Fully Decentralized · Zero-Custody · Crankless Direct Settlement.
Inspired by the words "Feed my sheep," Pretiola Pasture is a micro-donation platform that enables charitable ministries to receive stablecoin donations on EVM chains (Arbitrum, Base) and settle them directly into physical SEPA bank accounts via the Keeta Network.
Unlike custodial platforms, Pretiola never holds private keys, never acts as a custodial intermediary, and does not run any manual crons/cranks to sweep funds. The entire routing pipeline is atomic and handled directly at the blockchain protocol and anchor layers.
apps/donor-web: Next.js donor interface for making contributions with integrated address generation.registry.json: Public, auditable directory of verified ministries and bank details (designed to be hosted publicly under.well-known/registry.json).SPEC.md: Core system specification detailing the zero-custody, direct-routing protocol design (v0.4).services/orchestrator/src/create-route.js: CLI tool to establish a permanent direct EVM-to-IBAN route.
Before running the services, create a .env file in the root directory with the following variables:
ORCHESTRATOR_SEED=your_funded_seed
NETWORK=test # Change to 'mainnet' for productionNote: ORCHESTRATOR_SEED is only used by the operator to pay the one-time registration fee (KTA gas) when generating persistent forwarding routes. It is not used to sign withdrawals or sweeps.
You can set up a direct-routing gateway for a beneficiary directly from the console:
cd services/orchestrator
node src/create-route.jsThis script will:
- Privately register the Ministry / Association's bank details (using Father Emmanuel & Sr. Dolores Foundation as our proof-of-concept example) with the IBAN Anchor (
DEV2) on the testnet, getting a unique on-chain Session ID. - Call
createPersistentForwardingAddresson the Bridge Anchor to map a permanent Base Sepolia EVM Address directly to the IBAN Anchor and the Session ID. - Print the generated EVM address.
To start the Next.js development server for donors:
cd apps/donor-web
npm run devThe application will be available at http://localhost:3000.
- Visit http://localhost:3000/give/sr-dolores to see the pilot page.
- Entering an amount and clicking "Generate" automatically negotiates the direct EVM-to-IBAN persistent forwarding address, outputs the QR code, and polls the Base Sepolia RPC for incoming funds.
- Zero intermediate keys: We do not maintain any background "crank" service to sweep funds. If the Pretiola server is completely rooted, there are zero custodial keys to steal and no funds to redirect.
- 100% On-Chain Privacy: Bank details are registered privately off-chain with the licensed Anchor. Only an encrypted/hashed Session ID is stored in the blockchain operations—ensuring compliance with GDPR and absolute financial privacy for the Ministry / Association (using Father Emmanuel as our proof-of-concept example).
- One-time Fee Structure: KTA gas fees are paid once during address registration. All subsequent donations to the generated EVM address bypass further ledger-creation costs entirely, with bridge fees deducted from the transferred assets.
In this decentralized architecture, the generated EVM deposit address (0x240f...) is cryptographically and permanently bound directly to the SEPA Payout Anchor. Neither the beneficiary's KYC identity wallet (keeta_aabgfog...) nor the operator's orchestrator seed wallet has any mechanism to intermediate, intercept, or reroute the funds:
- Locking the Bridge Route: The mapping between the EVM deposit address and the IBAN Payout Anchor's address (with its specific Session ID) is registered and locked in the Bridge Anchor's immutable ledger database upon generation. Once written, the Bridge Anchor enforces this routing rule at the protocol consensus layer.
- Zero Orchestrator Power: The Orchestrator's seed (which pays the one-time gas fee to register the rule) has absolutely no administrative privileges to modify, update, or delete the rule once established. It cannot change the destination address.
- Zero Beneficiary Wallet Power: The beneficiary’s KYC wallet (
keeta_aabgfog...) acts purely as a read-only identity credential on-ledger to authorize payout compliance. The KYC wallet holds no private keys to the generated EVM address, holds no sweeping rights, and has no capacity to reroute incoming funds. - On-Chain Autonomy: When stablecoins are deposited, the Bridge Anchor's validator nodes atomically execute the routing instructions on-ledger without requiring any additional off-chain signatures or approvals. The route is 100% permanent and tamper-proof.