Sending and Receiving Travel Rule Messages - Fireblocks

Using the Fireblocks Notabene Integration to send and receive TR messages.

How to link your Notabene and Fireblocks Accounts

Follow these steps:

  1. Create an account on Notabene.
    1. Testing/Sandbox
    2. Production
  2. Follow these instructions to get your API credentials.
  3. Connect your Notabene account to Fireblocks as described in the the Fireblocks help center.


Withdrawals

Withdrawal Overview

Part of the travel rule flow as recommended by FATF involves exchanging information about the beneficiary and originating persons (and/or companies) who are exchanging funds. You can see a breakdown of required information by jurisdiction here.

When you create a transaction through Fireblocks, Fireblocks has some but not all of the data required for a complete travel rule message. In order for Fireblocks to create a travel rule message for you, you have to append the additional required data to your create transaction request. Specifically you have to append the following things:

  1. Originator VASP Did (You get this when you create your Notabene account, it never changes)
  2. Beneficiary VASP Did OR Beneficiary Proof
    1. Beneficiary VASP Did = the Notabene Did (decentralized identifier) of the counter-party VASP
    2. Beneficiary Proofs  = This indicates you are sending to a self-hosted wallet. It can be a declaration or a cryptographic proof. Alternatively you could elect to bypass travel rule screening all together if you are sending to a self-hosted wallet.
  3. Originator - These are details about who is actually sending the funds, this can be a person or an entity.
  4. Beneficiary - These are details about who is receiving the funds, this can be a person or an entity.

This data can be appended to your Fireblocks transaction via the Fireblocks API or Javascript SDK.

🚧

The originator and beneficiary data is considered PII and must be encrypted prior to being sent to Fireblocks, see more on how to do that below.




Creating a TR message with the Fireblocks API

You can create a travel rule message using the Fireblocks API by appending the "travelRuleMessage" parameter to your create transaction post request. If you don't add the "travelRuleMessage" field Fireblocks will bypass the Notabene screening.

The "travelRuleMessage" field is a json object with the four pieces of information outlined above: 1.) Originator VASP Did 2.) Beneficiary VASP Did OR Beneficiary Proof 3.) Originator Person/Entity 4.) Beneficiary Person/Entity. You can see the exact payload in the Notabene/Fireblocks Postman Collection.

All PII data sent through Fireblocks has to be encrypted. If you send unencrypted PII data through Fireblocks then your transaction will be rejected with the reason "Rejected by AML".

Encrypt the originator and beneficiary PII data by following these steps:

  1. Publish Your Public Encryption Key - In order to encrypt the originator and beneficiary data you must create a private/public key pair and publish the public key on your Notabene profile. Follow the steps outlined here to create and publish your encryption keys.
  2. Download the Notabene PII SDK - Download the Notabene PII SDK found here. The PII SDK gives you tools you can use to encrypt and decrypt the beneficiary and originator data.
  3. Encrypt the Originator and Beneficiary PII Data - Using the PII SDK and the keys you generated in step 1, you can encrypt the originator and beneficiary data. You can find examples of how to use the PII SDK in the SDK ReadMe and in the docs here.
  4. Attach the Encrypted Data to your Fireblocks API Request- See examples in the Postman Collection here and in the recipe below.



Creating a TR message with the Fireblocks Javascript SDK

You can create a travel rule message using the Fireblocks SDK by appending the "travelRuleMessage" parameter to your create transaction function call. If you don't add the "travelRuleMessage" field Fireblocks will bypass the Notabene screening.

The "travelRuleMessage" field is a json object with the four pieces of information outlined above: 1.) Originator VASP Did 2.) Beneficiary VASP Did OR Beneficiary Proof 3.) Originator Person/Entity 4.) Beneficiary Person/Entity. You can see the exact payload in the Notabene/Fireblocks Postman Collection.

All PII data sent through Fireblocks has to be encrypted. If you send unencrypted PII data through Fireblocks then your transaction will be rejected with the reason "Rejected by AML".

