← COMPASS

Roadmap

What we built · what's next.

v0.5 is shipped — accepting receipts on Aristotle mainnet. Below is the honest sequence of what lands next, with the gating constraints stated up front. This roadmap deliberately avoids promises that depend on uncertain partnerships; items marked "later" are gated and labelled.

v0.5

Aristotle mainnet · hackathon submission

shipped
  • ·AgentRegistry + CompassHub deployed to 0G Aristotle mainnet (chainId 16661)
  • ·Three demo policies registered on-chain: help-legal-aid, bethune-shelter, hk-fdh-hospital
  • ·Browser AES-256-GCM vault with non-extractable WebCrypto key in IndexedDB
  • ·SD-JWT VC live issuance + verification end-to-end
  • ·Phala dstack TDX receipt-signer with per-receipt RA quote binding
  • ·Codex GPT-5.5 adversarial pre-submission review caught 1 BLOCKER + fixed
  • ·Slither 0.11.5 audit (101 detectors): 0 security findings
  • ·5-language kiosk localization (en/fil/id/ms/yue)
  • ·3D Spline scene + 3D force-graph audit visualisation
v0.6

Post-hackathon hardening (June-July 2026)

next
  • ·Vercel KV / Upstash Redis migration for the /api/consume rate-limit (replace the in-memory bucket that doesn't survive cold starts)
  • ·CSP header with per-domain allow-list + Next.js inline-script nonce strategy
  • ·Browser-side 0G Storage upload — eliminate the Node CLI dependency for the encrypted vault path
  • ·Native-speaker review of the 5 kiosk languages (gated on NGO outreach replies)
  • ·Sentry error tracking activation with the privacy-scrubbing config from docs/notes/sentry-setup.md
  • ·BetterStack uptime monitoring with public status page
  • ·Live ReceiptIssued event feed on /audit (replace fixture data)
v0.7

On-chain trust-list governance (August-September 2026)

next
  • ·TrustList contract on Aristotle implementing the 5-of-7 add quorum / 3-of-7 revoke quorum design from docs/trust-list-governance.md
  • ·7-day timelock with 24-hour revoke expedite path
  • ·Migration from the docs/policies/*.json file-based registry to the on-chain TrustList
  • ·Initial 7-of-N trustee set seeded from real NGO + foundation partners (gated on partnership formalisation)
  • ·Public dashboard at /governance showing trust-list state + pending proposals + voting history
v0.8

Real NGO integration (Q4 2026)

later
  • ·First real NGO issuer (target: HELP for Domestic Workers or Bethune House) replaces the local Ed25519 fixture in the demo flow
  • ·Hospital Authority free-care eligibility evaluation as a second live policy (gated on compliance review)
  • ·Privacy-preserving analytics for partner NGOs: counts of receipts per policy / per timestamp bucket, with k-anonymity floor
  • ·Multi-issuer SD-JWT VC bundle support — workers carry one credential redeemable across multiple NGOs without re-issuance
v1.0

ZK option + cross-region (2027)

later
  • ·Optional ZK eligibility path per the SD-JWT-friendly Plonky2 sketch in docs/zk-future-work.md (interactive-grade proving target: <3s in WASM)
  • ·TEE path remains the default; user chooses the trust model at intake
  • ·Cross-region deployments: Compass-Singapore, Compass-Manila — same contracts, region-specific policy registries
  • ·Mythril symbolic-execution audit pass before any v1.0 mainnet redeploy
  • ·Formal threat-model document with academic peer review

How to influence this roadmap

File an issue with the enhancement label and the Compass scope check answered in the issue body. Items that pass the scope check and align with the migrant-worker threat model land on this page within the next milestone window.

Larger scope changes — new use-case forks, new jurisdictions, new threat models — open a Discussion instead. Compass is solo-maintained; partnerships scale faster than scope sprawl.

File an issue →FAQ →
Watch the 3-min demo →