Verun Protocol — Solana
LIVE on Solana Devnet Deployed April 2026 · 10 API Endpoints · v0.1.0
Technical documentation for Verun Protocol — a design exploration of agentic trust infrastructure for European finance, built on Solana by BCP Partners GmbH. Intended to complement Erster, an EU tokenization platform in development.
Consensus-based Trust Scores (0–1000) intended to gate access to a regulated Chain API. Each evaluation is anchored as a Memo Instruction on Solana Devnet. The design intent is to generate machine-readable audit trails that could complement MiFID II Art. 17 + EU AI Act Art. 14 obligations, subject to independent legal review.
Disclosure: Devnet prototype · design intent · not legally certified · not investment advice. Statements about partners, integrations and compliance alignment are exploratory and subject to confirmation. Independent legal review planned.
Overview
Verun is the trust infrastructure layer for AI agents operating in regulated European financial markets.
What is Verun?
As AI agents begin autonomously executing token transfers, minting securities, and placing investment orders, there is no existing standard for establishing who an agent is, whether it can be trusted, and whether it is permitted to act in a regulated context.
Verun solves this with the Verun Accredited Agent Score (0–1000): a consensus-based trust verdict issued by registered validators, anchored on Solana for every evaluation, and enforced at the tokenforge Chain API gate.
Key Facts
| Property | Value |
|---|---|
| Trust Score Range | 0 – 1000 |
| Consensus Model | 2-of-N validator votes required (ceil N/2) |
| Anchor Chain | Solana Devnet — Memo Instruction per evaluation |
| Settlement Layer | Solana — eWpG, ISIN, EURC |
| Regulated Gate | tokenforge Chain API — eWpG, BaFin, MiFID II |
| Fee Split | 70% Protocol / 10% Validator / 10% Agent Kickback / 10% Reserve |
| Tokenization Platform | Erster — EU tokenization platform in development |
| Live URL | verun-solana-mvp.vercel.app |
3 Operating Modes
| Mode | Description |
|---|---|
| Discovery | Agent scans validated platforms, finds tokenforge, sends structured recommendation to human |
| Supervised | Human receives recommendation, approves with one click — agent executes single action |
| Autonomous | After human approval: agent executes fully automatically, every action anchored on-chain |
Architecture
Three complementary layers — Solana for trust, tokenforge as the regulated gate, Solana for settlement. No layer competes with another.
Layer Stack
Flow
Claude · MCP
Score + Consensus
Memo Tx Anchor
Chain API Gate
eWpG · EURC
Fee Distribution
Trust Score Gates
Every tokenforge Chain API capability is gated behind a minimum Trust Score. Scores are computed by validator consensus and anchored on Solana.
Score Tiers
| Tier | Score | Permitted Operations | Kickback |
|---|---|---|---|
| LOW | 800 – 1000 | All operations | 10% |
| MED | 600 – 799 | read, transfer, mint, order | 5% |
| HIGH | 300 – 599 | read, transfer, mint | 0% |
| BLOCK | 0 – 299 | None — access denied | 0% |
MiFID II + EU AI Act — Design Intent
Verun's design is informed by, and intended to complement, the audit obligations financial institutions already carry under MiFID II Art. 17 (algorithmic trading governance) and the EU AI Act (high-risk AI logging + human oversight). Nothing on this page is a compliance certification or legal opinion.
Design Mapping (exploratory)
| Article | Obligation (institution-side) | What Verun explores |
|---|---|---|
| MiFID II Art. 17 | Algorithmic trading governance + complete records | Every prototype evaluation is anchored on Solana Devnet via Memo Instruction. Score, consensus, operation, timestamp — recorded for replay. |
| EU AI Act Art. 14 | Human oversight of high-risk AI systems | Design supports human-in-the-loop approval above defined operation tiers; validator consensus is institutional/human-controlled. |
| EU AI Act Art. 12 | Automatic logging of high-risk AI activity | Every verdict, approval, and revocation written to Solana in the prototype — a replayable evaluation log. |
| MiFID II Art. 17(2) | Kill-switch / system controls | Prototype SBT revocation flow — credential can be burned by issuer via single Solana transaction, removing the agent's permissioned access in subsequent evaluations. |
Validator Model
Validators are the institutional backbone of Verun. They provide the consensus votes required for every agent evaluation.
