Architecture
Technical overview of ACTA's system architecture and components.
System Components
ACTA's on-chain layer (v0.4.0) is built around two Soroban contracts: a single Vault Factory per network and a single-tenant Vault owned by each issuer.
Vault Factory (vc-vault-factory)
There is exactly one vc-vault-factory per network. It is responsible for deploying and pricing per-owner vaults:
- Deterministic deployment: Deploys a new
vc-vaultfor an owner from a template WASM. The vault address is derived from(factory, owner, userSalt). - Canonical vault: The default
userSaltis 32 zero bytes, yielding one canonical vault per owner. Distinct salts allow additional vaults for the same owner. - Immutable vaults: Vaults are deployed from a fixed template WASM and are immutable once created.
- Fee quoting: Exposes
quote_fee, the on-chain issuance fee paid by the issuer (mainnet: 1 USDC per credential; testnet: 5 XLM per credential).
Vault Contract (vc-vault)
Each owner has their own single-tenant vc-vault contract. There is no shared, multi-tenant store. The vault holds the full credential lifecycle on-chain:
- Issue / Batch issue: Creates new credentials in the vault (single or up to 5 per batch). Issuance charges an on-chain fee via the factory's
quote_fee, paid by the issuer. - Verify: Public verification of credential status (
valid,revoked, orinvalid). - Revoke: Revokes credentials with an optional revocation date (signed by the vault owner).
- List / Get / Count: Retrieves credential IDs (paginated) and credential data from the owner's vault.
- Push: Moves a credential to another factory-deployed vault with the same owner.
- Vault DID: The vault stores the owner's DID URI, changeable with
set_vault_did. - Issuer control: Issuance is open by default (deny-by-exception). There is no allow-list. The vault admin can block an issuer with
deny_issuerand unblock withallow_issuer.
Contract functions are exposed via API endpoints. See API Reference for details.
API Layer
RESTful API providing:
- Credential Operations: Issue, verify, revoke
- Vault Operations: Deploy, store, retrieve, manage per-owner vaults
- Transaction Preparation: Generate unsigned XDR transactions for client-side signing
- Read Operations: Query credentials and vault state (no signature required)
All endpoints support both mainnet and testnet automatically via NETWORK_TYPE configuration.
Storage
- On-chain: Credential hashes and status metadata (Soroban smart contracts)
- Off-chain: Encrypted credential payloads (owner-controlled vaults)
Identity Model
The issuer identity is a registered, resolvable did:stellar:
did:stellar:{network}:{address}- Issuer DID: The issuer must have a
did:stellarregistered in a did:stellar registry. A bare wallet key ordid:pkhis no longer used as the issuer DID. - Subject / holder: The credential holder is identified by a DID, expressed as
credentialSubject.idinside the credential.
Note: v0.4.0 uses did:stellar for issuer identity, resolved through the on-chain did:stellar registry. The full method documentation (syntax, registry, resolver, library) lives in the .
Contract Addresses
Mainnet
- vc-vault-factory:
CCWNZ6UMUXCDOVP2TWOPVLI4KP4VY4YF7VKPN6XLYVHNFAT24NDB33CX - did:stellar registry:
CD6LSWW5ZSXOO5WAIHKQLQ262TW7BPI37PNEVMMA273BAPC65NN2AYXQ - vc-vault template WASM hash:
2bd0323a98acb8469606808368da6c79824f2dd8391494b94ddbeb3d22c1a957
Testnet
- vc-vault-factory:
CDRFQRIP4FA3WMPWCSAM3XEY6EM6EGKRYZRSCSVZ5NHCF6AGEVR2XEPQ - did:stellar registry:
CB7ATU7SF5QUKJMSULJDJVWJZVDXC23HTZX6NFUDTSFPVT6MA575NNZJ - vc-vault template WASM hash:
2bd0323a98acb8469606808368da6c79824f2dd8391494b94ddbeb3d22c1a957
The vc-vault contract has no standalone contract ID: it is a template WASM instantiated per owner by the factory.
Network Support
ACTA automatically handles network configuration:
- Testnet:
https://api.testnet.acta.buildorNETWORK_TYPE=testnet - Mainnet:
https://api.mainnet.acta.buildorNETWORK_TYPE=mainnet
Contract IDs, RPC URLs, and network passphrases are configured automatically based on network type.