Skip to main content
Search

Submit One Step Travel Rule

Version: 3.0.0

Method

POST

Url

https://platform.globaltravelrule.com/api/verify/v2/one_step

This API endpoint is the main endpoint for Travel Rule Request Initiator to start a Travel Rule. This endpoint covers two main verification phase: 1. address or txId verification, 2. PII Verification.

Authentication

No authentication

Path Parameters

No path parameters

Query Parameters

No query parameters

Request Body (Optional)

PropertyTypeRequiredDescription
address
StringYes
address is beneficiary address (in all scenario)
amount
StringYes
amount is corresponding to the ticker, the amount of the coin in this transfer, this amount should be string (Reference: Longest AVAX should be decimal(28,18) / numeric(28,18))
encryptedPayload
StringYes
encryptedPayload here is only for support curve25519 format encrypted PII, if you need to use other algorithm, please also fill the payload here, and refer to PiiSecuredInfo structure
expectVerifyFields
Array<String>No
The PII Info that you expect to be verify, GTR will matches the results if the targetVasp has verified. The verify type code has distinguish by different direction like Originator and Beneficiary. The PII Type code can refer to:
fiatName
StringYes
fiatName is the currency unit of equality amount of coin, should convert to stable coin (USDT, EURC, USDC...etc) / real world fiat currency like (USD, EUR, NZD, GBP, HKD, CNY, JPY, TRY...etc), please prior to choose fiat currency.
fiatPrice
StringYes
fiatPrice is the equality amount of coin, the price ratio is always changing, just make sure you convert when the time you initiate the request.
hashSalt
StringNo
initiatorPublicKey
StringYes
initiatorPublicKey here is your public key
network
StringYes
Network name in short symbol, the reference can check the table.
piiSecuredInfo
ObjectYes
PiiSecuredInfo
PropertyTypeDescription
encryptionParams
Object
The parameters for shared encryption/decryption info, it depends to the algorithm type, if no necessary, please leave it blank or empty
PropertyTypeDescription
ecies
Object
required if you're using ecies algorithm (ecies_secp384r1_tubitak) should refer to this structure
PropertyTypeDescription
ephemeralPublicKey
String
initiatorKeyInfo
Object
initiatorKeyInfo is the direction of Travel Rule Initiator, if you're the initiator, this key should be yours, if you're the receiver (callback server), this is the counter-party VASP's public key that can use to decrypt the PII and encrypt the PII back.
PropertyTypeDescription
publicKey
String
publicKey is the key-parameters for encryption according to the selected algorithm. If the key already be base64 like (Curve25519) 0szeNNub/IGoe623JCGD4B4bH8I94FozOeZjv1dKlXQ=, then no need to do anything, the PEM format like (RSA) -----BEGIN CERTIFICATE-----, no need to remove it, keep it and bring out instead.
piiSecretFormatType
String
PiiSecretFormatType
piiSpecVersion
String
PIISpecVersionType
receiverKeyInfo
Object
receiverKeyInfo is the direction of Travel Rule Receiver, if you're the initiator, this key must set to the counter-party (targetVasp) VASP's publicKey, if you're the receiver (callback server), this key should be your public key.
PropertyTypeDescription
publicKey
String
publicKey is the key-parameters for encryption according to the selected algorithm. If the key already be base64 like (Curve25519) 0szeNNub/IGoe623JCGD4B4bH8I94FozOeZjv1dKlXQ=, then no need to do anything, the PEM format like (RSA) -----BEGIN CERTIFICATE-----, no need to remove it, keep it and bring out instead.
secretAlgorithm
String
AlgorithmType
securedPayload
String
encrypted payload for PII
requestId
StringYes
requestId is the unique id for all transaction, the same travelrule-request invoke process flow should be using same requestId, the recommend format is: "[YOUR_VASP_NAME]-[UUIDv4]"
secretType
IntegerNo
sourceVaspCode
StringNo
*Required if you're TRSP type user, that you have to bring your member vasp's GTR vaspCode here, that we can recognize who made this travel rule.
tag
StringNo
some of network like XRP required to input address tag (memo)
targetVaspCode
StringYes
targetVaspCode here is the counter-party VASP that you want to send the travel rule request (*Not the assets transfer direction), vaspCode is GTR system's format
targetVaspPublicKey
StringYes
targetVaspPublicKey is the counter-party VASP's public key in Curve25519, you can get this public key by vaspDetail api or vaspList api. *If you're using newest version, please mind that this field is for curve25519 format-key, using PiiSecuredInfo structure, but also fill the value same as piiSecuredInfo here
ticker
StringYes
ticker (coin) is the symbol of coin money, could refer to CMC
txId
StringNo
*if the travel rule is after on chain, then the txId is required. the tx id format type can check the table.
verifyDirection
IntegerYes
direction is travelrule direction. verifyDirection: 1 (After On Chain), verifyDirection: 2 (Before On Chain), Perspective if from your system, 1 means you're Beneficiary that receive funds, and you send the Originator KYC/B (IVMS) to check, 2 means you're Originator that you want to send the funds, and you send the Beneficiary KYC/B (IVMS) to check.