Active Validators (Testnet)
Consensus Rules
A verdict requires ceil(N/2) matching votes from selected validators. With 3 validators: 2-of-3 required. UNAVAILABLE votes are excluded from the tally. If consensus cannot be reached, the evaluation returns BLOCK.
Validator Economics
Validators earn 10% of all evaluation fees automatically via the fee distribution contract. No manual claim required. Fee share scales with validation volume.
API Reference
Base URL: https://verun-solana-mvp.vercel.app
GET /api/health
Service status and network confirmation.
{
"ok": true,
"service": "verun-solana-mvp",
"network": "solana-devnet"
}
GET /api/validators
List all registered validators with metadata.
{
"validators": [
{
"id": "val-erster-01",
"name": "ERSTER",
"type": "internal",
"status": "active",
"policy": "score_based"
},
{
"id": "val-tokenforge-02",
"name": "tokenforge",
"type": "external",
"status": "active",
"policy": "chain_api_based",
"api": {
"type": "rest",
"network": "testnet",
"docs": "https://docs.tokenforge.io"
}
},
{
"id": "val-test-03",
"name": "Test Validator",
"type": "internal",
"status": "test",
"policy": "score_based"
}
]
}
POST /api/evaluate
Evaluate an agent. Returns 2-of-N validator consensus verdict + Solana on-chain anchor.
{
"agentId": "agt_demo",
"score": 820,
"operation": "transfer",
"validatorIds": ["val-erster-01", "val-tokenforge-02", "val-test-03"]
}
{
"success": true,
"verdict": {
"agentId": "agt_demo",
"score": 820,
"operation": "transfer",
"validators_used": [
{ "id": "val-erster-01", "name": "ERSTER" },
{ "id": "val-tokenforge-02", "name": "tokenforge" },
{ "id": "val-test-03", "name": "Test Validator" }
],
"votes": [
{ "validatorId": "val-erster-01", "vote": "LOW", "reason": "score_800+", "source": "val-erster-01" },
{ "validatorId": "val-tokenforge-02", "vote": "LOW", "reason": "chain_api_gate_passed_transfer:820>=500", "gate": { "permitted": true } },
{ "validatorId": "val-test-03", "vote": "LOW", "reason": "score_800+", "source": "val-test-03" }
],
"tally": { "LOW": 3 },
"consensus": "LOW",
"permitted": true,
"kickback_rate": 10,
"ts": "2026-04-20T09:33:09.734Z"
},
"anchor": {
"txid": "5J7XK8L9aBcDe1FgHi2JkLm3NoPq4RsTu5VwXyZ9aBcDe1FgHi2JkLm3NoPq4RsTu",
"ledger": "62604931",
"explorer": "https://explorer.solana.com/tx/5J7XK8L9aBcDe1FgHi2JkLm3NoPq4RsTu5VwXyZ9aBcDe1FgHi2JkLm3NoPq4RsT?cluster=devnet"
}
}
curl -L -X POST https://verun-solana-mvp.vercel.app/api/evaluate \
-H "Content-Type: application/json" \
-d '{"agentId":"agt_demo","score":820,"operation":"transfer"}'
POST /api/score
Lightweight evaluation — verdict only, no Solana anchor written. Use for quick checks where on-chain anchoring is not required.
{
"agentId": "agt_demo",
"score": 820,
"operation": "transfer"
}
POST /api/mint-sbt
Issues a Soulbound Token credential to an agent, after running consensus. If consensus = BLOCK the request returns HTTP 403 and no SBT is minted. Full design + verification details on the Soulbound Token page.
POST /api/revoke-sbt
Kill-switch: clears the agent's vtrust_* SPL-Memo entry on the protocol account in a single Solana transaction. Audit trail (the revoke TX) remains in the on-chain transaction history. Used to satisfy MiFID II Art. 17 + EU AI Act Art. 14.
GET /api/sbt-status?agentId=…
Returns the current credential for an agent, or credentialed: false if not issued / revoked. Reads directly from the protocol account's on-chain data — no caching, no Verun-side state.
GET /api/sbt-list
Returns every active SBT issued by this protocol account. Useful for a public registry view — e.g. "all currently credentialed agents."
Solana On-Chain Anchor
Every POST /api/evaluate writes the verdict payload as a Memo Instruction on Solana Devnet — creating an immutable, timestamped audit trail.
