beneficiary information fields need to be filled out.
The name of an environmental variable has been changed as User Address Verification API is changed to User Account Verification API.
AS-IS: VEGA_VERIFICATION_ADDRESS_API_PATH
TO-BE: VEGA_VERIFICATION_ACCOUNT_API_PATH
A new environment variable for VASP API Authorization Token header setup has been added.
The index definition of commands table updated.
A new column created_at is added to the index.
Some enclave APIs were changed to work asynchronously.
Data that was delivered with synchronous API response is now delivered through the callback VASP API.
Specific personal data specification requirements now can be designated in the request phase to VASP.
Refer to the newly added code specification to designate the data requirements.
VASP API implementation policy updated.
Now VerifyVASP supports a transaction in a single VASP, meaning a VASP can be both the originating VASP and beneficiary VASP of the transaction.
The Asynchronous process is introduced to these APIs below.
User Verification API spec updated.
requiredBeneficiaryInfo field was added to the request payload.
Due to the change to work asynchronously, some fields from the response payload were discarded including verificationUuid.
The discarded data fields are now delivered through the Callback VASP API.
Error report API specification updated.
message field was added to the request payload.
New APIs added
Callback API is newly added.
The API is for getting notifications of the processing result asynchronously.
Strongly recommended implementing the callback API: Polling way of implementation for all the processing transaction results without enough care might be a burden to both VASP itself and the VerifyVASP network.
Implementation policies for each VASP API were updated.
Error codes from the user verification API are now provided.
The database table definition was updated.
Added: commands table
Modified: verifications table
message column is added
An environmental variable was added
VEGA_VERIFICATION_CALLBACK_API_PATH: A variable for callback API endpoint setup
IVMS101 Message Format Guide was updated.
Address field expansion to support multiple addresses in addition to the parent address (e.g. XPR, EOS)
The geographic address policy now requires corporations to fill out both headquarters address and branches.
The problem in setting database port number adjustment has been fixed.
The endpoint scanning process during enclave boot now checks the endpoints of transaction status query API and address verification API too.
Parameter names have been changed.
The Korean Site is open.
Only the staging environment and site are open; the production environment and site are to open soon.
Korean VASPs need to register to the Korean console site newly.
The central server endpoint for the Korea region was added.
Enclave server - version updated (VerifyVASP/enclave:v1.1.0)
Enclave database - table definition updated.
verifications
Enclave database - new tables
counter_party_keys
own_keys
Enclave database applies encryption to some columns
Environment variables added
VEGA_ENCLAVE_PUBLIC_ENDPOINT
VEGA_VERIFICATION_ADDRESSES_API_PATH
VEGA_VERIFICATION_TRANSACTION_API_PATH
VEGA_VERIFICATION_AUTHORIZATION_TOKEN
VEGA_ENCRYPTION_KEY_BASE64
VEGA_DECRYPT_API_ENDPOINT
VEGA_PUBLIC_KEY_TTL
VEGA_LOG_LEVEL
VASP side need-to-implement APIs were added
User address verification API (mandatory)
Transaction status query API (mandatory)
Decrypting database encryption key API (recommended)
Specification update for user verification API
symbol, amount fields moved into assetInfo object
API version information was added to all API paths.
Updated APIs
VASP List API
The list is changed to include VerifyVASP members only by default.
includesAll query parameter is now supported.
The response provides more detailed information including VASP health status.
User verification API
request body modified
New APIs are now supported.
Address verification API
Error report API
Transaction status query API
A security guide page was added.
IVMS101 standard guiding page was added.
IVMS101 message format guide page was added.
Added dateOfIncorporation field in where you can fill in the date of incorporation for LegalPerson.
When calling the , if the value dateOfIncorporation is present, input validation will be performed.
Added LEGAL_PERSON_DATE_OF_INCORPORATION code in
In the geographic address data type in , townName is no longer a required field.
To minimize wallet address or transaction ID mismatches, we provide the .
Please refer to the VEGA_DATABASE_SEARCH_PATH environment variable in .
Enclave API :
VASP API :
Enclave API : , ,
VASP API :
Enclave API : ,
VASP API : ,
Enclave API : ,
VASP API : , ,
Enclave API :
VASP API : ,
CountryCode and protocol items have been added in the return value..
Added new vaspStatus value (INTEROPERATED) in return value.
The type mismatch issue on the count(returned in string type) value in response payload of has been fixed.
See for more details.
See page for more details.
implementation policy has been updated.
verificationUuid field is newly added to the request payload of .
implementation policy regarding the idempotent has been added.
was updated to verify the beneficiary name in case of the transaction amount exceeds the legal baseline.
See and pages for more details.
See page for more details.
A diagram describing the transaction state transition has been added to the .
The query parameters for are modified as follows. - fromAccount --> originatorAccountNumber - toAccount --> beneficiaryAccountNumber
The address of the Korean VerifyVASP console site updated ().