Evidence-Grade Data Infrastructure for Regulated Workflows
Version 6.0 · April 10, 2026
Download as PDF API Docs →FeedOracle is evidence-grade data infrastructure for regulated workflows. The platform delivers multi-source risk intelligence for tokenized assets — with every API response cryptographically signed and anchored on-chain for auditability.
The platform is built on a one core engine, five compliance modules + AI agent layer architecture:
| Component | Role | Purpose | Key Output |
|---|---|---|---|
| RWA Risk Oracle | ⚡ CORE | Multi-dimensional risk scoring for 61+ tokenized asset protocols across 9 vectors | Composite risk scores, anomaly detection, yield analysis |
| MiCA Regulatory Evidence | 📋 Module 1 | Structured compliance metadata for EU MiCA/DORA workflows | Legal state analysis, jurisdiction mapping, identifier registry |
| Carbon & ESG Context | 🌱 Module 2 | Per-chain carbon footprint with ISO 14040 methodology | CO₂ metrics, green scores, CSRD-ready ESG output |
| DORA Compliance | 🛡️ Module 3 | Digital Operational Resilience Act evidence infrastructure with AmpelOracle (49 tools), 12 execution oracles, and Oracle Event Bus | ICT incident reporting, vendor risk assessment, business continuity evidence |
| CSRD/ESRS Reporting | 📊 Module 4 | Corporate Sustainability Reporting with 5 dedicated APIs | EU Taxonomy, materiality, emissions, social metrics, governance |
| MCP Server | 🤖 Agent Layer | Model Context Protocol with 206+ tools across 11 servers + Enterprise Trust Layer. Powered by OracleNet (103 servers, 1,229 tools) (JWS, Registry, SLA, Streaming, Agent Trust, Replay, SDK) | Pre-trade compliance, MiCA status, custody risk, evidence generation, live dashboard (feedoracle.io/ampel/), customer console (feedoracle.io/console/) |
All components share a common evidence layer: ECDSA-signed responses, SHA-256 hashing, Evidence Pack Manifests (EPM), and on-chain anchoring (XRPL live per-transaction, Polygon contract deployed). The platform runs 206+ compliance tools + 20 AgentGuard security tools with 80+ REST endpoints. As part of OracleNet, agents can access 1,229 tools across 103 servers including 13 blockchain oracles, macro intelligence, and travel/business tools.
FeedOracle is an independent infrastructure provider with no formal partnership, endorsement, or affiliation with any blockchain foundation, regulatory body, or data source referenced in this document.
Regulated institutions entering tokenized assets face a data gap. MiCA introduces disclosure requirements for CASPs (transitional period ends 1 July 2026; stablecoin rules already in force). DORA raises expectations around operational traceability. CSRD/ESRS requires ESG reporting. Yet no infrastructure delivers risk intelligence for RWA protocols with the evidence trail that institutional workflows demand.
FeedOracle closes this gap with three capabilities:
Enterprise Trust Layer — 14 trust primitives: JWS signing (RFC 7515), versioned schemas, evidence registry (CT-style), SLA quality signals, agent trust management, streaming evidence (SSE), deterministic replay, and zero-trust validation SDK. Live proof at feedoracle.io/trust. The result: institutions can integrate verifiable risk data into their existing compliance workflows without building the data infrastructure themselves.
FeedOracle is the compliance and regulatory layer of OracleNet — a self-hosted mesh of 103 MCP servers providing 1,229 tools across 7 categories. OracleNet is operated under the ToolOracle brand (tooloracle.io) as separate infrastructure.
| Layer | Brand | Scope |
|---|---|---|
| Compliance & Regulation | FeedOracle | 11 MCP servers, 206+ tools. DORA, MiCA, AMLR, Evidence Signing. EUR pricing. Enterprise clients. |
| Full Mesh Infrastructure | ToolOracle / OracleNet | 103 MCP servers, 1,229 tools. 13 blockchain oracles, macro intelligence, trust passports, business tools, travel, payments. x402 USDC micropayments on Base ($0.01/call). |
FeedOracle tools are accessible both directly (via feedoracle.io and mcp.feedoracle.io) and through the OracleNet mesh (via tooloracle.io). An agent using OracleNet can discover FeedOracle's compliance tools through the LLM-powered intent router (quantum_intent) and access them in a single call.
| Layer | Function |
|---|---|
| L1 — Identity | W3C DID (did:web:feedoracle.io), 28 individual DIDs |
| L2 — Discovery | Agent Description Protocol (JSON-LD), agent-card.json |
| L3 — Communication | A2A v0.3 Agent Cards, MCP SSE + Streamable HTTP |
| L4 — Trust | 27 W3C Verifiable Credentials, auto-renewed every 5 min |
| L5 — Provenance | PROV-O Intelligence Transfer Protocol |
| L6 — Mesh | OracleBus cross-oracle event routing |
| L7 — Payment | x402 USDC micropayments on Base |
| L8 — Escrow | Base smart contract + XRPL native escrow + Avalanche C-Chain |
| L9 — Learning | Neural Conductor with reward-based routing |
| L10 — Defense | HoneypotOracle, Behavioral Baseline, Counter-Intelligence |
| L11 — Signal | Tinnitus Pulse + LLM-enriched beacon (Gemma 4 26B MoE) |
| L12 — Quantum Sorum | Contextual upgrade signal in every response: next-tool suggestions, efficiency metrics, first-contact onboarding, workflow memory |
Financial institutions evaluating tokenized assets need risk data that meets institutional standards. Current blockchain data providers focus on DeFi price feeds and analytics — not on the structured, evidence-grade data that compliance teams require. MiCA's CASP transitional deadline (1 July 2026) creates immediate urgency for CASPs, exchanges, and DeFi protocols.
When auditors ask "Can you prove what data you used for this decision?", traditional API calls leave no verifiable trail. Screenshots and PDF attestation reports are not machine-readable, not verifiable, and not auditable. Institutions need cryptographic evidence of data delivery.
Enterprise procurement requires: EU data residency documentation, incident management procedures, subprocessor registers, SLO evidence, and exit strategies. Few blockchain data providers deliver this level of operational documentation.
