Title: Crypto-registry bridge (eWpG) with EAS mirroring · Pattern · EthSystems

URL Source: https://original.es-internal.pages.dev/patterns/pattern-crypto-registry-bridge-ewpg-eas/

Markdown Content:
---
description: Operate with a licensed crypto-register today while mirroring key legal facts (issuance, transfers, liens) as on-chain attestations. The registrar remains the legal source of truth; the on-chain anchor provides tamper evidence and paves the way for later automation once regulation allows.
title: Crypto-registry bridge (eWpG) with EAS mirroring · Pattern · EthSystems
image: https://original.es-internal.pages.dev/og.png
---

[Skip to content](#main-content) 

#### Works best when

* Germany or eWpG applies and a licensed crypto-register is required.

#### Avoid when

* You can legally replace the register on day one.

Vector

Attestation signatures rely on standard ECDSA and inherit PQ exposure. Hashes anchored on-chain are PQ-safe.

Mitigation

Migrate attestation signatures to PQ-safe schemes as ecosystem standards mature. See [Post-Quantum Threats](../domains/post-quantum.md).

## Components

* Licensed crypto-register under eWpG holds the legal records, PII, and signed notarial documents off-chain. It is the sole source of legal truth.
* Registrar API integration layer exposes signed records for each legal event (issuance, transfer, lien) to downstream systems.
* On-chain attestation schema defines the structure of mirrored facts: event type, record hash, registrar identifier, timestamp. PII never appears on-chain.
* Middleware attester reads the registrar's signed records, computes the hash, and posts an attestation on-chain under the schema.
* Reconciliation and audit tooling matches the on-chain anchor to the off-chain registrar record and flags drift.

## Protocol

1. operator Registrar records the legal event in the off-chain register and emits a signed record containing the event details and a record hash.
2. operator Middleware consumes the signed record, verifies the registrar's signature, and constructs an attestation containing the record hash, event type, and timestamp.
3. contract The attestation is posted on-chain under the agreed EAS schema. No PII is included.
4. auditor Later audits match the on-chain anchor to the registrar record: retrieve the registrar's plaintext record under NDA, recompute the hash, and confirm it equals the anchored attestation.
5. auditor Discrepancies trigger the incident runbook: the registrar remains legally authoritative, but a mismatch is evidence of tampering in one of the two systems.

## Guarantees & threat model

Guarantees:

* Legal compliance with eWpG is preserved; the licensed registrar remains the authoritative record keeper.
* On-chain anchor provides tamper-evident linkage between the registrar's private ledger and a public timestamp.
* Mirrored facts are cryptographically verifiable without requiring regulator access to the plaintext.

Threat model:

* Trust in the registrar as sole gatekeeper. The registrar can refuse or delay any registration with no on-chain bypass.
* Middleware attester key compromise allows forged anchors. Multi-attester cross-validation mitigates this.
* Collusion between the registrar and the middleware can produce consistent but fraudulent records on both sides. Independent attesters reduce but do not eliminate this risk.
* PII exposure is out of scope for the on-chain layer by design; the registrar's access controls govern all PII handling.

## Trade-offs

* Two sources of truth require ongoing reconciliation. Drift between the registrar and the on-chain anchor must be detected and resolved operationally.
* Strong incident and runbook discipline is required. A mismatch is not self-resolving; it triggers a manual investigation.
* Registrar dependency limits availability. Downtime at the registrar halts new anchors even if the on-chain side is healthy.
* The pattern is explicitly transitional: it assumes a future regulatory regime where the register itself can move on-chain and automation can replace the middleware.

## Example

* An issuer records a bond issuance with the licensed registrar under eWpG.
* The registrar emits a signed record.
* The middleware hashes the record and posts an EAS attestation on Ethereum.
* A year later, an auditor retrieves the registrar's plaintext record under NDA, recomputes the hash, and confirms it matches the on-chain attestation, establishing integrity.

## See also

* [BaFin on eWpG](https://www.bafin.de/EN/PublikationenDaten/Fachartikel/2021/fa%5Fbj%5F2107%5FeWpG%5Fen%5Fen.html)
* [BaFin crypto-securities register](https://www.bafin.de/EN/Aufsicht/FinTech/Geschaeftsmodelle/DLT%5FBlockchain%5FKrypto/Kryptowertpapierregisterfuehrung/Wertapierregister%5Fnode%5Fen.html)
* [EAS documentation](https://easscan.org/docs)

CROPS profile

Censorship-resistance: noneOpen source: partialPrivacy: fullSecurity: medium

CRCensorship-resistancenone

The registrar is the sole gatekeeper and can refuse or delay registrations. Reaches `medium` if an open API standard enables alternative registrar implementations, reducing single-registrar lock-in.

OSOpen sourcepartial

Middleware is often proprietary. Improves to `yes` by publishing the registrar integration layer and EAS schema definitions under an open-source license.

PPrivacyfull

No PII is posted on-chain; only hashes and attestations. Plaintext legal records stay with the licensed registrar and are disclosed off-chain under NDA.

SSecuritymedium

Rides on the registrar's operational integrity and the EAS attester's key management. Improves to `high` by requiring multiple independent EAS attesters to cross-validate registrar claims.

Standards 1 
* `EAS`

#### Referenced by

use cases1
* [Private Registry](/use-cases/private-registry/)
building blocks4
* [ERC-3643 Tokenized RWAs](/patterns/pattern-erc3643-rwa/)
* [ICMA Bond Data Taxonomy (canonical terms/events)](/patterns/pattern-icma-bdt-data-model/)
* [Permissioned Ledger Interoperability](/patterns/pattern-permissioned-ledger-interoperability/)
* [Private ISO 20022 Messaging & Settlement](/patterns/pattern-private-iso20022/)
jurisdictions1
* [DE / eWpG (Electronic Securities Act)](/jurisdictions/de-ewpg/)
vendors2
* [Chainlink ACE](/vendors/chainlink-ace/)
* [Paladin](/vendors/paladin/)

×

```json
{"@context":"https://schema.org","@graph":[{"@type":"Organization","@id":"https://ethsystems.org/#organization","name":"EthSystems","url":"https://ethsystems.org/","logo":"https://ethsystems.org/icon-maskable.png","sameAs":["https://x.com/eth_systems","https://www.linkedin.com/company/ethsystems/","https://github.com/ethsystems"]},{"@type":"WebSite","@id":"https://ethsystems.org/#website","url":"https://ethsystems.org/","name":"EthSystems","publisher":{"@id":"https://ethsystems.org/#organization"}}]}
```
