What is VC-Certified?

VC-Certified is a certification program operated by VeritasChain Standards Organization (VSO) that verifies algorithmic trading systems comply with the VeritasChain Protocol (VCP) for cryptographic auditability.

What are the certification tiers?

VC-Certified offers three tiers: Silver (basic compliance), Gold (advanced compliance with enhanced features), and Platinum (full compliance with all VCP requirements including quantum-resistant security).

Is VC-Certified mandatory for MiFID II compliance?

VC-Certified is not legally mandatory, but implementing the VCP standard can help demonstrate compliance with MiFID II record-keeping and audit trail requirements for algorithmic trading.

How long does certification take?

The certification process typically takes 2-4 weeks depending on the tier and complexity of the trading system being certified.

Who governs the VCP standard?

The VCP standard is maintained by the VeritasChain Standards Organization (VSO), an independent body committed to open standardization of algorithmic trading auditability.

FAQ - VeritasChain Certified (VC-Certified) | VCP

Scope 1. Certification Scope & Limitations

A. No, this certification does NOT guarantee financial health or solvency.

VC-Certified certifies only that a system technically complies with the VeritasChain Protocol (VCP) international standard.

Specifically, we verify that the following are mathematically and cryptographically correct:

Trading data is immutable (tamper-proof)
Algorithm decision-making processes are recorded
Time synchronization and numerical precision meet specified Tier requirements

Important: VSO does NOT guarantee or endorse any company's:

• Solvency or ability to meet financial obligations
• Business continuity or long-term viability
• Investment product profitability or returns

A. No, VSO maintains a strict "Non-Endorsement Policy."

VSO is a neutral international standards organization. Issuing a certification badge indicates only that a system meets transparency standards—it is NOT an endorsement of that company's products or services.

VSO maintains a vendor-neutral stance and aims to improve the health of the entire market ecosystem.

A. No. We have no affiliation, relationship, or connection of any kind with such entities.

VeritasChain Standards Organization (VSO) and VeritasChain Co., Ltd. are Japanese organizations dedicated exclusively to the development of the VeritasChain Protocol (VCP), an open technical standard for cryptographic auditability in algorithmic trading.

Important Distinction:

Some investor warning lists published by financial regulatory authorities include entities that operate under similarly spelled or confusingly similar names. Those entities are entirely separate from VSO and the VeritasChain standards initiative.

What VSO Does NOT Do:

• Financial products
• Investment services
• Brokerage activities
• Fund management

Our work is limited to standardization, technical specifications, and research.

Privacy 2. Data Privacy & Security

A. No, personal information is protected by the VCP-PRIVACY module.

VCP's design philosophy balances "public truth (Veritas)" with "privacy protection."

Hashing

What's recorded on blockchain or audit logs are hash values (fingerprints) of data—not the original personal information.

Crypto-shredding

Personal Identifiable Information (PII) is encrypted with unique per-user keys. For GDPR's "Right to be Forgotten," destroying the decryption key makes the data mathematically unrecoverable.

Therefore, it is technically impossible for VSO or third parties to extract customer names or addresses from audit logs.

A. Only "data necessary for verification" is made transparent.

In VCP-compliant systems, transaction hash values and Merkle Roots are anchored to public chains.

This allows users to verify "whether my trades were tampered with" using Explorer tools.

Protected Information: The specific logic of algorithms (intellectual property) and detailed trading information of others are NOT exposed.

VCP provides "verifiable transparency" that sits between "black box (opaque)" and "glass house (fully exposed)."

Tiers 3. Certification Tiers & Technical Value

A. Yes, it provides extremely strong "proof value."

While Silver Tier doesn't require atomic-clock precision (PTPv2), it guarantees "Irreversibility of Fraud."

UUID v7 Ordering

All events are assigned time-ordered IDs.

Retroactive Tampering Prevention

Data is anchored to blockchain every 24 hours.