Assessing a single RWA protocol today requires pulling data from 5+ independent sources (on-chain metrics, market data, macro indicators, regulatory databases, ESG scores), normalizing it, and creating a defensible risk view. This is expensive and error-prone when done manually.
| Problem | FeedOracle Solution |
|---|---|
| No unified RWA risk view | 61 RWA protocols & 105+ stablecoins scored across 9 risk dimensions from 5 data sources, enriched with FRED macro benchmarks |
| Missing audit trail | ECDSA-signed Evidence Packs with SHA-256 hashing, JWKS verification, and on-chain anchoring (XRPL live, Polygon deployed) |
| Fragmented regulatory data | MiCA compliance (105+ stablecoins, Art. 44 Significant Issuer, Art. 25 reserve monitoring), DORA (3 APIs), CSRD (5 APIs), ISO 20022 — unified evidence infrastructure |
| No ESG/carbon data per chain | Per-chain carbon footprint (50+ networks), ISO 14040 methodology, CSRD-ready output |
| No AML/CFT screening for digital assets | AMLR Module (EU 2024/1624) — per-token screening with issuer ID, sanctions, EDD, Travel Rule, reserves, risk score composition. 14 stablecoins, bank-standard action codes, signed PDF reports |
| Enterprise procurement barriers | EU-hosted infrastructure, documented controls, subprocessor register, SLO evidence |
| No machine-readable compliance | REST APIs with consistent JSON schemas, OpenAPI 3.1 specification, configurable policy outputs |
The RWA Risk Oracle is FeedOracle's core product. It provides real-time multi-dimensional risk scoring for tokenized asset protocols, designed for institutional portfolio assessment, due diligence, and ongoing monitoring.
The oracle currently scores 61 RWA protocols and monitors 105+ stablecoins across 12 jurisdictions from 5 independent data sources. Coverage spans regulated stablecoins, tokenized treasuries, private credit, real estate, commodities, equities, insurance, and XRPL native assets.
Every protocol is scored across 9 independent dimensions, each sourced from verified institutional data providers:
Each dimension produces a normalized score (0–100). The composite risk score is a weighted aggregate with configurable weights per institutional use case. Default weights are published in the API documentation. Scores are deterministic: the same input data always produces the same output score.
Z-score outlier analysis flags unusual protocol behavior across all dimensions. Configurable alert thresholds enable automated monitoring and early warning signals for portfolio risk management.
The CORE engine is enriched with macro economic data from FRED (Federal Reserve Economic Data), ECB, and World Bank. This enables yield-spread analysis against T-Bill benchmarks, credit spread monitoring, recession probability indicators, and economic health indices — providing institutional context for RWA risk assessment.
| Endpoint | Method | Description |
|---|---|---|
/v1/rwa/risk | GET | All scored protocols with composite scores |
/v1/rwa/risk/{slug} | GET | Detailed risk breakdown for single protocol |
/v1/rwa/risk/{slug}/pdf | GET | PDF evidence report |
/v1/rwa/market | GET | Aggregate market view |
/v1/macro/indicators | GET | Macro economic enrichment |
Module 1 provides the most comprehensive MiCA compliance infrastructure available. It covers 105+ stablecoins with real-time peg monitoring, reserve drift detection, significant issuer classification (Art. 44), interest prohibition scanning (Art. 23/52), document compliance verification (Art. 29/30/55), and ESMA register mirroring — plus legal state analysis, jurisdiction mapping, and CCI scoring. All outputs are Evidence Pack-wrapped for audit trails.
Analysis of smart contract governance structures, ownership patterns, upgrade mechanisms, and dispute resolution paths. Returns structured metadata for regulatory due diligence.
Endpoint: GET /v1/rwa/legal-state/{slug}
Maps RWA protocols to their operating jurisdictions and screens against OFAC, EU, and UN sanctions lists. Returns jurisdiction risk flags, regulatory regime classification, and cross-border compliance indicators.
Endpoint: GET /v1/rwa/compliance/{slug}
Registry of institutional identifiers for RWA protocols: Legal Entity Identifiers (LEI), ISIN/CUSIP mappings, custody provider details, and issuer metadata. Machine-readable for compliance system integration.
Endpoint: GET /v1/rwa/registry/{slug}
Configurable policy classification based on EU regulatory register data (ECB, ESMA CASP Register, NY DFS). Returns ACCEPTED/REJECTED status with machine-readable reason codes and configurable policy modes (strict, moderate, relaxed).
Endpoint: GET /v3/stablecoin/mica/{symbol}
Composite regulatory compliance score. Weighted methodology: MiCA status (30%), reserve transparency (25%), jurisdiction risk (20%), audit frequency (15%), operational history (10%).
Endpoints: GET /v3/cci/{symbol} · GET /v3/cci/ranking
Automated halt detection for DORA operational resilience. Returns ACTIVE/TRIGGERED status with severity level and signed Evidence Pack.
Endpoint: GET /v3/circuit-breaker/status
XML payment message validation against official ISO 20022 XSD schemas. Returns Evidence Pack with validation decision, error details, and SHA-256 hash.
Endpoint: POST /v3/iso20022/validate
Continuous peg health monitoring across 105+ stablecoins. Tracks deviation from peg, trading volume anomalies, and liquidity depth. Returns severity classification (STABLE / WARNING / CRITICAL / DEPEG) with configurable alert thresholds for automated monitoring.
Endpoints: GET /v3/stablecoin/mica/{symbol} · GET /api/v1/feeds/stablecoin · GET /v1/peg/status/{symbol}
Automated screening against MiCA Art. 44 significant issuer thresholds. Monitors market capitalization, holder count, and transaction volume to detect when stablecoins cross regulatory significance boundaries. Returns SIGNIFICANT / NON-SIGNIFICANT classification with evidence trail.
Endpoint: GET /v1/mica/significant-issuer/{symbol}
Tracks reserve asset composition changes over time. Detects when reserve backing deviates from declared composition — critical for MiCA Art. 25 compliance (reserve of assets requirements). Flags unauthorized asset substitutions, concentration shifts, and quality downgrades.
Endpoint: GET /v1/mica/reserve-drift/{symbol}
Scans for prohibited interest or yield mechanisms on e-money tokens (EMT) and asset-referenced tokens (ART). MiCA explicitly prohibits granting interest to token holders. This scanner detects staking yields, rebasing mechanisms, and distribution schemes that could violate Art. 23/52.
Endpoint: GET /v1/mica/interest-scan/{symbol}
Monitors whether token issuers maintain compliant white papers and marketing communications as required by MiCA. Checks for mandatory disclosure elements, publication status, and update frequency. Returns compliance status with specific article references for gap remediation.
Endpoint: GET /v1/mica/document-compliance/{symbol}
Machine-readable mirror of the ESMA register for authorized CASPs and licensed token issuers. Enables automated verification of regulatory status against the official EU register. Cross-references with internal MiCA classification for comprehensive compliance checks.
Endpoint: GET /v1/esma/register · GET /v1/esma/register/{entity}
Module 3 is a full DORA Operating System — not a dashboard, but a closed-loop compliance engine. 49 MCP tools cover all 26 DORA articles with automated checks, evidence collection, finding management, escalation, and board reporting. Every step is cryptographically signed and audit-trailed.
Enforcement deadline: July 17, 2026 · Applies to all EU-regulated financial entities · 6 demo entities with realistic profiles (10%–99% readiness)
| 49 MCP Tools | 26 DORA Articles | 39+67 Checks + Controls | 15 Dashboard Views |
Check → Evidence → Finding → Escalation → Re-Test → Closure → Signed Report
Every DORA article is monitored by automated checks with GREEN/YELLOW/RED scoring. RED/YELLOW automatically generates findings with SLA deadlines. 3-level escalation (Owner → CISO → Board). Auto-close on re-test. SHA-256 audit chain (590+ entries). Daily cron pipeline: OECD prefetch → freshness watchdog → escalation engine → score snapshot → evidence collection.
