All questions
·Transfa Team

What Is the TIP-403 Policy Registry on Tempo?

The TIP-403 Policy Registry is a Tempo precompile that enforces transfer compliance. Every TIP-20 token movement checks sender and recipient authorization against a shared policy.

tempotip-403compliancetokens

The TIP-403 Policy Registry is a protocol-level precompile at 0x403c000000000000000000000000000000000000 that enforces transfer compliance on Tempo. Every TIP-20 token has a transferPolicyId, and on every transfer, the protocol calls isAuthorized(policyId, from) and isAuthorized(policyId, to). Both must return true or the transaction reverts with PolicyForbids().

Why this exists

Stablecoin issuers need compliance controls: KYC verification, sanctions screening, jurisdiction restrictions. On Ethereum, each token issuer implements these checks in their own smart contract with custom logic. This leads to fragmentation: every token has a different compliance interface, and auditing requires reading each contract individually.

Tempo centralizes this at the protocol level. A single policy can govern multiple tokens. An issuer deploys one compliance policy and assigns it to all their tokens. Wallets and applications only need to understand one interface.

How it works

Every TIP-20 token is created with transferPolicyId = 1, which is the always-allow policy (all transfers pass). The token admin can change the policy using changeTransferPolicyId(uint64).

When a transfer occurs:

  1. The protocol reads the token's transferPolicyId
  2. It calls TIP403_REGISTRY.isAuthorized(policyId, from) and isAuthorized(policyId, to)
  3. If both return true, the transfer proceeds
  4. If either returns false, the transaction reverts with PolicyForbids()

This check happens at the protocol level, not inside the token contract. It cannot be bypassed by calling the token through a proxy or wrapper contract.

Shared policies

Policies are shared across tokens. If an issuer manages three stablecoins (e.g., a USD, EUR, and GBP token), they can assign all three to the same policy. Updating the sanctions list or KYC requirements updates compliance for all three tokens at once.

This is more efficient than per-contract compliance, but it means policy logic is coarser-grained. You can't have different compliance rules for different tokens under the same policy. If you need that, use separate policy IDs.

Default behavior

New tokens use policy ID 1 (always-allow). If you're building on Moderato and don't need compliance controls, you don't need to interact with TIP-403 at all. The default policy permits all transfers between all addresses.

Related content