Fraud Types Prevented:

• "Deleting unfavorable trades after the fact"
• "Inserting fake data with past timestamps"

These typical frauds become impossible even for database administrators.

Silver Tier is a powerful tool to resolve trust disputes ("he said, she said") while keeping costs low.

A. No, "sidecar" deployment is possible.

VCP provides adapters (SDKs and bridges) that run alongside existing FIX engines and trading servers (MT4/MT5, etc.) to generate audit logs without modifying the existing infrastructure.

For Retail Brokers & Prop Firms:

We provide vcp-mql-bridge, which minimizes impact on existing environments while enabling certification.

A. Silver Tier is not positioned as a regulatory-grade artifact.

It is intentionally designed as the "minimum viable transparency layer" for retail and prop-style environments where server-side privileges are limited.

Silver Tier provides:

Cryptographically tamper-evident logs
Transparent dispute resolution
Reliable verification for traders and platforms

It does not aim to satisfy MiFID II RTS 25 or equivalent regulatory-grade evidentiary requirements.

Gold and Platinum Tiers are intended for formal regulatory evidence, targeting exchanges, institutional brokers, and supervised market infrastructures.

In short:

Silver = Transparency & Fairness

Gold/Platinum = Regulatory Compliance Evidence

A. Because the underlying regulations require it—not because VCP "chooses" to be strict.

MiFID II RTS 25 mandates specific timestamp accuracy:

Platinum

PTPv2 + hardware timestamping

Gold

NTP/Chrony with micro-second level accuracy

VCP aligns with these regulatory requirements, so the time-sync burden reflects the regulation—not VCP itself.

To reduce integration cost, VCP provides:

Sidecar Integration (non-invasive attachment to existing systems)
VCP Explorer / Logging API / SDKs
Standardized implementation kits

This turns "implementation cost" into a shared, standardized, reusable cost across the industry—reducing TCO (Total Cost of Ownership).

Governance 4. Governance & Future-Proofing

A. This is expected. VCP v1.0 is currently in its Day-0 to Day-1 adoption phase.

VSO is actively progressing the initial rollout plan:

Three pilot integrations

(confidential)

Public Case Study #1

One partner scheduled to produce

"First Production Deployment" announcement

Planned for a follow-up release

Early-stage standards typically gain momentum after the first 1–3 public integrations. The current phase reflects timing, not a structural issue.

A. Yes—because VCP implements "crypto-agility" at the specification level.

Modern cryptographic standards (including NIST's PQC program) are still in transition. Instead of committing to a single post-quantum algorithm prematurely, VCP reserves multiple options.

Current algorithms:

• Ed25519
• ECDSA
• RSA (for compatibility)

Future-ready reserved:

• Dilithium2
• Falcon
• Additional PQC algorithms as finalized by NIST

PQC remains an open issue for the entire cryptography community. VCP's design ensures it can adopt final PQC standards with minimal friction.

This makes VCP safer, not weaker.

A. VCP is equipped with "Crypto Agility" and is already prepared.

Currently, we default to the fast Ed25519 signature algorithm, but the specification defines a migration path to Post-Quantum Cryptography (PQC).

Future Migration Path

When quantum computing threats become real, we will seamlessly upgrade to NIST-standard algorithms like Dilithium, ensuring the authenticity of records for the future.

A. Yes, support is built into the protocol.

The VCP-GOV extension module includes fields for storing:

AI algorithm decision factors
Risk classification
Human oversight records

Compliance Support:

This strongly supports compliance with high-risk AI system requirements for transparency and record-keeping.

A. No. VeritasChain Standards Organization (VSO) operates as a distributed standards organization and does not maintain a permanent physical headquarters.

VSO does not store, process, or centrally manage certified systems, audit data, or operational records.

Any administrative or liaison offices that may be used are not security boundaries and do not perform core certification, audit, or data-custodial functions.

For clarity: Trust in VC-Certified is derived from verifiable technical processes, not from physical office locations.

