TRISA stands for Travel Rule Information Sharing Alliance. TRISA is a decentralized protocol supported by centralized governance. Any VASP can connect; there are no hidden servers or firewalled API endpoints. This article covers factors to consider when choosing TRISA as a Travel Rule messaging protocol provider.
TRISA applies a peer-to-peer messaging mechanism with a centralized-based Certificate Authority (CA) model to identify and verify VASPs. It also serves as a dictionary for their public key certificates to establish secure communications between VASPs.
According to TRISA’s whitepaper, these certificates should have an expiration date. They should also be subject to revocation by the CA through an Online Certificate Status Protocol (OCSP) mechanism or revocation list.
TRISA operates a hosted certificate authority (CA) which issues certificates to VASPs to authenticate each other. The TRISA CA will issue X.509 test certificates to enable authentication interoperability testing among VASPs. These certificates will first be issued to TRISA members. Access TRISA’s whitepaper to learn more.
TRISA is a protocol.
TRISA is an open-sourced protocol by Blockchain Forensics/Analytics company CipherTrace.
No. VASPs will still need to partner with a fully integrated Travel Rule solution provider or build additional components to integrate TRISA.
Yes. Intense work is required to integrate each Travel Rule messaging protocol into TRISA.
Notabene will be able to help with all of the above mentioned integration steps.
The TRISA Global Directory Service enables VASPs to look up the VASP name, jurisdiction, contact information and physical address details. Additionally, TRISA utilizes the TRIXA form, akin to the Wolfsberg Principles, to establish and maintain a set of best practice guidelines to perform VASP due diligence.
CipherTrace is the primary member of the TRISA Alliance, which governs TRISA and approves certificates. There may be other unnamed members.
TRISA does not support communication with non-custodial wallets.
We are uncertain if TRISA is live; yet, there have been mentions of testnets.
Yes. TRISA has a good response from regulators, alongside excellent initial support from several VASPs
TRISA charges a verification fee that VASPs must pay to receive an operational certificate. Users pay further implementation costs through CipherTrace subscription fees or the implementation of other service providers.
Notabene aims to provide its clients with support to the widest range of VASPs. We are currently evaluating adding support for TRISA. One concern we have is that it is currently centered around a single vendor and may not be seen as sufficiently open by the industry.
Notabene is investigating how we can use our decentralized identity technology to solve these drawbacks for VASPs supporting TRISA.
TRISA has a current testnet. View TRISA’s testnet on Github.
TRISA is based on certificate authorities due to concerns from their customers regarding the new FATF guidelines. TRISA is full-featured and under semi-active development. Most development occurred in 2020 and has since stalled.
The TRISA protocol supports the following:
Requesting changes on TRISA
As a closed network solution, all changes will be decided by and implemented by TRISA.
TRISA | Travel Rule Information Sharing Architecture for Virtual Asset Service Providers Whitepaper v8
Thinking of integrating TRISA? Save time and integrate Notabene's API to connect with TRISA and many others.