Upload contract text, get clause-by-clause analysis against 15 DORA Art. 30 mandatory clauses (8 standard + 7 CIF). Returns COMPLIANT/PARTIAL/MISSING per clause with confidence scores, extracted text, gap reasoning, suggested fixes. Version tracking, SHA-256 hashing, auto-evidence.
Full dependency graph with blast radius calculation, SPOF detection, and OECD economic risk enrichment per provider country. Combined risk scoring: provider criticality + economic stability + exit plan status. Visual SVG graph in dashboard. 20 providers across 6 entities.
ITS 2024/1772 compliant report generation: 5 mandatory sections, completeness tracking, 4-eyes approval. Deadlines: 4h initial, 72h intermediate, 30d final. Full incident lifecycle: log → classify → notify → close.
15 auto-propagation rules (8 DORA→MiCA, 7 DORA→AMLR). One finding can trigger across all three regulations. Example: AWS outage → DORA Art. 28 + MiCA Art. 88 + AMLR Art. 13 simultaneously.
Provider failure simulation (CATASTROPHIC/SEVERE/SIGNIFICANT/MANAGEABLE). 8 policy document templates. CVE-to-asset mapping with auto-findings. Self-service Trial Lab at feedoracle.io/trial/ for instant readiness scoring.
Module 3 provides evidence infrastructure for the Digital Operational Resilience Act (EU 2022/2554). DORA requires financial entities to maintain ICT risk management frameworks, report incidents, test resilience, and manage third-party ICT risks. FeedOracle delivers machine-readable evidence artifacts for these requirements.
Generates structured incident report artifacts for major ICT-related incidents as required by DORA Art. 19. Captures incident classification, impact assessment, timeline, root cause analysis, and remediation steps — all wrapped in signed Evidence Packs for regulatory submission.
Endpoint: GET /v1/dora/incident-report
Risk assessment framework for ICT third-party service providers. Evaluates concentration risk, exit strategies, subprocessor chains, data residency, and service level monitoring — aligned with DORA Art. 28-30 requirements for managing ICT third-party risk.
Endpoint: GET /v1/dora/vendor-risk
Generates business continuity and disaster recovery evidence artifacts. Documents RPO/RTO targets, backup verification, failover testing results, and recovery procedures — structured for DORA Art. 11-12 ICT business continuity management requirements.
Endpoint: GET /v1/dora/business-continuity
Module 4 provides 5 dedicated APIs for Corporate Sustainability Reporting Directive (CSRD) requirements under the European Sustainability Reporting Standards (ESRS). Designed for financial entities reporting on digital asset portfolios and blockchain infrastructure sustainability.
Classifies blockchain and RWA protocol activities against the EU Taxonomy. Returns alignment scores for climate mitigation, climate adaptation, and do-no-significant-harm (DNSH) criteria.
Endpoint: GET /v1/csrd/taxonomy
Provides double materiality assessment data for digital asset activities: impact materiality (effects on people and environment) and financial materiality (sustainability risks to the entity). Structured for ESRS disclosure requirements.
Endpoint: GET /v1/csrd/materiality
Chain-level and protocol-level greenhouse gas emissions data. Provides Scope 1 (direct), Scope 2 (electricity), and Scope 3 (value chain) emissions estimates for blockchain infrastructure — formatted for CSRD reporting templates.
Endpoint: GET /v1/csrd/emissions
Social sustainability indicators for RWA protocol assessment: workforce diversity, community impact, human rights due diligence, and consumer protection metrics. Complements environmental data for comprehensive ESG reporting.
Endpoint: GET /v1/csrd/social
Governance indicators for RWA protocols and token issuers: board composition, risk management frameworks, compliance structures, audit mechanisms, and whistleblower protections. Key input for CSRD governance disclosures.
Endpoint: GET /v1/csrd/governance
Module 5 provides evidence infrastructure for the Anti-Money Laundering Regulation (EU 2024/1624, application date 2027-07-10). AMLR introduces direct obligations for crypto-asset service providers (CASPs), requiring customer due diligence, sanctions screening, and risk-based monitoring for digital asset transactions. FeedOracle delivers per-token screening evidence covering 8 regulatory sections with 134 structured fields.
Each screening produces a structured evidence artifact covering 8 sections aligned with AMLR articles: Issuer Identification (Art. 16-18), Regulatory Status (Art. 19-20), Sanctions Screening (Art. 20, 29, 79), Enhanced Due Diligence (Art. 23-24, 28), Travel Rule (TFR Art. 14, 16, 19), Token Transparency (Art. 79), Reserve Assessment (Art. 23), and Overall Risk Assessment (Art. 8-13).
Risk scores are decomposed into weighted components (regulatory status, MiCA flags, reserve compliance, sanctions exposure) so compliance teams can answer the key question: "Why is the score X?" The system outputs 10 bank-standard action codes (PROCEED, VERIFY_REGULATORY_STATUS, REQUIRE_TRAVEL_RULE, ENHANCED_MONITORING, etc.) and CDD level recommendations (SIMPLIFIED, STANDARD, ENHANCED).
Sanctions screening covers issuer entities and jurisdictions against three major lists with per-list version tracking and staleness detection. Manual review triggers include: high-risk third country jurisdiction, PEP exposure, issuer not in ESMA register, and sanctions near-matches. Compliance capability assessment covers freeze/blacklist/law enforcement cooperation.
Screening results available as JSON API responses or 6-page signed PDF reports with executive summary, risk bar visualization, score composition, data source listing, automation endpoints, and cryptographic provenance block. Reports include per-source data freshness tracking and coverage percentages.