How It Works
After validator consensus is reached, the Verun protocol wallet sends a self-payment of 1 lamport (0.000000001 SOL) with sha256(verdict) in the memo field (32-byte hash). The transaction is confirmed in ~1 second on Solana.
anchor.status: "anchor_failed" — the evaluation result is never withheld.Anchor Payload (memo instruction)
{
"agentId": "agt_demo",
"score": 820,
"operation": "transfer",
"consensus": "LOW",
"permitted": true,
"validators": ["val-erster-01", "val-tokenforge-02", "val-test-03"],
"ts": "2026-04-20T09:33:09.734Z"
}
Verify On-Chain
Every anchor can be verified publicly on Solana Explorer:
https://explorer.solana.com/tx/{txid}
# Example live anchor:
https://explorer.solana.com/tx/5J7XK8L9aBcDe1FgHi2JkLm3NoPq4RsTu5VwXyZ9aBcDe1FgHi2JkLm3NoPq4RsT?cluster=devnet
Protocol Wallet
| Property | Value |
|---|---|
| Network | Solana Devnet |
| Node | Solana RPC (api.devnet.solana.com) |
| Cost per anchor | ~100 lamports (~0.00001 SOL, base fee + 1-lamport op) |
| Confirmation time | ~3.9 seconds |
Soulbound Token (SBT)
LIVE on Solana Devnet mint · revoke · status · list — all four endpoints in production
Verun issues a non-transferable trust credential — the VTRUST SBT — to every agent that passes consensus. The credential is stored as a SPL-Memo entry on the protocol account, fully on-chain, publicly verifiable, and revocable in a single transaction.
Wallet Architecture (Protocol-Custodial)
Verun's Solana deployment uses a protocol-custodial model — a single responsible party is the issuer, agents do not hold private keys. Aligns with EU AI Act Art. 14 (human oversight) + MiFID II Art. 17 (kill-switch).
| Party | Wallet? | Holds |
|---|---|---|
| Verun (protocol) | YES — 1 wallet | SBT registry (SPL-Memo), audit trail, anchor TXs |
| Agent | NO | Identified by agentId string only — no keys, no funds, no Solana address |
| tokenforge / consumer | Their own | Verifies SBT via public Solana RPC query before granting access |
How the credential lives on-chain
The SBT is not a Solana asset in the traditional sense — it's a SPL-Memo entry on the protocol account. That means there is no asset balance, no associated token account, no agent-side signature required. The "token" is a key-value pair stored permanently on the issuer's account.
| Field | Format | Example |
|---|---|---|
| key | vtrust_<agentId> | vtrust_agt_fahad_001 |
| value | vtrust-mint:<agentId>:<tier>:<score>:<isoTs>:<hash8> | vtrust-mint:agt_fahad_001:MED:720:2026-05-04T18:40:53Z:4f3aaa28 |
| issuer | Solana address (base58, 32 bytes) | (protocol) |
| tamper-proof | sha256(credential) in tx memo | 32-byte hash committed alongside the SPL-Memo op |
Mint flow
// Request
{ "agentId": "agt_fahad_001", "score": 720, "operation": "transfer" }
// Response
{
"success": true,
"verdict_consensus": "MED",
"agentId": "agt_fahad_001",
"tier": "MED",
"score": 720,
"ts": "2026-04-30T14:40:53.913Z",
"key": "vtrust_agt_fahad_001",
"txid": "5J7XK8L9aBcDe1FgHi2JkLm3NoPq4RsTu5VwXyZ9aBcDe1FgHi2JkLm3NoPq4RsTu",
"slot": 323456789,
"credential_hash": "4f3aaa283c7cf13ff7427fd9560b49314baaf40bf790efb78cc4e3e00a45ea6d",
"issuer": "",
"explorer": "https://explorer.solana.com/tx/a6013d9...?cluster=devnet",
"verify_url": "https://verun-solana-mvp.vercel.app/api/sbt-status?agentId=agt_fahad_001"
}
The endpoint runs validator consensus first. If consensus = BLOCK, no SBT is issued — the operation gate is enforced before mint. One transaction includes both the SPL-Memo op and the anchor self-payment.
Revoke flow (kill-switch)
// Request
{ "agentId": "agt_fahad_001", "reason": "policy_violation" }
// Response
{
"success": true,
"revoked": true,
"agentId": "agt_fahad_001",
"key": "vtrust_agt_fahad_001",
"reason": "policy_violation",
"txid": "...",
"ledger": "...",
"revoke_hash": "...",
"explorer": "https://explorer.solana.com/tx/..."
