Trust you can check yourself.
The proof lives on a public chain, not in our database. asserro can disappear and your passport still verifies. Here's exactly how.
The architecture
Four parts, one trust root. Your device builds the data (with AI); the public chain anchors the proof; our zero-PII store holds the detail; anyone's device verifies it.
How it actually works
The trust model
We only ever write a salted cryptographic hash + key events to the chain — never your data, never personal data, not even encrypted. The data lives off-chain (encrypted store + IPFS). To verify, anyone recomputes the hash from the passport and checks it against the chain. You don't have to trust asserro — you, a customs officer or a recycler can prove integrity independently, forever.
GDPR by design
Because no personal data is on-chain, the right to erasure is honoured by deleting the off-chain record and its salt — which makes the on-chain hash permanently unlinkable (the EDPB-blessed pattern).
The blockchain elements
Two token contracts plus a registry, on Polygon PoS:
- Identity — soulbound (ERC-5192): the product's tamper-proof identity, can't be sold or stolen apart from the item.
- Ownership — transferable: moves on each sale/resale, carries warranty.
- Anchor — the salted-hash + lifecycle-event registry that powers verification.
Contracts are upgradeable now, lockable later (UUPS → freezeUpgrades), admin is a Safe multisig + timelock, and the maker UX is gasless and wallet-optional (account-abstraction smart accounts behind a passkey + a paymaster) so brands and consumers never touch crypto.
The AI layer
Compliance is mostly a data problem, and that's where cost hides. asserro uses localised, controlled AI to collect, structure and validate passport data from your documents, suppliers and systems — flagging gaps before they're non-compliance — the same approach proven in TenzaOne's AI carbon-credit certification. A controlled LLM holds the full regulatory corpus and updates itself as delegated acts land, so guidance stays current and the data work is automated, not manual.
Standards, not a silo
asserro is the verification + anti-counterfeit layer on top of the mandated data layer, not a proprietary replacement:
A compliance-only mode works with the chain switched off — so no buyer is ever forced to touch crypto to be compliant. The chain is the opt-in trust upgrade.