The Gateway Protocol is a sufficiently decentralized protocol that consists of on-chain and off-chain elements to validate, transmit and store data and events.

Gateway Architecture


Clients include all the applications that interact with the protocol through the Validators. These can be user-facing (like a web dApp or mobile application), back-ends, and embedded systems, among others.

Interactions are made possible using the Validators’ GraphQL API or our SDK for TypeScript.


Gateway’s off-chain system is based on Validators: a network of peer-to-peer servers responsible for validating user interactions, storing user data and broadcasting it amongst other peers.

The Validators play a crucial role in issuing, managing and sharing personal data assets. Actions include, but are not limited to:

  • Creating a GatewayID
  • Managing PDAs (issue, revoke, suspend, share)
  • Consume public data (data models)

Validators can also store user data. PDAs issued to users will be stored encrypted at rest with a keypair controlled by the owner.


To make sure all transactions are globally verifiable and auditable, the protocol uses Arweave to pin all the events and entity registrations. Security is achieved through the use of signatures: user consent to actions is made public on Arweave and referenced by the validators.

The transactions are also indexed by the validators, making Arweave the source of truth for all event-related actions.

Future upgrades to the protocol will include a move to a general-purpose chain that allows granular control over the transactions that are pinned.