Responses

Status 200

OK

JSON Content

PropertyTypeDescription
data
Object
PropertyTypeDescription
addressRiskLevel
String
address risk level is provided from GTR, the enum of risk level: low, medium, high. (*Please mind this feature is for reference, this is not mandatory to reject any transaction)
beneficiaryVasp
String
perspective of money transfer direction, beneficiary means who receive the money
encryptedPayload
String
hashSalt
String
initiatorPublicKey
String
initiatorPublicKey here is your public key
originatorVasp
String
perspective of money transfer direction, originator means who send the money
piiSecuredInfo
Object
PiiSecuredInfo
PropertyTypeDescription
encryptionParams
Object
The parameters for shared encryption/decryption info, it depends to the algorithm type, if no necessary, please leave it blank or empty
PropertyTypeDescription
ecies
Object
required if you're using ecies algorithm (ecies_secp384r1_tubitak) should refer to this structure
PropertyTypeDescription
ephemeralPublicKey
String
initiatorKeyInfo
Object
initiatorKeyInfo is the direction of Travel Rule Initiator, if you're the initiator, this key should be yours, if you're the receiver (callback server), this is the counter-party VASP's public key that can use to decrypt the PII and encrypt the PII back.
PropertyTypeDescription
publicKey
String
publicKey is the key-parameters for encryption according to the selected algorithm. If the key already be base64 like (Curve25519) 0szeNNub/IGoe623JCGD4B4bH8I94FozOeZjv1dKlXQ=, then no need to do anything, the PEM format like (RSA) -----BEGIN CERTIFICATE-----, no need to remove it, keep it and bring out instead.
piiSecretFormatType
String
PiiSecretFormatType
piiSpecVersion
String
PIISpecVersionType
receiverKeyInfo
Object
receiverKeyInfo is the direction of Travel Rule Receiver, if you're the initiator, this key must set to the counter-party (targetVasp) VASP's publicKey, if you're the receiver (callback server), this key should be your public key.
PropertyTypeDescription
publicKey
String
publicKey is the key-parameters for encryption according to the selected algorithm. If the key already be base64 like (Curve25519) 0szeNNub/IGoe623JCGD4B4bH8I94FozOeZjv1dKlXQ=, then no need to do anything, the PEM format like (RSA) -----BEGIN CERTIFICATE-----, no need to remove it, keep it and bring out instead.
secretAlgorithm
String
AlgorithmType
securedPayload
String
encrypted payload for PII
preflightCheckMessage
String
preflight check message is to let you know whether the counter-party vasp will accept your request or not *This is only suitable in before-on-chain scenario. *And also not mandatory for check the result of pre-flight
preflightCheckStatus
String
PreflightCheckStatusEnum
requestId
String
requestId is the unique id for all transaction, the same travelrule-request invoke process flow should be using same requestId, the recommend format is: "[YOUR_VASP_NAME]-[UUIDv4]"
secretType
Integer
targetVaspCode
String
targetVaspCode here is the counter-party VASP that you want to send the travel rule request (*Not the assets transfer direction), vaspCode is GTR system's format
targetVaspPublicKey
String
targetVaspPublicKey is the counter-party VASP's public key in Curve25519, you can get this public key by vaspDetail api or vaspList api. *If you're using newest version, please mind that this field is for curve25519 format-key, using PiiSecuredInfo structure, but also fill the value same as piiSecuredInfo here
verifiedFields
Array<Object>
the verified fields
PropertyTypeDescription
[*].message
String
message of match
[*].status
Integer
VerifyFieldStatus
[*].type
String
IvmsFieldEnum
verifyMessage
String
verifyStatus
Integer