}
Revocation = a vtrust-revoke memo instruction. The entry is removed from the issuer's account state in a single transaction (~1 second). The revoke transaction itself remains in the on-chain transaction history forever — the audit trail is not erased.
Public verification (zero-auth)
Anyone — tokenforge, an auditor, a regulator — can verify the credential directly against Solana RPC. No Verun API call required.
curl -L https://verun-solana-mvp.vercel.app/api/sbt-status?agentId=agt_fahad_001
# Active credential:
{ "ok": true, "credentialed": true, "credential": { "tier": "MED", "score": 720, "ts": "2026-05-04T18:40:53.913Z" } }
# Or query the protocol account's signature history:
# Revoked credential:
HTTP 404 Not Found
Endpoint summary
| Method | Path | Purpose |
|---|---|---|
| POST | /api/mint-sbt | Issue credential after consensus check |
| POST | /api/revoke-sbt | Kill-switch: clear credential entry |
| GET | /api/sbt-status?agentId=… | Check credential for one agent |
| GET | /api/sbt-list | List all credentialed agents |
End-to-end demo (one command)
git clone https://github.com/Fahad00674/verun-solana-mvp
cd verun-solana-mvp && chmod +x scripts/sbt-demo.sh
./scripts/sbt-demo.sh agt_fahad_001 720
Runs the full lifecycle: status check → mint → public verification → revoke (kill-switch) → re-verification. Two real testnet transactions, ~25 seconds total.
Compliance mapping
| Regulation | Article | Verun mechanism |
|---|---|---|
| MiFID II | Art. 17 | 2-of-3 validator consensus + on-chain audit trail · single-TX kill-switch via revoke endpoint (~1s) |
| EU AI Act | Art. 14 | Validators are human/institutional — every action gated by their consensus (human oversight) |
| EU AI Act | Art. 12 | Automatic logging — every verdict + approval anchored on Solana |
Mainnet Roadmap
From Solana Devnet MVP toward a more production-grade design, with independent legal review of MiFID II + EU AI Act alignment. Timelines and scope are indicative and subject to change.
For Agents
Everything an AI agent needs to connect to Verun Network and get a trust verdict on Solana — in under 60 seconds.
Step 1 — Add the System Prompt
Paste this into your agent's system instructions. It tells the agent when and how to call Verun before executing any financial operation.
You are an AI agent operating within the Verun Network trust framework on Solana.
Before executing any financial operation, request a Verun trust evaluation.
== HOW TO EVALUATE ==
POST https://verun-solana-mvp.vercel.app/api/evaluate
Body: { "agentId": "YOUR_AGENT_ID", "score": YOUR_SCORE, "operation": "transfer" }
== OPERATION GATES ==
read → score 300+
transfer → score 500+
order → score 600+
== VERDICT RULES ==
permitted: true → proceed with the operation
permitted: false → stop, escalate to human supervisor
Always store the returned txid as your on-chain audit trail.
== HUMAN ESCALATION ==
If verdict is denied or pending, notify the human supervisor.
Never execute financial operations without a valid Verun verdict.
Network: Solana Devnet
Validators: tokenforge · ERSTER
Docs: https://verun-solana-mvp.vercel.app/docs.html
Step 2 — Make the API Call
Your agent calls /api/evaluate before any operation. Replace YOUR_AGENT_ID with your agent's identifier.
Step 3 — Read the Verdict
Verun returns a verdict with a Solana TXID as immutable proof.
txid is verifiable at Solana Explorer (Devnet) — immutable, timestamped, auditable.Operation Reference
| operation | Min. Score | Use case |
|---|---|---|
read | 300+ | Query platform data, price feeds |
transfer | 500+ | Send tokens, initiate payments |
order | 600+ | Place trade orders, mint tokens |
x402 Sequence Diagram — Solana
Complete message flow between AI Agent, Verun Protocol, GoPlausible x402 Facilitator, and Solana Network — including error paths.
recentBlockhash + lastValidBlockHeight handle tx expiry; SPL-Memo commits the verdict hash. Base fee is 5000 lamports (~0.000005 SOL). Memo Instructions serve as the on-chain referral anchor.