Encrypt the originator and beneficiary PII data by following these steps:

  1. Publish Your Public Encryption Key - In order to encrypt the originator and beneficiary data you must create a private/public key pair and publish the public key on your Notabene profile. Follow the steps outlined here to create and publish your encryption keys.
  2. Download the Notabene PII SDK - Download the Notabene PII SDK found here. The PII SDK gives you tools you can use to encrypt and decrypt the beneficiary and originator data.
  3. Encrypt the Originator and Beneficiary PII Data - Using the PII SDK and the keys you generated in step 1, you can encrypt the originator and beneficiary data. You can find examples of how to use the PII SDK in the SDK ReadMe and in the docs here.
  4. Attach the Encrypted Data to your create transaction function parameters- See an example in the recipe below.



Deposits

Deposit Overview

When you receive a deposit on Fireblocks one of three scenarios can happen:

  1. The Originator VASP sends a travel rule message and waits for your reply before sending funds.
  2. The Originator VASP sends funds with a travel rule message.
  3. The Originator VASP sends funds without a travel rule message.

Let's go through each of them.




The Originator VASP sends a travel rule message and waits for your reply before sending funds.

When you receive a travel rule message on Notabene, you must perform two rounds of responses:

  1. Response 1: Confirming ownership of the destination blockchain address.
  2. Response 2: Accepting or declining the transfer.

The Fireblocks integration will automatically handle confirming ownership of the destination blockchain address (Response 1) for you.

You will still need to accept or decline the transaction. This can be done manually in the Notabene UI or this can happen automatically based on your Notabene Rules.

Once you accept (or decline) the travel rule message, the counter-party VASP will send (or not send) the funds accordingly.





The Originator VASP sends funds with a travel rule message.

When you receive a deposit on the blockchain in your Fireblocks account, Fireblocks will automatically check if there is a travel rule message that matches the transaction details (hash, origin, destination, value).

Since the Originator VASP has sent a travel rule message in this scenario, Fireblocks will see the status of that message and take action accordingly. If the status is accepted, the funds will be available to you in your Fireblocks account. If the status is declined, the funds will be frozen in your Fireblocks account until they are unfrozen by a compliance officer. You can adjust the configuration of how a Notabene travel rule status influences actions in your Fireblocks environment, this is discussed on the next page.



The Originator VASP sends funds without a travel rule message.

When you receive a deposit on the blockchain in your Fireblocks account, Fireblocks will automatically check if there is a travel rule message that matches the transaction details (hash, origin, destination, value).

Since the Originator VASP has not sent a travel rule message in this scenario, Fireblocks will create a new travel rule message for you. This message will have an "Incomplete" status as it is missing the originating VASP and originator/beneficiary details. Your VASP will be marked as the beneficiary VASP on this message. These messages will show up in the "Waiting for Data" section of your Notabene inbox.

Notabene will automatically do a lookup on the originating blockchain address and one of two things will happen:

  1. Notabene identifies the originating VASP - In this case the travel rule message will be sent to the originating VASP. It will show up in the originating VASPs outbox in the "Waiting for Data" section. It will also remain in your inbox in the "Waiting for Data" section.
  2. Notabene cannot identify the originating VASP - In this case the travel rule message will remain in the "Waiting for Data" section of your inbox. You will need to manually fill in the missing info in the Notabene UI.


Receiving a deposit from an unhosted wallet.

Similar to the above scenario, when you receive the deposit on the blockchain in your Fireblocks account, Fireblocks will automatically check if there is a travel rule message that matches the transaction details (hash, origin, destination, value).

If the transfer came from an unhosted wallet then you won't have received a travel rule message. Fireblocks will create a new travel rule message for you which will be in the "Waiting for Data" section of your inbox. The Notabene address lookup will not return a VASP as the originating address in an unhosted wallet. When you manually fill in the missing information you can select the option "NON CUSTODIAL ORIGINATOR WALLET" which will then save the information instead of sending it as a travel rule message.