VARA ComplianceLive on Solana Devnet

VARA Compliance
& Risk Disclosure

Machine-readable regulatory filing for Lattice — a non-custodial sealed-bid batch auction DEX on Solana. Prepared under VARA Rulebook V2.0 (January 2026).

Non-custodial
PDA vaults only
Front-running
Cryptographically impossible
Audit status
Pre-audit · devnet only
Program ID
AW8zeS7…F6iV
Risk Disclosure API

Machine-readable endpoint

terminalGET /api/compliance/disclosure ↗
curl -s https://lattice.xyz/api/compliance/disclosure | jq .
Full disclosure JSON ↗Summary format ↗Full compliance doc (.md) ↗
Risk Assessment

Risk factors

Loading from API…
Jurisdictions

Regulatory status by region

🇦🇪
UAE / Dubai · VARA

Protocol likely exempt (non-custodial); front-end operator may require VASP notification under VARA Rulebook V2.0

Exempt
🇪🇺
EU · MiCA

Monitoring — DeFi carve-out under MiCA Article 4(3); EC DeFi report expected

Review
🇸🇬
Singapore · MAS

Exempt under MAS PS Act if no Singapore users are actively solicited

Exempt
🇬🇧
United Kingdom · FCA

Non-custodial DEXs under FCA review — legal opinion recommended pre-launch

Review
🇺🇸
USA · SEC / FinCEN

HIGH RISK — US user access restricted pending SEC/CFTC regulatory clarity

High risk
VARA Rulebook V2.0

Classification & compliance controls

Classification
Custody of user funds
None — PDA vaults only
Counterparty risk
None — trustless settlement
Front-running capability
Cryptographically impossible
Information privilege
None — sealed until clearing
Wash trading profitability
Zero — uniform price
Native token issuance
No governance token
Fiat on/off ramp
None — token-to-token only
Classification pathway
Non-custodial smart contract protocol — DeFi carve-out under VARA Law No. 4/2022
Market abuse controls
SHA-256 commit-reveal: order parameters sealed until after commit window closes
Walrasian uniform clearing price: all matched orders fill at identical p*
SlashUnrevealed: 0.001 SOL penalty for unrevealed orders (anti-spoofing)
Jito private relay: transactions bypass public mempool
Batch window: intra-block manipulation impossible
AML mitigations
Autonomous Agent

AI agent disclosure

Model
Claude Haiku (claude-haiku-4-5)
Payment protocol
x402 HTTP-native micropayment
Order fragmentation
TWAP with LLM-guided slice count
✓ YESHuman oversight
✓ YESOn-chain audit trail
✓ YESAgent enabled
Smart Contract

Security properties

security.audit
languageRust / Anchor 0.30.1
networkSolana devnet · Program AW8zeS7…F6iV
reentrancyPrevented — Solana single-threaded execution
overflowRust checked arithmetic + u64 BN math
front-runImpossible — commit-reveal cryptographic sealing
griefingslashUnrevealed — 0.001 SOL penalty, order excluded
vault authPool PDA controls vault — no admin key
auditPre-audit (hackathon). Full audit required pre-mainnet
upgradeDeployer holds authority → recommend Squads multisig
Pre-mainnet

Compliance roadmap

1
Smart contract audit
Ottersec / Sec3 / OShield
Pre-mainnet
2
Upgrade authority → Squads multisig + 7d timelock
Protocol team
Pre-mainnet
3
Front-end sanctions screening
Chainalysis / TRM Labs
Pre-launch
4
VARA VASP notification filing
UAE counsel
Pre-launch
5
Privacy policy + Terms of Service
Legal counsel
Pre-launch
6
Legal opinion on DeFi exemption
VARA-specialist counsel
Q3 2026
7
Ongoing transaction monitoring
TRM Labs
Post-launch
Market precedent

Analogy to regulated auctions

Mechanism
Lattice
NYSE Opening Auction
Euronext Batch
Order visibility pre-settlement
None
None
None
Uniform clearing price
MEV / front-running
$0
$0
$0
Regulatory approval
DeFi carve-out
NYSE / SEC
AMF / ESMA
Compliance contact
compliance@lattice.xyz
Download JSON ↗Download .md ↗

This disclosure is for informational and regulatory review purposes. It does not constitute legal advice. Lattice is experimental software on Solana devnet. Obtain qualified legal counsel before any mainnet deployment.

Lattice · Live on Solana Devnet
Live DemoRisk Disclosure APIOnchain ↗