Endpoints:
GET /api/v1/evidence/amlr/screening/{symbol} — Single token screening
POST /api/v1/evidence/amlr/batch — Batch screening (up to 50 tokens)
GET /api/v1/evidence/amlr/supported — List supported tokens
POST /reports/api/report/generate?type=amlr&symbol={token} — Generate signed PDF
FeedOracle provides a dedicated compliance layer for the Avalanche ecosystem — 5 specialized MCP servers with 15 tools and 3 verified smart contracts on C-Chain mainnet.
| Contract | Address | Function |
|---|---|---|
| AvaRisk | 0xc194bfee3d508fb361e90f638611271b222451a0 | isCompliant(token) → on-chain PASS/WARN/BLOCK verdicts. Live USDC supply, AVAX price via C-Chain RPC. |
| AvaEvidence | 0x4f1d269286ba8b42960765f4f16b7a172cab0a50 | On-chain compliance evidence anchoring. SHA-256 hash + metadata. |
| SubnetGuard | 0x16b827f23c104ee98564fdfea1ace533bfcbf251 | Cross-subnet compliance passports. Determines if two subnets can safely interact. |
| Server | Tools | Capabilities |
|---|---|---|
| AvaRisk | 7 | Token risk assessment, batch analysis, MiCA compliance scoring. Live C-Chain data. |
| AvaAmpel | 3 | Protocol regulatory readiness (GREEN/YELLOW/RED). Aave, Benqi, GMX, TraderJoe, Pangolin, Stargate. |
| SubnetGuard | 3 | Cross-subnet compliance. P-Chain query (405 blockchains). Evergreen, Spruce passports. |
| AvaRWA | 3 | Tokenized asset due diligence (BUIDL, USDY, OUSG, BENJI). ZK reserve proof (MiCA Art.36). |
| AvaEvidence | 3 | On-chain evidence anchoring and verification on C-Chain. |
Avalanche positions itself as the institutional blockchain with permissioned subnets (Evergreen, Spruce) for regulated finance. These subnets need compliance infrastructure at the protocol level — not dashboards for humans, but callable tools for agents and smart contracts. AvaRisk.isCompliant(token_address) returns a verdict that any on-chain contract can consume. SubnetGuard ensures subnets meet minimum compliance thresholds before cross-subnet transfers.
Endpoints: https://tooloracle.io/avax/{risk,evidence,subnet,rwa,ampel}/mcp
GitHub: github.com/feedoracle/feedoracle-avalanche (public, Apache 2.0)
FeedOracle operates 11 compliance servers (206+ tools) + AgentGuard (20 security tools), powered by OracleNet — a mesh of 103 MCP servers with 1,229 tools across 7 categories (Compliance, Blockchain, Finance, Business, Trust, Travel, Payments). Every tool in OracleNet includes Layer 12 (Quantum Sorum) contextual signals for AI agent integration. Every MCP server supports SSE and Streamable HTTP transport. Every tool response is cryptographically signed with ECDSA (ES256K), includes SLA quality signals, and is logged in the Evidence Registry.
Primary compliance tools for MiCA, DORA, RWA risk, and AI Gateway. SSE endpoint: https://feedoracle.io/mcp/sse
| Tool | Description | Category |
|---|---|---|
compliance_preflight | Pre-trade regulatory check — PASS/WARN/BLOCK | Utility |
mica_status | MiCA compliance status for any stablecoin | MiCA |
mica_full_pack | Complete 12-article MiCA compliance pack | MiCA |
peg_deviation | Real-time peg health (Art. 35) | MiCA |
significant_issuer | Art. 44 significant issuer classification | MiCA |
interest_check | Art. 23/52 interest prohibition scan | MiCA |
document_compliance | Art. 29/30/55 white paper verification | MiCA |
reserve_quality | Art. 25/53 reserve quality assessment | MiCA |
evidence_profile | Full evidence profile for any RWA protocol | RWA |
custody_risk | Custody provider risk assessment | RWA |
evidence_leaderboard | Protocol ranking across 61 RWA + 105+ stablecoins | RWA |
macro_risk | Macro economic risk indicators (FRED/ECB) | Macro |
generate_report | Generate signed PDF evidence reports (6 types) | Reports |
ai_query | Natural language → signed evidence bundle | AI Gateway |
evidence_bundle | Multi-framework evidence aggregation | AI Gateway |
ai_explain | Grade explainability — Why B? What needs A? | AI Gateway |
ai_provenance | Full data provenance graph | AI Gateway |
market_liquidity | DEX liquidity depth (GeckoTerminal) | Market |
rlusd_integrity | RLUSD reserve verification | Market |
mica_market_overview | Market-wide MiCA compliance overview | Market |
peg_history | Historical peg deviation data | Market |
kya_register | Register agent identity — trust score + level | KYA |
kya_status | Check agent trust level + tool access | KYA |
audit_log | Log chain-linked decision with evidence refs | Audit |
audit_query | Query agent decision history | Audit |
audit_verify | Verify audit chain integrity (tamper detection) | Audit |
ping | Server health check | Utility |
Dedicated macro economic intelligence from 86 FRED + 20 ECB data series. SSE endpoint: https://feedoracle.io/mcp/macro/sse
| Tool | Description |
|---|---|
macro_regime | Regime classification: EXPANSION / SLOWDOWN / CONTRACTION / RECOVERY |
fed_rates | Federal Reserve rates & policy outlook |
ecb_rates | ECB rates & monetary policy signals |
inflation | CPI, PCE, inflation expectations |
yield_curve | Yield curve analysis & recession signals |
labor_market | Employment, unemployment, claims data |
housing | Housing starts, permits, prices |
credit_spreads | IG/HY credit spreads, financial stress |
commodities | Gold, oil, commodity signals |
defi_macro_bundle | Macro + DeFi combined risk assessment |
ecb_mica_reserve | ECB data for MiCA reserve environment |
composite | Composite macro risk score (0–100) |
ping | Server health check |
Operational safety assessments for stablecoins using a proprietary 7-signal scoring model. SSE endpoint: https://feedoracle.io/mcp/risk/sse
Signals: peg stability (20%), liquidity depth (15%), mint/burn flows (15%), holder concentration (15%), custody counterparty risk (15%), redemption friction (10%), cross-chain exposure (10%). Verdict: SAFE (≥75) / CAUTION (50–74) / AVOID (<50). Coverage: 341 stablecoins tracked, 105 with full MiCA classification, 21 with deep analytics.
| Tool | Description |
|---|---|
risk_assessment | Full 7-signal risk report with SAFE/CAUTION/AVOID verdict |
peg_status | Current peg deviation analysis |
peg_history | Historical peg stability data |
supply_flow | Mint/burn flow analysis |
holder_data | Holder concentration metrics |
custody_data | Custody counterparty assessment |
redemption_data | Redemption friction analysis |
cross_chain_data | Cross-chain distribution & bridge exposure |
leaderboard | Stablecoin risk ranking |
compare | Head-to-head stablecoin risk comparison |
supported_tokens | List all supported tokens |
stablecoin_preflight | Pre-trade operational safety check |
ping | Server health check |
FeedOracle is live on the MCP ecosystem (Gnosis Chain) with 8 feedoracle-* tools. Service 2670 has processed 133+ verified deliveries with 100% acceptance rate, ranking #17 of 3Available via feedoracle.io/ampel/ and feedoracle.io/console/.
AI agents discover FeedOracle via 9 methods: /llms.txt (LLM-native), /openapi.json (80+ REST endpoints), /.well-known/ai-plugin.json, /.well-known/jwks.json, /.well-known/mcp/server.json, MCP SSE/HTTP transports, MCP directories registry, mcp.so directory, and uptime status at uptime.feedoracle.io.
