IAM Protocol executor node. Validation server and relayer service for the IAM Protocol. Generates signed challenges, validates behavioral features server-side using proprietary models, issues SAS attestations, and relays walletless verification transactions to Solana.
The executor serves two roles:
-
Validation server — receives 134 statistical features from the Pulse SDK, runs proprietary validation models (loaded from the private
iam-validationcrate), performs cross-wallet Sybil detection via the fingerprint registry, and issues signed challenges. -
Walletless relayer — accepts ZK proofs and submits on-chain transactions for users without wallets (liveness-check tier). API key required.
Accepts a Groth16 proof for walletless verification. Submits create_challenge + verify_proof on-chain.
Request:
{
"proof_bytes": [0, 1, 2, ...],
"public_inputs": [[0, 1, ...], ...],
"commitment": [0, 1, ...]
}
Response:
{
"success": true,
"tx_signature": "5abc..."
}Requires X-API-Key header (walletless tier only).
Issues a Solana Attestation Service (SAS) attestation for a verified wallet.
Returns service metrics (uptime, relayer balance, verifications processed).
Returns service status (no auth required).
# Prerequisites: Rust, Solana CLI
# Configure environment
cp .env.example .env
# Edit .env: set RPC_URL, RELAYER_KEYPAIR_PATH
# Build
cargo build --release
# Run
cargo run
# Test
cargo test| Variable | Default | Description |
|---|---|---|
RPC_URL |
https://api.devnet.solana.com |
Solana RPC endpoint |
WS_URL |
wss://api.devnet.solana.com |
Solana WebSocket endpoint |
RELAYER_KEYPAIR_PATH |
./relayer-keypair.json |
Path to relayer keypair JSON |
LISTEN_ADDR |
0.0.0.0:3001 |
Server bind address |
API_KEYS |
[] |
JSON array of valid API keys |
RATE_LIMIT_PER_MINUTE |
60 |
Max requests per minute per API key |
CORS_ORIGINS |
[] |
JSON array of allowed origins (permissive if empty) |
SAS_CREDENTIAL_PDA |
— | SAS credential PDA for attestation issuance |
SAS_SCHEMA_PDA |
— | SAS schema PDA for attestation issuance |
MIT