Get VASP Detail
By invoking GET /api/common/v3/vasp/detail?vaspCode=[vaspCode], you will get the full details of a specific VASP in the GTR network.
Response
You can expect to receive following response.
{
"verifyStatus": 100000,
"verifyMessage": "Success",
"data": {
"vaspCode": "lDPwXEIe6r1jZp5TdTfyI",
"vaspEntitySlug": "axchange-us",
"vaspEntityName": "Axchange USA",
"allianceName": "Smile Travel Rule",
"country": "US",
"availability": 0,
"supportedFeatures": ["UNHOSTED_WALLET_VERIFY"],
"capability": {
"couldPending": true
},
"supportedVerifyFields": [
{
"id": 110026,
"name": "Beneficiary Legal Person Name"
}
],
"requiredPiiFieldsAsBeneficiary": [
{
"id": 110026,
"name": "Beneficiary Legal Person Name",
"direction": "BENEFICIARY"
}
],
"standardInfo": {
"publicKeyInfo": {
"receiverKeyInfo": {
"publicKey": "-----BEGIN CERTIFICATE-----\nMIICpzCC...."
},
"secretAlgorithm": "rsa_ecb_oaep_with_sha1_and_mgf1padding"
},
"supportedPiiSpecInfo": {
"piiSpecVersion": "ivms101-2020"
},
"piiSecretFormatType": "FULL_JSON_OBJECT_ENCRYPT"
}
}
}
Attributes wrapped by this response body is vital for you to initiate a Travel Rule request via One-Step API. Please see the section below to know how to digest this response.
[TARGET_VASP_CODE][TARGET_ALGORITHM][TARGET_PII_SPEC_VERSION][TARGET_PII_SECRET_FORMAT_TYPE][MY_PRIVATE_KEY][MY_PUBLIC_KEY][THEIR_PUBLIC_KEY]
Please note that even if a VASP supports multiple algorithms, GTR will only select the most suitable one, with the following priority:
- (Highest priority)
ed25519_curve25519 - The other algorithms are selected in the order they are added to the public key
Simply, if a VASP supports the ed25519_curve25519 algorithm, you will always get this type.
Digest Response
Please set up the global variables in your code-base or service environment, the structure is recommended to be like the following:
// please setup these information on your program
const myENV = {
"supportedSecretAlgorithm" : {
"ed25519_curve25519" : {
"publicKey": "",
"privateKey": ""
},
"rsa" : {
"publicKey": "",
"privateKey": ""
},
},
"supportedPiiSpecVersion": {
"ivms101-2020": {},
"ivms101-2023": {}
},
"supportedPiiSecretFormatType": [
"FULL_JSON_ENCRYPTION"
]
}
The public key and private key store format please refer to Secret Algorithm in GTR
Your VASP service must support these algorithm, PII format and PII encrypt format, and your server can route to the corresponding logic to process the verification request.
For TARGET_VASP_CODE
Set the vaspCode from the response as [TARGET_VASP_CODE]:
const TARGET_VASP_CODE = response.data.vaspCode
For TARGET_ALGORITHM
Use your myENV.supportedSecretAlgorithm and match it with response.data.standardInfo.publicKeyInfo.secretAlgorithm, then:
i. Select your private key as [MY_PRIVATE_KEY]
ii. Select their public key as [THEIR_PUBLIC_KEY]
iii. Select the algorithm as [TARGET_ALGORITHM]
iv. Select your public key as [MY_PUBLIC_KEY]
const TARGET_ALGORITHM = response.data.standardInfo.publicKeyInfo.secretAlgorithm
const selectedAlgorithmFromMyENV = myENV.supportedSecretAlgorithm[TARGET_ALGORITHM]
if(selectedAlgorithmFromMyENV == null) {
throw new Error("no support algorithm")
}
const MY_PRIVATE_KEY = selectedAlgorithmFromMyENV.privateKey
const MY_PUBLIC_KEY = selectedAlgorithmFromMyENV.publicKey
const THEIR_PUBLIC_KEY = response.data.standardInfo.publicKeyInfo.receiverKeyInfo.publicKey
For TARGET_PII_SPEC_VERSION
Use your myENV.supportedPiiSpecVersion to check if response.data.standardInfo.supportedPiiSpecInfo.piiSpecVersion is supported, and save it to a variable as [TARGET_PII_SPEC_VERSION] for later use:
const TARGET_PII_SPEC_VERSION = response.data.standardInfo.supportedPiiSpecInfo.piiSpecVersion
if(myENV.supportedPiiSpecVersion[TARGET_PII_SPEC_VERSION] == null) {
throw new Error("no support pii spec version")
}
For TARGET_PII_SECRET_FORMAT_TYPE
Use your myENV.supportedPiiSecretFormatType to check if response.data.standardInfo.piiSecretFormatType is supported, and save it to a variable as [TARGET_PII_SECRET_FORMAT_TYPE] for later use:
const TARGET_PII_SECRET_FORMAT_TYPE = response.data.standardInfo.piiSecretFormatType
if(TARGET_PII_SECRET_FORMAT_TYPE not in myENV.supportedPiiSecretFormatType) {
throw new Error("not support pii secret format type")
}
About couldPending
The counter-party VASP may enter a pending flow. The pending flow can occur in two stages as shown in the table below:
| Scenario | Stage Sequence | Stage Name |
|---|---|---|
| Pre-transaction Travel Rule | Stage 1 | Address Verification Pending |
| Pre-transaction Travel Rule | Stage 2 | PII Verification Pending |
| Post-transaction Travel Rule | Stage 1 | TX Verification Pending |
| Post-transaction Travel Rule | Stage 2 | PII Verification Pending |
Each stage can be pending. If your compliance requirements only require submitting PII to the counter-party VASP before
starting the transaction (without verifying PII), we suggest not proceeding with the transaction if Stage 1 is pending
or failed. Refer to the table below for details on each property.
| Scenario | Stage | Send Out PII | Verify PII | Can Block Transaction |
|---|---|---|---|---|
| Pre-transaction Travel Rule | Address Verification Pending | No | No | No Transaction |
| Pre-transaction Travel Rule | PII Verification Pending | Sent | No | Start Transaction |
| Post-transaction Travel Rule | TX Verification Pending | No | No | Transaction Already Done |
| Post-transaction Travel Rule | PII Verification Pending | Sent | No | Transaction Already Done |
If you don't want to transact with VASPs that have couldPending=true, you can filter them out.
Next
Now, you have completed the most important variable digestion, you are ready to initiate a Travel Rule via One-Step API
💡 GTR Implementation Recommendations
- Always invoke this VASP Detail API before initiating any Travel Rule transaction with a target VASP. This ensures you have the latest and most accurate information about the target VASP's encryption algorithm and public keys.
- The publicKeyInfo section provides the public key and encryption algorithm that you must use to encrypt sensitive travel rule data before sending it to the target VASP.
- The supportedFeatures, supportedVerifyFields, and requiredPiiFieldsAsBeneficiary fields inform you about the verification capabilities and required Personally Identifiable Information (PII) fields for the beneficiary.
- The availability field indicates whether the VASP is currently available to receive travel rule data.
- The standardInfo section also includes the PII specification version (piiSpecVersion) and the format type for encrypted PII data (piiSecretFormatType), which you should comply with when preparing data.