Building a Compliant Token with PCL
Learn how to deploy an ERC20 token and enforce KYC requirements using Maroo's Programmable Compliance Layer.
What You Will Learn
- ✓Deploying a standard ERC20 on Maroo
- ✓Creating a PCL Policy Template
- ✓Binding a policy to your contract
- ✓Verifying transaction rejection for non-compliant users
Prerequisites
- Basic Solidity
- Maroo Testnet Account with OKRW
Tools Needed
HardhatMaroo CLI (marood)Go
In this tutorial, we will create a 'Restricted Token' that can only be transferred between users who have a valid KYC attestation. We won't modify the Solidity code to add whitelists; instead, we'll use the PCL to enforce this at the chain level.
1
1. Deploy the Token
First, deploy a standard OpenZeppelin ERC20 token using Hardhat. Note the contract address.
scripts/deploy.js javascript
const Token = await ethers.getContractFactory('MyToken');
const token = await Token.deploy();
await token.waitForDeployment();
console.log('Token deployed to:', token.target); 2
2. Create Policy Template
Use the Maroo CLI to create a policy that requires a specific EAS Schema UID (representing KYC).
terminal bash
marood tx pcl create-policy-template --name "KYC-Required" --rules "require-schema:0x123..." --from my-wallet Note: The rule syntax depends on the specific PCL version. Check the reference for rule definitions.
3
3. Bind Policy to Contract
Now, attach the template ID returned from step 2 to your deployed contract address.
terminal bash
marood tx pcl set-contract-policy --contract 0xYourTokenAddress --template-id 1 --from my-wallet 4
4. Test Enforcement
Try to transfer tokens to an address without the attestation. The transaction should fail at the protocol level.
test/compliance.js javascript
try {
await token.transfer(nonKycUser, 100);
} catch (error) {
console.log('Transaction blocked by PCL:', error.message);
}Conclusion
You have successfully separated compliance logic from business logic. Your token is now regulatory-compliant without complex Solidity whitelists.