Where the SecureFrameworkVerificationToken (SFVT) ecosystem is heading.
Main Verification Chain (27 Merkle leaves) + Authoritative Source Audit. Both roots anchored on Base via the SFVT contract. 185 STRM PDFs extracted, 249 frameworks mapped, 1,468 SCF controls verified.
Interactive public explorer with dynamic receipt loading, anchor verification (MATCH/MISMATCH shown honestly), clickable Merkle tree, and one-click report export. ← Back to Explorer
Each of the 249 mapped frameworks gets its own on-chain wallet/address. The wallet holds the framework's verification state: its STRM relationship counts, row count, and a hash of its mapping CSV. When the data changes, the wallet's state updates — creating an auditable on-chain history per framework.
Each of the 1,468 SCF controls gets a wallet. The wallet holds the control's mapping state across all frameworks it touches. This enables per-control verification — you can prove exactly which frameworks map to a specific control and what the relationships are.
Every number the Merkle tree verifies (58,346 STRM rows, -- framework mapping rows, etc.) becomes on-chain state. Not just a hash anchored once — a living, updating record. When SCF releases a new version, the on-chain state updates and the delta is visible.
Each SCF release produces a new Merkle root. The SFVT contract stores the history of all roots, creating an immutable timeline of how the compliance landscape evolves. Anyone can verify any past version.
Organizations can query the SFVT contract to verify their compliance mapping is based on the correct, unmodified SCF data. The Merkle proofs let them verify individual controls without downloading the entire dataset.
With per-framework wallets and verified STRM relationships on-chain, organizations can prove compliance overlap: "Our SOC 2 audit also covers 87% of ISO 27001 requirements" — backed by cryptographic proof, not marketing claims.