Address Proving Integration
Overview
Address Proving is a GTR feature that allows your VASP to prove the ownership of a blockchain wallet address by using a cryptographic challenge-response flow.
After the proof is successfully verified by GTR, the address can be recorded in GTR's address library as an ownership-proved address.
This feature is useful when your VASP wants to register its own addresses, such as hot wallet addresses or treasury addresses, before using them in other GTR-related flows.
Use Cases
You can use Address Proving in the following situations:
- Register your VASP-owned wallet addresses in advance
- Prove ownership of a deposit, treasury, or operational wallet address
- Improve confidence when GTR later uses the address in compliance-related flows
- Keep an auditable record that a specific address has been cryptographically proved by your VASP
How It Works
Address Proving is a 2-step process.
| Step | Description |
|---|---|
| Step 1: Generate Challenge | Your VASP submits wallet metadata to GTR. GTR returns a challengeMsg that is bound to your VASP and request parameters |
| Step 2: Submit Address Proof | Your VASP builds the proof payload, signs it with the private key of the wallet, and submits it to GTR for verification |
If the verification succeeds, GTR records the wallet address as an ownership-proved address.
Diagram Flow
Supported Key Types
GTR currently supports the following publicKeyType values.
publicKeyType | Description |
|---|---|
secp256k1 | secp256k1 elliptic curve public key |
secp256r1 | secp256r1 elliptic curve public key |
secp384r1 | secp384r1 elliptic curve public key |
secp521r1 | secp521r1 elliptic curve public key |
Ed25519 | Ed25519 public key |
Ed448 | Ed448 public key |
RSA-SHA256 | RSA public key (sha256) |
RSA-SHA384 | RSA public key (sha384) |
RSA-SHA512 | RSA public key (sha512) |
RSA-PSS | RSA public key for RSASSA-PSS verification |
Supported Proof Algorithms
GTR currently supports the following proofAlgo values.
proofAlgo | Description |
|---|---|
SHA256withECDSA | ECDSA with SHA-256 |
SHA384withECDSA | ECDSA with SHA-384 |
SHA512withECDSA | ECDSA with SHA-512 |
Ed25519 | Ed25519 signature |
Ed448 | Ed448 signature |
SHA256withRSA | RSA with SHA-256 |
SHA384withRSA | RSA with SHA-384 |
SHA512withRSA | RSA with SHA-512 |
RSASSA-PSS | RSA-PSS signature |
Supported Public Key Formats
GTR currently supports the following publicKeyFormat values.
publicKeyFormat | Description |
|---|---|
PEM | PKIX SubjectPublicKeyInfo DER encoding in Base64 form. This is the default value when the field is omitted |
DER | Raw uncompressed EC point bytes (`0x04 |
⚠️
DERformat is only supported for EC key types such assecp256k1,secp256r1,secp384r1, andsecp521r1.
Important Notes
- The
challengeMsgis deterministically generated from your VASP identity and request parameters. - You should keep the request parameters unchanged between the Generate Challenge step and the Submit Address Proof step.
- If any field used to generate the challenge changes, the submitted proof may be rejected.
- Once an address has already been recorded with ownership proof, it cannot be proved again through the same flow.