Features

Onboarding Flow

Before accessing the payment interface, users complete a compliance onboarding in 4 steps.

Step 1: Welcome

App introduction with feature highlights. Single "Get Started" button.

Step 2: Wallet Verification (Poco)

Cryptographic proof of wallet ownership via NautLense's Poco system:

1. NautLense generates a challenge message with a 5-word random slug, hex nonce, and 30-minute expiry
2. User signs the message with Phantom/Solflare (ed25519 off-chain format)
3. NautLense verifies the signature cryptographically
4. Verification is valid for 1 year

This satisfies Travel Rule requirements for self-hosted wallet verification (FINMA, BaFin, FMA).

Supported chains: Solana (ed25519), EVM/Ethereum (secp256k1) — ported from production NautPoco system.

Step 3: KYC (Optional)

Three modes:

• Sumsub WebSDK: Real document verification via sandbox
• Trial expired: Auto-skip with informational message
• Not configured:"Continue Without KYC" button

Step 4: Complete

Animated success screen with 3-second auto-redirect to the main payment interface. State persists in localStorage keyed by wallet address — reconnecting the same wallet skips onboarding.

Natural Language Payments

Type payment commands in plain English:

Intent Parsing Pipeline

1. Pattern matching (fast, no API call) — regex for common commands
2. Claude Haiku fallback— only if pattern confidence < 0.9
3. Confidence-based routing — determines if pattern result is final

Confirmation Flow

When NautLense flags a transaction for review (risk score 20-50%):

1. Chat shows risk reasons with amber status
2. User types "confirm" to proceed
3. Transaction executes after explicit approval
4. Transactions above 50% risk are automatically blocked

Compliance Integration

Every transaction goes through NautLense for:

Pre-flight Risk Assessment

• 7 compliance rules (threshold, velocity, round amounts, new wallets, self-transfer)
• Decision engine: approve (< 30%) / review (30-50%) / block (>= 50%)
• Treasury policy checks (daily limits, single-tx limits, whitelists)

Sanctions Screening

• Live OFAC SDN (16,910+ entities)
• SECO (Swiss), EU, UN sanctions lists
• Address-based screening (Tornado Cash, etc.)
• Batch screening (up to 100 entities)

Audit Trail

• SHA256 hash chain — tamper one record and the chain breaks
• GET /tx/verify-chain — cryptographic integrity verification
• Every transaction captured with risk score, flags, and hash

Token Swaps

FX conversion via Jupiter aggregator (Solana's DEX aggregator):

• Server-side proxy (avoids CORS + dead DNS issues)
• Best price across all Solana DEXs
• Supports: USDC, EURC, USDT, SOL
• Compliance check on every swap

Emergency Lockdown

Instant freeze of all transaction processing:

• POST /emergency/lockdown — blocks all /tx/capture with HTTP 423
• In-memory flag for zero-latency enforcement
• Database persistence across server restarts
• Dashboard shows red banner + blocked transaction count
• Full audit trail of lockdown events

Dashboard (NautLense)

12-page compliance dashboard:

1. Overview — KPIs, risk distribution, recent activity
2. Transactions — Full transaction table with risk scores
3. Travel Rule — Transfer records with data completeness
4. Address Book — Counterparties with auto-risk assessment
5. Wallets — Wallet risk profiles
6. SAR Reports — Suspicious activity reporting
7. Settings — Jurisdiction configuration
8. Reports — Quarterly/audit report generation
9. Rules — Compliance rule configuration
10. Audit Trail — Hash chain verification
11. Accounting — FIFO cost basis, P&L, tax events
12. Emergency — Lockdown controls and history

Address Book

• Contact CRUD with localStorage persistence
• Supports .sol domain resolution (SNS)
• Priority resolution: raw address > .sol domain > contact name
• Used by the agent for recipient resolution