Identity & Access

Secure user-level state management, debt tracking, and real-time access enforcement

This section defines how individual user accounts are tracked, managed, and protected across the TRN ecosystem. From real-time spending limits to bot detection, and from KYC withdrawals to biometric key recovery, the system prioritizes resilience, decentralization, and fraud prevention.

🧠 Overview

The TRN platform uses a multi-layered identity and access framework to:

  • Track user balances, earnings, debts, and spending in real time

  • Prevent abuse, manipulation, or double-spending

  • Enforce withdrawal policies and post limits

  • Integrate biometric recovery and decentralized authentication

  • Power moderation, fraud detection, and ad eligibility

  • Enable seamless interaction across the DApp with zero staking friction

All access control mechanisms defer to oracle-verified user state, not raw wallet balance alone.

🧩 Core Components

Module
Summary

TRNUsageOracleViewAdapter

Real-time read adapter for UI and APIs to query user balances, earnings, and debts

AI Bot Verifier

Module for detecting AI-inflated engagement, fake accounts, or manipulation attempts

DebtSettlementModule

Ensures no user proceeds with actions if they owe more than they’ve earned

KYC Withdrawal Layer

Enables fiat withdrawal through country NFT-compliant KYC systems

7 Key Shards

Multi-key security model for identity recovery, admin override, and cold resets

🧮 Real-Time Access Enforcement

The TRNUsageOracle governs all spending and balance-based actions. No transaction (e.g. viewing a post, boosting, subscribing) proceeds without first being validated against the oracle.

The oracle reads include:

  • User’s available fruit (credit from views, retrns, blessings, etc.)

  • Pending debits (subscriptions, boosts, burns)

  • Net debt limit enforcement

  • Account’s history of daily merkle reconciliations

All wallet actions, including transfers, must pass through this oracle. If any user tries to bypass the system, the transaction will revert with a debt enforcement error.

🔍 Transparency & Privacy

The platform strikes a balance between open data for trust and private data for safety:

  • Publicly visible: engagement metrics, balances, content hashes

  • Privately enforced: bot flags, geo-block lists, debt status, moderation logs

Only DAO auditors or CountryNFT moderators with proper authority may access sensitive identity-level data like bot detection results or recovery shard triggers.

🔐 Recovery & Biometric Identity

Every user identity is safeguarded by a 7-key shard system:

  • 3 active keys: voice, face, and fingerprint (or verified fallback)

  • 4 recovery keys: issued to trusted agents or distributed in escrow

To reset access:

  • 4 of 7 keys are required to reinitiate wallet access

  • Biometric verification must pass at least 3 active keys or fallback route

  • All actions are logged to the ModerationLog for auditability

This ensures decentralized custody, avoids reliance on centralized providers, and enables users to recover from loss or compromise without permanently losing funds or access.

💳 Fiat & KYC Integration

To comply with financial regulations, all fiat withdrawals must route through:

  • KYC Withdrawal Layer

  • CountryNFT-owned withdrawal pools

  • Verified bank or wallet destinations

Users must pass their local country’s KYC checks once, which then authorizes future redemptions of TRN into fiat. These flows are invisible during normal usage but can be initiated seamlessly when a user chooses to off-ramp earnings.

🤖 AI Bot Detection

The AI Bot Verifier module watches for signs of abuse such as:

  • Fake or farmed accounts

  • Automated retrns or blessings

  • Rapid, inhuman content engagement

When detected:

  • The account may be flagged privately

  • Ad eligibility, lotto participation, or payout claims may be restricted

  • Bot status is invisible to the user unless flagged during audit

This protection is essential for maintaining advertiser integrity, viewer trust, and resonance-based wealth distribution.

🚫 Debt Enforcement

No user is allowed to:

  • Transfer TRN

  • Boost content

  • Subscribe

  • Claim earnings

…if their fruit balance equals or is below 0 after daily reconciliation.

If they are dangerously close to zero, the platform restricts them to:

  • Viewing their own posts

  • Viewing previously watched content

  • Watching ads (to earn TRN)

  • Viewing boosted posts (to earn TRN)

Once they recover a non-zero positive fruit balance, normal actions resume.

✅ Auto-Sync via Merkle + Oracle

Every day:

  • The Merkle tree batches transactions and earnings

  • The TRNUsageOracle updates all user balances, reconciling credit/debit flow

  • The TRNUsageOracleViewAdapter exposes updated state to the app/UI

  • All module permissions and transaction constraints reset accordingly

This guarantees deterministic resolution, fraud-proof balance enforcement, and credit-based pre-authorizations for smooth user experience.

🧷 Related Systems

Related Module
Role in Identity & Access

ModerationLog

Tracks identity resets, suspicious activity, and key usage

TRNUsageOracle

Core logic gatekeeper for balance and usage

BoostingModule

Reads real-time limits to prevent excess budgeting

SubscriptionManager

Validates daily payment and prevents renewals in debt

LottoModule

Excludes flagged users or bots from winnings

VaultSplitter System

Only pays out users after oracle-confirmed eligibility

PreviousFollowGraphNextTRNUsageOracleViewAdapter

Last updated