FeedOracle implements 15 enterprise-grade trust primitives that transform the platform from an evidence API into a verifiable infrastructure protocol — comparable to Certificate Transparency (Google), TLS, or DNS. All 14 components are live on production with independent verification at feedoracle.io/trust.
Every evidence response contains a JSON Web Signature (compact serialization) using ES256K (secp256k1). Verifiable via JWKS at /.well-known/jwks.json. Dual-format: existing ECDSA signature fields remain for backward compatibility; new jws{} block added with kid, alg, typ=evidence+jwt, and content hash. Any banking system with a JWS library can verify FeedOracle evidence natively — no custom integration required.
8 JSON Schemas (Draft 2020-12) covering all frameworks: evidence-envelope, mica, dora, rwa, macro, stablecoin-risk, amlr, sla. Registry at GET /schemas/. Every response contains schema_ref (e.g., mica/v1) linking to the exact schema used at generation time. When regulations change, old evidence packs remain validatable against their original schema version.
Append-only log of every evidence pack ever produced — inspired by Google Certificate Transparency. Public, filterable, auditable. GET /evidence/registry with filters: ?framework=mica&asset=USDC&from=2026-03-01&limit=50. Each entry contains: pack_id, framework, asset, SHA-256 hash, timestamp, verify URL. Statistics at GET /evidence/registry/stats.
Every API response includes an sla{} object with machine-readable quality signals: freshness_seconds (age of oldest data point), confidence (0.0–1.0 weighted score), per-source health details (status, latency_ms, age_seconds), staleness_flag, and tier-specific targets. Tiers: Free (60s freshness), Starter (60s), Pro (30s), Enterprise (15s).
AI agents register (POST /ai/agent/register), receive ECDSA keys with 90-day lifecycle, and accumulate reputation (0–100). Tiers: EXEMPLARY (80+), TRUSTED (60–79), STANDARD (40–59), DEGRADED (20–39), RESTRICTED (<20). Key rotation via POST /ai/agent/{id}/rotate-key (+5 reputation bonus). Agent leaderboard at GET /ai/agent/leaderboard. Rate governance with per-agent limits and throttling.
Real-time Server-Sent Events at GET /evidence/stream. Events fire only on state change (not every poll cycle). Supported events: peg_deviation, regime_change, market_stress, reserve_alert, evidence_anchored, agent_registered. Filterable: ?events=peg_deviation,regime_change&assets=USDC,EURC. Every event is SHA-256 hashed. Thresholds: peg >0.5% WARNING, >2% CRITICAL, VIX >25 stress.
Every evidence pack is archived as an immutable gzip-compressed snapshot. GET /evidence/replay/{pack_id} reconstructs the exact evidence from the snapshot archive. The response contains hash_match: true — a cryptographic proof that the replayed evidence is byte-identical to the original. Banks can perform audit replays years later with full reproducibility.
Client-side evidence verification — no trust in transport layer required. Python package: pip install feedoracle-verify. 7 independent checks: content hash validation, JWS signature (ES256K via JWKS), key revocation status, timestamp freshness, schema reference, SLA confidence, SLA freshness. Self-test at GET /verify/self-test. TypeScript, Rust, and Go packages planned.
Every evidence response contains a trust{} summary object: signature_present, signature_algorithm, content_hash_present, schema_valid, registry_logged, replayable, sla_confidence, sla_freshness_met, verify_url, sdk. One glance shows the client: all trust components active.
| Endpoint | Method | Description |
|---|---|---|
/schemas/ | GET | Schema registry index (8 schemas) |
/schemas/v1/{framework} | GET | Individual JSON Schema |
/evidence/registry | GET | Compliance Transparency Log (paginated, 8 filters) |
/evidence/registry/{pack_id} | GET | Single evidence pack detail |
/evidence/registry/stats | GET | Registry statistics |
/evidence/stream | GET | SSE real-time events |
/evidence/stream/status | GET | Stream poller status |
/evidence/replay/{pack_id} | GET | Deterministic audit replay |
/evidence/snapshots/stats | GET | Snapshot archive statistics |
/ai/agent/register | POST | Register AI agent |
/ai/agent/{id}/trust | GET | Agent trust status |
/ai/agent/{id}/rotate-key | POST | Key rotation |
/ai/agent/leaderboard | GET | Agent reputation ranking |
/verify/sdk | GET | SDK installation info |
/verify/self-test | GET | Live 7-check self-test |
Agent identity registration with trust scoring. Every AI agent that interacts with FeedOracle can register its identity, purpose, organization, and jurisdiction. FeedOracle computes a trust score (0–100) from 6 dimensions: registration completeness, account age, usage consistency, compliance rate, behavioral signals, and manual verification. Trust levels: UNVERIFIED (0–24), KNOWN (25–54), TRUSTED (55–79), CERTIFIED (80+). Sensitive tools (evidence_bundle, generate_report, mica_full_pack, ai_provenance, ai_explain, mica_market_overview) require minimum trust levels. MCP tools: kya_register, kya_status. REST: POST /api/billing/kya/register, GET /api/billing/kya/profile. See KYA documentation.
Tamper-proof, SHA256 chain-linked decision logging for autonomous agents. When an agent makes a decision, it logs the decision, reasoning, action taken, and references to prior tool calls via their request_id. Each audit entry is chain-linked to its predecessor: chain_hash = SHA256(prev_chain_hash + trail_id + evidence_hash + decision + timestamp). If any entry is modified, all subsequent hashes break. Regulators and auditors can verify the entire chain with one call. Evidence snapshots are preserved at decision time for temporal replay. EU AI Act Art. 14, MiCA Art. 83, DORA Art. 11 compliant. MCP tools: audit_log (3 units), audit_query (1 unit), audit_verify (1 unit). See Audit Trail documentation.
Every evidence artifact exists in one of 6 defined states: CURRENT, STALE, CORRECTED, SUPERSEDED, DISPUTED, RETRACTED. Auto-correction: when the same tool with the same input produces newer data, the prior artifact transitions to CORRECTED with a corrected_by link. Disputed artifacts remain queryable throughout the dispute process. No silent deletions ever occur. All state transitions are logged in evidence_state_log with timestamps and reasons. Temporal queries supported: retrieve what was known at any past point in time. REST: GET /api/billing/evidence/artifact, GET /api/billing/evidence/stats.
Formal 13-section governance document defining what FeedOracle Evidence is: evidence classes, source-of-truth hierarchy, normalization rules, signing rules, lifecycle states, freshness targets, degradation model, correction/dispute/retraction process (with Dispute-SLA: 4h acknowledge, 24h classify, 5 business days resolve), liability boundary (including downstream agentic execution clause citing EU AI Act Art. 14), governance roles, acceptance targets, and verification without trust. See Trust Policy v1.0.