Status HTTP Status: 200, VerifyStatus: 100000

JSON Content

PropertyTypeDescription
data
Object
PropertyTypeDescription
No properties
verifyMessage
String
verifyStatus
Integer

This /one-step API can cover two situations:

  1. Pre-transaction Travel Rule: if your VASP as Originator VASP, initiating a Travel Rule request before sending the crypto assets to the blockchain
  2. Post-transaction Travel Rule: if your VASP as Beneficiary VASP, initiating a Travel RUle request after you received crypto assets from the blockchain

This /one-step API will run all verification flows in a synchronous way:

  1. Address Verification(in pre-transaction situation)or TXID Verification(in post-transaction situation)
  2. PII Verification.

If first check failed, Travel Rule process will be terminated right away and your counterparty VASP will not receive your encrypted PII payload.

Please note that, this API will always return HTTP Code as 200 and this API shall time out after 30 seconds.

Once you called /one_step API in a pre-transaction situation, you are required to invoke /notify_tx_id after you successfully execute this asset transfer on the blockchain. This will let your counterparty VASP receive a notification containing the correlation of txId and requestId.

Request Example 1: Travel Rule Initiator as Originator VASP(Pre-transaction situation)

{
  "requestId": "[prefix-uuidv4: KITCHEN_STORE-16e5025a-8e55-4052-8a68-c91620cb28fb]",
  "ticker": "[TICKER NAME: ETH]",
  "amount": "[Amount in crypto: 542.0000000000452]",
  "address": "[Beneficiary Address: 0x339facb1153e01d1e0d21e378da56d851da25ade]",
  "tag": "[TAG-(XRP/XLM/TON), leave blank if not applicable: 164392432]",
  "network": "[NETWORK NAME: ETH]",
  "txId": null,
  "verifyDirection": 2,
  "targetVaspCode": "[Target VASP Code: gdummy]",
  "encryptedPayload": "[Curve25519 encrypted string]",
  "initiatorPublicKey": "[Your public key - Curve25519 Format]",
  "targetVaspPublicKey": "[Target VASP public key - Curve25519 Format]",
  "fiatName": "[FIAT NAME: USD]",
  "fiatPrice": "[FIAT RATIO PRICE: 4593.31]",
  "expectVerifyFields": ["110026", "111001"],
  "piiSecuredInfo": {
    "initiatorKeyInfo": {
      "publicKey": "xxxxxxx"
    },
    "receiverKeyInfo": {
      "publicKey": "xxxxxxx"
    },
    "secretAlgorithm": "curv225519",
    "piiSecretFormatType": "FULL_JSON_OBJECT_ENCRYPT",
    "piiSpecVersion": "ivms101-2020",
    "securedPayload": "[Encrypted PII]",
    "encryptionParams": {
      "ecies": {
        "ephemeralPublicKey": "xxxxxxxxx"
      }
    }
  }
}

Request Example 2: Travel Rule Initiator as Beneficiary VASP (Post-transaction situation)

