> For the complete documentation index, see [llms.txt](https://docs.okkult.io/llms.txt). Markdown versions of documentation pages are available by appending `.md` to page URLs; this page is available as [Markdown](https://docs.okkult.io/developers/compliance-gate.md). # Compliance gate ## Compliance gate `ComplianceGate.sol` is a Solidity base contract that adds Okkult compliance checks to your protocol. Use it when you want to protect existing functions without rewriting the rest of your business logic. ### How it works You inherit from `ComplianceGate`, pass the verifier address in the constructor, and add `onlyCompliant(msg.sender)` to any protected function. That keeps your existing function logic unchanged. ### Step 1: Install ```bash npm install @okkult/contracts ``` ### Step 2: Import and inherit ```solidity import "@okkult/contracts/ComplianceGate.sol"; contract MyProtocol is ComplianceGate { constructor(address okkultVerifier) ComplianceGate(okkultVerifier, ComplianceMode.STRICT) {} function deposit(uint256 amount) external onlyCompliant(msg.sender) { // your existing logic — unchanged } } ``` ### Two compliance modes | Mode | Behavior | | -------- | ------------------------------------------------------- | | `STRICT` | Reverts if user has no valid proof | | `SOFT` | Emits an event but allows execution for gradual rollout | ### Choosing a mode Use `STRICT` when compliance is required for every protected action. Use `SOFT` when you want to monitor adoption before enforcing hard reverts. ### Whitelist functionality Whitelist support lets you exempt trusted addresses from proof checks. This is useful for contracts, multisigs, routers, and treasury accounts that cannot complete a user proof flow directly. ### Common whitelist use cases * Whitelist integration contracts that call your protocol * Whitelist multisigs used for operations or treasury management * Whitelist a DAO treasury address for governed transactions ### Managing the whitelist The exact function names depend on the published contract package version, but the whitelist flow is simple: 1. Add the trusted address to the whitelist 2. Allow the address to call gated functions 3. Remove the address when it no longer needs access ### Example policy ``` Treasury multisig: whitelisted DAO executor: whitelisted End users: must pass onlyCompliant(msg.sender) ``` ### Mainnet verifier `OkkultVerifier` mainnet address: `pending deployment` Use the deployed address page as the source of truth when the verifier address is published. ### Next Steps * [SDK reference](/developers/sdk-reference.md) * [Smart contracts](/developers/smart-contracts.md) * [Integration guides](/developers/integration-guides.md) --- # Agent Instructions This documentation is published with GitBook. GitBook is the documentation platform designed so that both humans and AI agents can read, navigate, and reason over technical content effectively. Learn more at gitbook.com. ## Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter: ``` GET https://docs.okkult.io/developers/compliance-gate.md?ask= ``` The question should be specific, self-contained, and written in natural language. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.