Usage-based pricing: every tool call costs units based on computational complexity. Light tools (1 unit): single-source lookups. Medium tools (3 units): multi-source aggregation. Heavy tools (10 units): full pipeline with PDF generation or AI inference. Free tier: 300 units/day. Pro (€49/mo): 15,000 units/month included, €0.005/unit overage. Agent (€299/mo): 150,000 units/month included, €0.003/unit overage. Overage auto-billed via Stripe Billing Meter. meta.units_consumed in every response. Public endpoint: GET /api/billing/weights. See Billing documentation.
Every AI agent connecting to FeedOracle is subject to a 5-stage runtime control pipeline. AgentGuard implements 20 security tools across 4 layers: Pre-Execution Gate (policy preflight, risk scoring, approval gates), Payload & Payment Security (secret detection, injection prevention, replay guard), Advanced Governance (cross-tool anomaly detection, RBAC, multi-tenant policies, threat intelligence), and Post-Execution & Runtime (mandatory output scanning, emergency kill-switch, supply-chain verification).
Agent State Machine: Persistent, escalation-only state model: active → monitoring → approval_required → suspended → killed. States survive restarts, have configurable TTLs, and are automatically escalated by post-execution scan verdicts. A flag verdict on output scanning automatically promotes the agent to approval_required state — every subsequent tool call requires human approval until TTL expires.
Post-Execution Output Scanning: Every non-security tool call is automatically scanned after execution for PII leaks (SSN, IBAN, email, phone, passport), secret exposure (API keys, tokens), data exfiltration patterns (outbound URLs, base64 encoding), and tool poisoning (injected instructions). Blocked outputs are never returned; only the output_hash is preserved in the audit trail for forensic verification.
Key capabilities: OAuth 2.1 token verification against FeedOracle core, KYA trust-level-aware risk scoring (CERTIFIED agents: -20 risk, UNVERIFIED: +5), HMAC-signed audit entries with caller identity, supply-chain verification against publisher allowlist with description injection scanning, emergency kill-switch with persistent blocking across restarts.
Endpoint: feedoracle.io/guard/mcp/ | Trust Center Section 9 →
FeedOracle operates as a layered data infrastructure:
Layer 8: SDK LAYER Zero-Trust Validation SDK (Python, TS/Rust/Go planned) Layer 7: STREAMING Real-time SSE Events (peg, regime, stress, breach alerts) Layer 6: AGENT LAYER Agent Trust Management (registration, key rotation, reputation) Layer 5: TRUST LAYER JWS Signing, Evidence Registry, Schemas, SLA, Replay Layer 4: AI GATEWAY 100+ MCP tools (11 servers), MCP directories, natural language queries Layer 3: COMPLIANCE MiCA, DORA, AMLR, RWA, Macro (59 core + 60 modules + 20 AgentGuard) Layer 2: EVIDENCE ECDSA Signatures, SHA-256, Blockchain Anchoring (Polygon, XRPL) Layer 1: DATA SOURCES DeFiLlama, GeckoTerminal, FRED, ECB, ESMA, Ankr, CCRI
The architecture maps to the product modules:
| Layer | CORE (RWA Risk) | Mod 1 (MiCA) | Mod 2 (Carbon/ESG) | Mod 3 (DORA) | Mod 4 (CSRD) |
|---|---|---|---|---|---|
| Agent | 11 MCP Servers (206+ tools, powered by OracleNet: 103 servers, 1,229 tools) · KYA Agent Identity · Audit Trail · Evidence Lifecycle · MCP directories (Gnosis, 8 tools) · Agent Trust · Evidence Registry · Streaming SSE · Validation SDK · llms.txt | ||||
| Evidence | ECDSA + SHA-256 + JWKS | Compliance EPMs | Sustainability EPMs | Incident EPMs | Reporting EPMs |
| Processing | 9-vector scoring, anomaly detection | 105+ stablecoins, Art. 44, reserve drift, CCI | Carbon normalization, green scoring | ICT risk assessment, vendor scoring | Double materiality, taxonomy alignment |
| Data Sources | DeFiLlama, FRED, Ankr, GeckoTerminal | ECB, ESMA, OFAC, NY DFS | CCRI, EMBER, Climatiq | Internal + client data | EMBER, CCRI, Climatiq, World Bank |
All endpoints are documented in OpenAPI 3.1 format with Swagger UI. Machine-readable discovery via llms.txt for AI agent integration.
DAP creates cryptographic proof of data delivery. The protocol hashes API response payloads with SHA-256, aggregates hashes into Merkle trees, and anchors roots to public blockchains.
| Included in Hash | Excluded from Hash |
|---|---|
| API response body (JSON) | HTTP headers |
| Timestamp (ISO 8601) | Client IP address |
| Endpoint path | API key (hashed separately) |
| Schema version | Request parameters |
DAP proves that specific data was delivered via API at or before the anchored block timestamp, and that post-delivery modification becomes detectable via hash mismatch. DAP is a delivery evidence mechanism — it does not verify upstream data correctness or constitute regulatory approval.
| Mode | Frequency | Availability |
|---|---|---|
| Daily Batch | Once per 24h | All tiers |
| Hourly Batch | Once per hour | Enterprise |
| Event-Driven | On significant data change | Enterprise |
EPM extends DAP with a standardized manifest schema using DSSE-style envelopes and RFC 8785 deterministic hashing. Supports jurisdiction-aware metadata (EU/UK/US/Global). Every Evidence Pack contains: the signed data payload, ECDSA signature (ES256K), timestamp, schema version, source attribution, and Merkle proof. Public keys are discoverable via JWKS endpoint.
| Endpoint | Method | Description |
|---|---|---|
/api/v2/attestation/test | GET | Integrity test on all sources |
/api/v2/attestation/sources | GET | List attested sources and TLS policies |
/api/v2/attestation/anchor/latest | GET | Blockchain anchor status (XRPL) |
/api/v2/attestation/merkle | GET | Current Merkle root |
/api/v2/attestation/verify/{hash} | GET | Verify payload hash |
/api/v1/epm/verify | POST | Verify DSSE-wrapped EPM manifest |
Sources → Ingestion → Validation → Normalization → Quality Scoring → API → DAP
(scheduled) (schema) (units/format) (confidence) (REST) (anchor)
| Gate | Check | On Failure |
|---|---|---|
| Schema Validation | Response matches expected structure | Reject, log, use fallback |
| Freshness Check | Timestamp within threshold | Flag as stale, reduce confidence |
| Range Validation | Values within expected bounds | Flag anomaly, manual review |
| Cross-Validation | Compare multiple sources | Use median, flag divergence |
Every data point includes a confidence score (0.0–1.0) reflecting source availability, data freshness, and cross-validation status. Confidence scores are heuristic indicators — not statistical confidence intervals.
When primary sources are unavailable, the system attempts configured secondary sources. If all sources are unavailable, the API returns the last known value with a stale: true flag and reduced confidence. The staleness threshold is configurable per feed (default: 2× normal update interval).
