KYC

KYC

Purpose

Document identity verification behavior for NSFW character creation.

Participants

• Brisket initiates KYC-related user action and displays verification status.
• Sirloin owns KYC state relevant to NSFW characters.
• Ondato handles external identity verification.
• S3 stores KYC image artifacts used for inherited NSFW character verification.

Sequence

sequenceDiagram
  participant Brisket
  participant Sirloin
  participant Ondato
  participant S3
  Brisket->>Sirloin: Start KYC verification
  Sirloin->>Ondato: Create verification
  Sirloin-->>Brisket: verification URL / ID
  Brisket->>Ondato: User completes verification
  Ondato-->>Sirloin: Verification callback/status
  Sirloin->>S3: Store or copy KYC image artifact

Source Links

• apps/brisket/src/server/api/routers/character.ts
• apps/brisket/src/app/verification/page.tsx
• apps/sirloin/internal/app/services/characters/createcharacter.go

State Transitions

Users start verification from Brisket. Sirloin records the Ondato verification ID and KYC state used by NSFW character creation. A later NSFW character can inherit a verified Ondato ID and copy the KYC image to the new character path.

Invariants

• NSFW character creation requires prior KYC-verified NSFW character state.
• Sirloin owns the KYC state that gates NSFW character creation.
• Ondato is the external verifier.

Error Paths

Missing or empty Ondato verification IDs block NSFW character creation with FailedPrecondition. Rejected verification routes the user through the current verification recovery behavior in Brisket.

Tests And Verification

• cd apps/sirloin && make run-tests
• cd apps/brisket && pnpm test

Related Decisions And Standards

• Character Creation
• Auth Boundaries