Process 5. Certification Process & Compliance

A. No. VC-Certified is optional and is not required to implement the VeritasChain Protocol (VCP).

Organizations may deploy VCP freely under the open standard license, with or without certification.

Certification provides third-party validation of technical compliance, but is not a prerequisite for using the protocol.

A. No. VC-Certified evaluates only technical compliance with VCP.

It does NOT replace:

Statutory financial audits
Licensing requirements
Regulatory examinations

VC-Certified focuses exclusively on technical protocol compliance, not business or regulatory status.

A. Most organizations complete the certification process within 2–6 weeks.

Timeline depends on:

Integration depth — complexity of existing systems
Log volume — amount of trading data to verify
Technical readiness — current compliance posture

A. VC-Certified does NOT evaluate the following:

Financial soundness

Trading strategy

Profitability

Risk appetite

Business performance

AML/KYC compliance

Customer funds handling

A. A VSO-accredited Conformity Assessment Body (CAB) may revoke certification under specific conditions.

Note: VSO does not issue or revoke certifications directly. VSO is the scheme owner and maintains governance authority over the certification program. Certification decisions are made by VSO-accredited CABs.

Revocation conditions include:

Logs are manipulated
VCP-required modules are removed
AI governance metadata is falsified
Audit proofs fail verification
Material violations of VSO non-endorsement policy occur

These strict standards ensure the integrity and credibility of the certification program.

Tiers 6. Tier-Specific Questions

A. Yes. Silver Tier is designed for retail/prop environments where best-effort synchronization is acceptable.

Silver Tier provides strong cryptographic proof of event sequences without requiring enterprise-grade time synchronization infrastructure.

A. Not strictly, but Platinum Tier is recommended for microsecond/nanosecond trading environments.

Platinum Tier is ideal for systems using PTP v2, SBE, or FIX engines requiring ultra-low latency verification.

A. VSO collaborates with global regulatory, academic, and technical bodies to promote interoperability.

VC-Certified is not a regulatory license but may support compliance documentation for organizations operating across jurisdictions.

Certification reports can serve as technical evidence in regulatory submissions.

VeritasChain Certified (VC-Certified)

Scope 1. Certification Scope & Limitations

Q. Does VC-Certified guarantee a company's financial stability or solvency?

Q. Does VSO endorse specific investment strategies or brokers?

Q. Are you affiliated with any third party using a similar name that appears on investor warning lists?

Privacy 2. Data Privacy & Security

Q. Can certification lead to customer personal information being exposed to VSO or third parties?

Hashing

Crypto-shredding

Q. Can anyone view data recorded on the blockchain?

Tiers 3. Certification Tiers & Technical Value

Q. Is Silver Tier (for retail/prop firms) meaningful if time sync is "Best-Effort"?

UUID v7 Ordering

Retroactive Tampering Prevention

Q. Does implementation require replacing existing systems?

Q. Does Silver Tier meet regulatory-grade requirements?

Silver Tier provides:

Q. Why do Gold/Platinum require PTP/NTP clock synchronization?

To reduce integration cost, VCP provides:

Governance 4. Governance & Future-Proofing

Q. VCP is new—what about the lack of long-term reviews or production deployments?

Q. PQC algorithms are still evolving. Is VCP future-proof?

Current algorithms:

Future-ready reserved:

Q. What happens when quantum computers arrive? Will security be compromised?

Future Migration Path

Q. Does VCP address the EU AI Act?

Q. Does VSO maintain a physical headquarters where certified systems or audit data are stored?

Process 5. Certification Process & Compliance

Q. Is VC-Certified mandatory for using VCP?

Q. Does VC-Certified replace legal, financial, or regulatory audits?

Q. How long does certification take?

Q. What does the certification NOT cover?

Q. Under what circumstances can a VC-Certified status be revoked?

Tiers 6. Tier-Specific Questions

Q. Can proprietary trading firms use Silver Tier for production?

Q. Do exchanges require Platinum Tier?

Q. Will certification be recognized internationally?

Need More Information?