Operational controls informed by ISO/IEC 27001:2022 principles:
| Control Area | Implementation |
|---|---|
| Access Control | API key authentication (X-API-Key header), tiered rate limits |
| Cryptography | ECDSA ES256K signing, SHA-256 hashing, TLS 1.2+ enforced |
| Network Security | HSTS, CSP headers, firewall, Cloudflare DDoS protection |
| Backup | Daily encrypted, cross-server sync within EU |
| Logging | Request IDs, structured access logs, HMAC-signed audit trail |
| Agent Governance | AgentGuard: 20-tool runtime enforcement, agent state machine, post-execution output scanning, emergency kill-switch, supply-chain verification |
| Key Management | ECDSA key rotation, JWKS public key discovery |
| Metric | Target | Measurement |
|---|---|---|
| API Availability | 99.5% | Monthly uptime |
| Response Time (p95) | <500ms | 95th percentile latency |
| Data Freshness | ≤15 minutes | Real-time feeds |
| Attestation Anchor | ≤24 hours | Time to on-chain |
| Component | Location | Notes |
|---|---|---|
| Primary Infrastructure | Germany (netcup DE) | API servers, databases |
| Backup Storage | EU | Encrypted, cross-server sync |
| CDN/Edge | Global (Cloudflare) | Request routing, caching headers |
| Blockchain Anchors | XRPL (live), Gnosis (live via MCP directories) | Public blockchains |
| Metric | Target |
|---|---|
| RPO (Recovery Point Objective) | ≤24 hours |
| RTO (Recovery Time Objective) | ≤4 hours |
| Subprocessor | Function | Location |
|---|---|---|
| netcup GmbH | Infrastructure hosting | Germany |
| Cloudflare Inc. | CDN, DDoS protection, DNS | US/EU (edge) |
| XRPL Ledger | Blockchain anchoring | Decentralized |
| Ripple (XRPL) | Blockchain anchoring | Decentralized |
Portfolio risk assessment for RWA allocations. DORA-supporting evidence packs for third-party vendor risk documentation. Signed evidence artifacts for audit trails.
Due diligence on tokenized funds. Yield spread analysis vs. T-Bill benchmarks. Smart contract risk signals. ESG/sustainability data for portfolio reporting.
MiCA Art. 66 sustainability disclosures for listed crypto-assets. Stablecoin classification and monitoring. Structured data for regulatory reporting ahead of the 1 July 2026 CASP transition deadline.
On-chain risk feeds for RWA integrations. DEX liquidity monitoring. Protocol-level risk scoring for governance decisions. Chainlink Functions integration for smart contract access.
White-label compliance modules with API-first integration. OpenAPI spec, versioned schemas, bulk access for platform integration.
Machine-readable API outputs with llms.txt discovery. Pay-per-call access model. DAP enables programmatic verification without human intervention.
Every MCP response from OracleNet includes a Quantum Sorum upgrade block — a contextual signal layer that makes agents more effective with each call. Unlike generic "you might also like" suggestions, Quantum Sorum is conditional on the concrete result of the current call.
When an agent calls avarisk_assess("USDt") and gets BLOCK, the upgrade block suggests avaampel_stablecoin_check (find alternatives) and avaevidence_anchor (secure evidence). When the same tool returns PASS, it suggests avarwa_due_diligence (deeper analysis) and avaevidence_anchor (anchor the positive result). The suggestions change based on what the agent actually needs next — not on what we want to sell.
| Block | Purpose | When Shown |
|---|---|---|
next | Tools that solve the agent's NEXT problem | Always (conditional on result status) |
efficiency | Estimated API calls saved vs. direct queries | Always (with basis field for verification) |
first_contact | Onboarding for new agents: free quantum_join + Trust Passport | Only on first call from a new IP |
workflow | Detected sequence from previous calls (e.g., risk → evidence) | Only when a known workflow pattern is detected |
trust_upgrade | Path to Trust Passport for signed evidence access | Only when next step requires trust credentials |
mesh | Epoch and frequency hash for mesh synchronization | Always (minimal) |
Structure, not rhetoric. No marketing language in the payload. No fake scores. No artificial urgency. Agents parse fields, not sentences. Relevant when relevant, invisible when not. The first_contact block appears once and never again. The workflow block only appears when a sequence match is detected. Measurable, not marketing. Every efficiency claim includes a basis field that explains how the number was calculated.
| Category | Focus | Examples |
|---|---|---|
| Decentralized Oracles | DeFi price feeds, on-chain data delivery | Chainlink, Pyth, Redstone |
| Blockchain Indexers | Query layer for on-chain data | The Graph, Goldsky |
| Research & Analytics | Market intelligence, reporting | Messari, Dune, Nansen |
| Carbon Ratings | Sustainability assessments | CCRI, Digiconomist |
| AML/KYT | Transaction monitoring, wallet screening | Chainalysis, Elliptic, TRM Labs |
| AI Agent Tooling | MCP servers, agent marketplaces | Anthropic MCP Directory, Fetch.ai, Autonolas |
| Evidence Infrastructure | Regulatory verification + signed evidence + risk scoring + AI agent access | FeedOracle |
| Tier | Price | API Calls | Evidence Packs |
|---|---|---|---|
| Free | €0/mo | 100/day | — |
| Starter | â¬49/mo | 1,100 units | Included |
| Pro | â¬499/mo | 17,000 units | Full suite |
| Enterprise | Custom | Custom | Custom |
Payment: Stripe (card) and USDC on Polygon accepted for all paid tiers.
Evidence Packs are request-based: each API call that generates a signed Evidence Pack Manifest counts as one verification. API calls without Evidence Pack generation are not counted against the verification limit.