{
  "requestId": "[prefix-uuidv4: KITCHEN_STORE-16e5025a-8e55-4052-8a68-c91620cb28fb]",
  "ticker": "[TICKER NAME: ETH]",
  "amount": "[Amount in crypto: 542.0000000000452]",
  "address": "[*In Post-transaction travel rule, still use Beneficiary Address: 0x339facb1153e01d1e0d21e378da56d851da25ade]",
  "tag": "[TAG-(XRP/XLM/TON), leave blank if not applicable: 164392432]",
  "network": "[NETWORK NAME: ETH]",
  "txId": "F4184fc596403b9d638783cf57adfe4c75c605f6356fbc91338530e9831e9e16",
  "verifyDirection": 1,
  "targetVaspCode": "[Target VASP Code: gdummy]",
  "encryptedPayload": "[Curve25519 encrypted string]",
  "initiatorPublicKey": "[Your public key - Curve25519 Format]",
  "targetVaspPublicKey": "[Target VASP public key - Curve25519 Format]",
  "fiatName": "[FIAT NAME: USD]",
  "fiatPrice": "[FIAT RATIO PRICE: 4593.31]",
  "expectVerifyFields": ["110026", "111001"],
  "piiSecuredInfo": {
    "initiatorKeyInfo": {
      "publicKey": "xxxxxxx"
    },
    "receiverKeyInfo": {
      "publicKey": "xxxxxxx"
    },
    "secretAlgorithm": "curv225519",
    "piiSecretFormatType": "FULL_JSON_OBJECT_ENCRYPT",
    "piiSpecVersion": "ivms101-2020",
    "securedPayload": "[Encrypted PII]",
    "encryptionParams": {
      "ecies": {
        "ephemeralPublicKey": "xxxxxxxxx"
      }
    }
  }
}

Response Full Structure

{
  "data": {
    "encryptedPayload": "RrInXkezrLw...5ogc1koFps=",
    "initiatorPublicKey": "[YOUR PUBLIC KEY]",
    "targetVaspPublicKey": "[TARGET VASP PUBLIC KEY]",
    "targetVaspCode": "[TARGET VASP CODE]",
    "originatorVasp": "",
    "beneficiaryVasp": "",
    "secretType": 1,
    "requestId": "[REQUEST ID]",
    "travelruleId": "[TRAVEL RULE ID]",
    "verifyFields": [
      {
        "message": "matched",
        "status": 1,
        "type": "111006" // Beneficiary Natural Person Name
      },
      {
        "message": "we don't support sorry",
        "status": 2,
        "type": "MY_OWN_NAME" // custom name or type name
      },
      {
        "message": "date of birth matched",
        "status": 1,
        "type": "111024" // Beneficiary Natural Person Date of birth
      }
    ]
  },
  "success": true,
  "verifyMessage": "Verification Success",
  "verifyStatus": 100000
}

Response Example 1: Success

HTTP Status: 200, VerifyStatus: 100000

{
  "verifyStatus": 100000, 
  "verifyMessage": "Verify Success"
}

Response Example 2: Address Not Found

HTTP Status: 200, VerifyStatus: 200001

{
  "verifyStatus": 200001,
  "verifyMessage": "Address Not Found."
}

Response Example 3: TXID Not Found

HTTP Status: 200, VerifyStatus: 200007

{
  "verifyStatus": 200007,
  "verifyMessage": "TX ID Not Found"
}

Response Example 4: PII Verification Failed

HTTP Status: 200, VerifyStatus: 200003

{
  "verifyStatus": 200003,
  "verifyMessage": "PII Verification Failed"
}

Just to highlight, when you receive verifyStatus as 200003, it means PII payload sent by your VASP failed to be verified by your counterparty.

There could be various failure reason:

  • Specific PII field you sent is mismatched with their KYC data,
  • Certain PII Fields are not included in your PII Payload,
  • ...

You can look into the verifyFields array in the response for the detail reason.