ComplianceGate
ComplianceGate enforces Polymarket's terms-of-service access policy on every OrderIntent before it reaches execution.
What it does
ComplianceGate enforces Polymarket's terms-of-service access policy on every OrderIntent before it reaches execution. It validates (1) that the originating wallet has completed Polymarket onboarding, (2) that the user's jurisdiction is not on the blocked list, (3) that the wallet address does not appear on OFAC or other configured sanctions lists, and (4) that the target market is eligible for trading (not restricted by category policy). When any check fails the order is rejected outright; for geopolitical markets the bot applies NegRisk-aware category rules before passing. ComplianceGate is fail-closed: any inability to verify policy results in a hard reject.
Pipeline placement
Applies to: Every OrderIntent — checks the originating user wallet and target market for jurisdiction, KYC, sanctions, and market-el
Why it matters
| If this fails | Consequence |
|---|---|
| Sanctioned-address order submitted | Allowing a wallet on an OFAC or other sanctions list to trade exposes the operator to regulatory and legal liability, and may result in asset freezing or platform shutdown. Worked example Setup: An OrderIntent is submitted from wallet 0xc1.. for 800 pUSD on a US-listed political market. Compliance lists were last refreshed 22 minutes ago. Without bot: The order routes to CTFExchangeV2 and fills. 14 hours later the daily compliance feed update shows 0xc1.. was added to a sanctions list yesterday. The position must now be unwound under regulatory pressure. With bot: ComplianceGate reads the freshest sanctions snapshot, finds 0xc1.. on the list, returns `RiskVote{decision: REJECT, reason_code: COMPLIANCE_SANCTIONED}`. The order never reaches CTFExchangeV2; an audit record is written. |
| Blocked-jurisdiction user bypasses geo check | Trading from a restricted jurisdiction violates Polymarket's terms and applicable law; unchecked this can lead to regulatory action against the platform. |
| Non-onboarded wallet places order | Polymarket's KYC/AML process has not been completed; the user has not accepted terms and the platform has no identity verification for the account. |
| Market category restriction not enforced | Certain market categories (e.g. restricted financial instruments, region-specific political events) may not be available to all users; ignoring category eligibility creates unequal treatment and compliance gaps. |
| Fail-open on policy-service outage | If compliance checks succeed silently during a data outage, ineligible users can trade undetected. ComplianceGate must fail-closed to prevent this. |
Inputs
Polymarket inputs
| Input | Source | Required | Use |
|---|---|---|---|
| Gamma API market metadata — negRisk flag and category | gamma | required | Determine whether the market is a NegRisk category (e.g. geopolitical) and whether category-level trading restrictions apply. |
| Polymarket onboarding status for the linked wallet | internal | required | Confirm the wallet has completed Polymarket KYC/AML onboarding before any order is allowed. |
Internal inputs
| Input | Source | Required | Use |
|---|---|---|---|
| User jurisdiction metadata (from account profile or IP-geolocation) | internal | required | Check the user's detected jurisdiction against the blocked_jurisdictions list. |
| Sanctions list snapshot (OFAC SDN + configured providers) | internal | required | Screen the originating wallet address against current sanctions lists; hard-reject on any match. |
| KillSwitch active flag | KillSwitch | required | If KillSwitch is active, reject all orders immediately without running policy checks. |
| Market eligibility override map | Admin UI | optional | Allow compliance team to whitelist or blacklist specific markets outside of automated category rules. |
Authority
What this bot is permitted to do
State
Readiness
General live
Status
live
Class
Guardrail
Default mode
general_live
Developer owner
Polytraders core — Risk pod
Capital impact
Critical
Reason codes emitted
| Code | Severity | Meaning | Action |
|---|---|---|---|
| KILL_SWITCH_ACTIVE | HARD_REJECT | Global kill switch is active; no orders may proceed. | Immediately return HARD_REJECT without running any compliance check. |
| COMPLIANCE_GATE_SANCTIONS_HIT | HARD_REJECT | The originating wallet address matched an entry in the configured sanctions list (e.g. OFAC SDN). | Return HARD_REJECT; do not expose which list triggered the match in user-facing messaging. |
| COMPLIANCE_GATE_JURISDICTION_BLOCKED | HARD_REJECT | The user's detected jurisdiction is on the blocked_jurisdictions list and close_only_on_violation is false. | Return HARD_REJECT; log the country_code for compliance reporting. |
| COMPLIANCE_GATE_JURISDICTION_CLOSE_ONLY | RESHAPE | The user's jurisdiction is blocked but close_only_on_violation=true and this is a close/reduce order. | Return RESHAPE_REQUIRED with constraints.close_only=true. |
| COMPLIANCE_GATE_NOT_ONBOARDED | HARD_REJECT | The wallet has not completed Polymarket's required onboarding/KYC flow. | Return HARD_REJECT; direct user to complete onboarding. |
| COMPLIANCE_GATE_MARKET_INELIGIBLE | HARD_REJECT | The target market is blocked by category policy, admin override, or a NegRisk geopolitical restriction for this user. | Return HARD_REJECT; log market_id and category for audit. |
| COMPLIANCE_GATE_DATA_UNAVAILABLE | HARD_REJECT | One or more compliance data sources (sanctions API, onboarding cache, Gamma market metadata, user profile) returned an error or were unreachable. | Return HARD_REJECT (fail-closed). Log which data source failed and alert on-call if sustained. |
| COMPLIANCE_GATE_PASS | INFO | All compliance checks passed for this wallet and market. | Emit APPROVE and continue to next guardrail. |
Related bots in Risk Guardrail
Used by
Reverse index — strategies that currently reference risk.compliancegate. If you change this bot's authority or reason codes, these strategies must re-pass shadow.
| Strategy | State | Activity |
|---|---|---|
| AI Frontier — release-day taker | frozen | last triggered 12m ago |
| NBA props — line-shop | demo-wired | last triggered 19m ago |
Showing 2 of 2 · demo-wired ≠ production-live
⚙ Configuration — risk.compliancegate
Why this matters
Risk Guardrail bots does NOT propose intents or sign orders; only permits or blocks. Understanding the authority boundary prevents misuse and makes promotion-gate reviews faster and more reliable. View raw spec JSON →