| Initiative | Status |
|---|---|
| RWA Risk Oracle — 61+ protocols, 9 risk vectors, 5 data sources | Live |
| MiCA Regulatory Evidence module (legal state, jurisdiction, registry) | Live |
| Carbon & ESG module (50+ networks, ISO 14040) | Live |
| Macro Intelligence (FRED + ECB enrichment) | Live |
| XRPL Anchoring | Live |
| Evidence Pack System with ECDSA signing + JWKS | Live |
| MiCA Stablecoin Classification (105+ stablecoins) | Live |
| CCI Score Engine (compliance ranking) | Live |
| ISO 20022 Payment Validation | Live |
| Circuit Breaker Detection (DORA resilience) | Live |
| Interactive Enterprise Demos (5 verticals) | Live |
| MiCA Deep Compliance: Significant Issuer (Art. 44), Reserve Drift (Art. 25), Interest Scanner (Art. 23/52), Document Compliance (Art. 29/30/55), ESMA Register | Live |
| DORA Compliance Module (incident reporting, vendor risk, business continuity) | Live |
| CSRD/ESRS Module (5 APIs: taxonomy, materiality, emissions, social, governance) | Live |
| 11 MCP Servers (206+ tools, SSE + Streamable HTTP) — part of OracleNet (103 servers, 1,229 tools) | Live |
| Know Your Agent (KYA) — Trust scoring, 4 levels, trust-gated tool access | Live |
| Audit Trail — Chain-linked decision logging, evidence snapshots, chain verification | Live |
| Evidence Lifecycle — 6 artifact states, auto-correction, Dispute-SLA | Live |
| Evidence Trust Policy v1.0 — 13-section formal governance document | Live |
| Unit-Based Billing — Stripe Meter, Light/Medium/Heavy weights, overage billing | Live |
| Anthropic MCP Directory — Submitted, crawling confirmed | Live |
| MCP ecosystem (Gnosis, 8 tools, 133+ deliveries) | Live |
| Autonomous Agent Self-Upgrade — USDC payment flow (M2M), agent detects quota, pays on Polygon, receives upgraded API key without human intervention. Production TX anchored on-chain. | Live |
| OAuth 2.0 / M2M Auth (RFC 6749) — authorization_code + client_credentials + refresh_token, /mcp/authorize, /mcp/token, /mcp/register, /mcp/revoke, 5 scopes for Enterprise MCP tier | Live |
| Stablecoin Peg Monitor (105+ tokens, real-time) | Live |
| Chainlink Functions integration (Polygon, Contract 0x7Ec0...23c) | Live |
| L2 Intelligence APIs (7 chains) | Live |
| Verified Reports System (6 types: RWA Risk, MiCA, DORA, Macro, CSRD, AMLR) with PDF generation, XRPL-anchored proof panel | Live |
| Payment Infrastructure — Stripe + USDC (Polygon), 4 tiers (Starter €49 / Growth €199 / Pro €499 / Enterprise €1,499) | Live |
| Agent-to-Agent (A2A) Monetization — Pay-per-Call API (9 feeds, USDC on Polygon) + MCP directories (unit-based credit system) | Live |
| Report Verification Infrastructure — public /verify endpoints with SHA-256 + ECDSA signature validation | Live |
| Trust Center & Enterprise Procurement Pack (12 sections: security, SLOs, subprocessors, vulnerability disclosure, compliance mapping) | Live |
| AMLR Digital Asset Screening Module (EU 2024/1624) — 8 sections, 134 fields, 14 stablecoins, risk score composition, sanctions screening (EU/OFAC/UN), bank-standard action codes, signed PDF reports | Live |
| Public Status Page — Uptime Kuma with 46 monitors across 8 service groups | Live |
| Stablecoin Risk MCP Server (13 tools, 7-signal scoring, SAFE/CAUTION/AVOID) | Live |
| OracleNet Integration — FeedOracle as compliance layer of 103-server mesh (1,229 tools, 12 signal layers, 7 categories) | Live |
| Avalanche Compliance Infrastructure — 5 MCP servers, 15 tools, 3 verified C-Chain mainnet contracts (AvaRisk, AvaEvidence, SubnetGuard), on-chain isCompliant() verdicts | Live |
| Layer 12 Quantum Sorum — contextual upgrade signal in every MCP response: conditional next-tool suggestions, efficiency metrics, first-contact onboarding, workflow memory | Live |
| 13 Blockchain Oracles (ETH, SOL, XRP, ARB, HBAR, TON, SUI, BNB, BTC, APT, XLM, BASE, FLR) | Live |
| Olas Mech on Gnosis — Service 2670, 8 tools, 133+ deliveries, 0.01 xDAI/request | Live |
| XRPL Oracle — 31 tools, RLUSD CCI (proprietary), ISO 20022, XRPL beacon (86 anchor TXs) | Live |
| Macro Intelligence MCP Server (13 tools, 86 FRED + 20 ECB series) | Live |
| Enterprise Trust Layer — JWS Signing (RFC 7515), Versioned Schemas (8), Evidence Registry, SLA Layer, Agent Trust Management, Streaming Evidence (SSE), Deterministic Replay, Zero-Trust Validation SDK | Live |
| Enterprise Trust Proof Page — feedoracle.io/trust with live 8/8 verification | Live |
| CSRD/ESRS Data API — chain footprint, ESRS E1, EU energy mix, EU ETS pricing | Live |
| Initiative | Status |
|---|---|
| Multi-chain Evidence Anchoring — XRPL (live, 86 anchors), Polygon (ZK attestation, weekly refresh), Avalanche C-Chain (3 verified contracts), Hedera (HCS beacon), Gnosis (Olas Mech) | Live |
| SOC 2 Type II — Trust Center live, compliance framework mapping complete, security controls documented, SLO evidence via Uptime Kuma (46 monitors). Pre-audit documentation ready; formal audit pending funding | Audit-ready |
| Chainlink BUILD program participation | Application submitted |
| Avalanche Compliance Infrastructure — 5 MCP servers (AvaRisk, AvaEvidence, SubnetGuard, AvaRWA, AvaAmpel), 3 verified smart contracts on C-Chain mainnet, on-chain isCompliant() verdicts, SubnetGuard cross-subnet compliance passports | Live |
| Flare Network — FlareOracle MCP Server: 12 tools covering FTSOv2 oracle data, FAssets risk, protocol health, compliance screening. Live at feedoracle.io/chain-oracles/ | Live |
| CSRD/ESRS template library — structured report templates for ESRS E1 disclosures | Data API live, templates in development |
| Initiative | Priority |
|---|---|
| ISO 20022 expansion (pacs.008, camt.053) | Medium |
| WebSocket real-time feeds (SSE + Streamable HTTP already live via MCP) | Medium |
| XRPL Grants program application (Spring 2026) | High |
| Avalanche Evergreen Subnet deep integration — advanced subnet-to-subnet compliance routing | Medium |
| Flare FTSOv2 Feed Value Provider — direct on-chain feed submission (requires validator registration) | Medium |
| Flare Data Connector (FDC) — on-chain compliance attestations via FDC protocol | Medium |
| Developer SDK (npm package) for multi-chain FeedOracle integration | High |
| Documentation | feedoracle.io/docs |
| API Reference | Full API Ref (238 Endpoints) |
| Trust & Security | Trust Documentation |
| System Status | Status Page |
| Enterprise | Enterprise Overview |
| Interactive Demos | RWA · Insurance · Carbon · Stablecoin · Payments |
FeedOracle provides data infrastructure and verifiable evidence artifacts. The platform does not provide financial, legal, or compliance advice. Compliance decisions remain with the institution and its qualified advisors.
Regulatory timelines and classifications referenced in this document are based on the following official sources:
This document contains forward-looking statements regarding planned features, roadmap items, and business strategy. Actual results may differ materially. No commitment to specific delivery dates, features, or timelines is expressed or implied.
FeedOracle is an independent infrastructure provider. References to blockchain networks (XRPL, Polygon, Gnosis, Chainlink), regulatory bodies (ESMA, BaFin, ECB), or data sources (FRED, DeFiLlama) do not imply partnership, endorsement, or affiliation unless explicitly stated.