Compliance
Sciencera is built compliance-first. Biotech translation cannot succeed by ignoring regulators — and we don't try to. The network does not claim one universal pathway; it provides structured evidence, provenance, attestations, and credentials that adapt to each vertical's actual rules.
This page is for anyone asking: how does this stay on the right side of regulators?
The short answer
Regulatory requirements shape how Sciencera is built, not what's pasted on top of it.
- Drafts never touch the blockchain.
- Sensitive content stays in access-controlled storage; only fingerprints go on chain.
- Authority is role-based — reviewers, issuers, and admins all have explicit, separable permissions.
- Every action that matters carries a tamperproof fingerprint and a wallet signature.
- Sciencera does not approve products, file submissions, or substitute for agency review. That stays with the agencies and the project teams.
Guiding principles
- Compliance is architectural. It shows up in the data model (proposal statuses, hash commitments, role separation) — not in marketing copy.
- Hashes on chain, content access-controlled. Sensitive data lives in private storage. The blockchain is a tamperproof receipt log.
- No universal pathway. Each vertical has different rules. Sciencera provides primitives; project owners drive their own filings.
- Evidence beats claims. Every proposal, every status change, every credential carries a cryptographic fingerprint. Tampering is detectable.
- Sciencera is not a regulator. No piece of the platform claims to "approve" a product or substitute for agency review.
What Sciencera does NOT do
We state non-goals explicitly so they aren't assumed.
- Does not approve products. No flow says "FDA approved" or equivalent.
- Does not replace regulatory submissions. A proposal on chain is not an IND, CTA, NDA, or any agency filing. It's a peer-reviewable evidence record that the project team may reference when filing.
- Does not automate clinical or field decisions. The AI Lab is assistive; scientific review is human.
- Does not store PHI or PII on chain. Only wallet addresses (public by definition) and opaque cryptographic fingerprints.
- Does not hold user funds today. Milestone escrow is a future module. No custody risk exists in the current platform.
- Does not operate as a regulated entity. Sciencera provides infrastructure; the project owner decides whether their output is regulated and where to file.
Regulatory surface by vertical
Peptides translate differently across six worlds. Sciencera supports each natively.
Human Health
| Framework | What it covers |
|---|---|
| FDA (US) | Drugs (IND, NDA, BLA), devices, combination products |
| EMA (EU) | Centralized authorizations, scientific advice, orphan designation |
| ICH-GCP | Clinical trial conduct |
| 21 CFR Part 11 | Electronic records & signatures in FDA-regulated contexts |
| HIPAA (US) | Protected health information |
| GDPR (EU) | Personal data processing |
| BPOM (Indonesia) | Drugs and food |
| GMP | Manufacturing quality |
| GLP | Nonclinical laboratory studies |
Veterinary & Livestock
| Framework | What it covers |
|---|---|
| USDA APHIS (US) | Animal biologics |
| FDA CVM (US) | Animal drugs |
| EMA CVMP (EU) | Veterinary medicinal products |
| GVP | Good Veterinary Practice |
| AAALAC | Lab animal welfare |
| Antimicrobial stewardship | Reduce resistance emergence |
Agriculture
| Framework | What it covers |
|---|---|
| EPA (US) | Pesticide registration (FIFRA), biopesticide classification |
| USDA (US) | Organic & agricultural programs |
| EU EFSA | Plant protection products |
| GLP field studies | OECD GLP for agri residue & environmental studies |
Aquaculture
National aquaculture authorities (farmed species), environmental regulators (water quality, containment, escape prevention), and veterinary authorities where applicable.
Industrial
Requirements vary heavily by product category, claim type, safety profile, and jurisdiction. Sciencera supports performance testing records, process compatibility documentation, safety documentation, manufacturing integration attestations, and buyer-specific specifications. There is no single regulator.
Cosmetics
| Framework | What it covers |
|---|---|
| EU Cosmetic Products Regulation (1223/2009) | Safety + claims substantiation in EU |
| FDA / MoCRA (US) | Cosmetic facility registration & safety |
| BPOM (Indonesia) | Cosmetics registration |
How product features map to compliance requirements
Evidence and provenance
| Requirement | How Sciencera supports it |
|---|---|
| Tamperproof evidence trail | Every on-chain write carries a SHA-256 fingerprint. Mismatches surface as tamper warnings. |
| Audit trail | Every status change records who changed it, when, and a fingerprint of the review |
| Revision history | Each round of revisions has its own fresh fingerprint |
Access control
| Requirement | How Sciencera supports it |
|---|---|
| Role separation | Admin, reviewer manager, and issuer manager are separate authorities |
| Reviewer attestation | Each reviewer is bound to specific proposals; their assignments are on chain |
| Lab verification | Verified labs receive a non-transferable credential recording the attestation |
Privacy
| Requirement | How Sciencera supports it |
|---|---|
| Work-in-progress confidentiality | Drafts live in your browser. The blockchain has no concept of a draft. |
| PHI / sensitive data off chain | All content bodies in access-controlled storage. On-chain is only fingerprints and pointers. |
| No PII on chain | Wallet addresses (already public) are the only identity on chain |
Pause and kill-switch
| Requirement | How Sciencera supports it |
|---|---|
| Global halt on incident | Both blockchain programs have an admin-only pause |
| Reviewer deactivation | Deactivating a reviewer prevents new actions without erasing history |
| Issuer deactivation | Same pattern for credential issuers |
| Credential revocation | Records preserved; revocation adds a hash, doesn't delete |
The attestation model
When a lab performs work, a reviewer reviews, or an issuer issues a credential, they sign a Solana transaction. The signature is the attestation.
Each event carries a fingerprint of the off-chain content. An auditor can:
- Fetch the referenced content
- Compute its fingerprint locally
- Compare with the on-chain fingerprint
- Verify the signer's authority
If any step fails, the evidence has been tampered with, the signer was unauthorized, or the content is missing. There is no "maybe it was valid" — each step is binary.
Data residency and localization
Off-chain storage is provider-chosen. Sciencera does not operate centralized servers. A project that needs EU-resident storage uses an EU pinning service. A project that needs Indonesia-resident storage picks accordingly.
On-chain data lives on Solana mainnet (a globally replicated validator set). It contains only wallet addresses and fingerprints — no personal information.
Audit and disclosure
- Soft audit, available now. Anyone can read on-chain state, verify fingerprints, cross-check the registries. No per-project audit firm is required to use the platform.
- Hard audit (SOC 2, ISO 27001, equivalent) is a future operator decision, not a protocol decision. Individual projects that require certified audits bring their own auditor and use the on-chain evidence as input.
- Selective disclosure is built in. Content pointers may resolve to access-controlled endpoints. The blockchain proves a commitment exists; the off-chain layer decides who can read it.
Mapping to the progressive trust model
Trust is earned in stages:
- Stage 0 — Reputation. Non-transferable credentials. Not securities (no economic rights, no transferability).
- Stage 1 — SCI Credits. Off-chain credit system, pool-bounded. Not securities (no secondary market).
- Stage 2 — Project tokens. Issued only after scientific + rights + compliance review. Whether they are securities depends on per-project structure, decided with counsel.
- Stage 3+ — Network token. Launched only when real utility exists. The jurisdictional strategy is a decision for that point in time.
Financializing unreviewed hypotheses is explicitly rejected. The order is: evidence → rights clarity → compliance → tokenization.
Where to go next
- Overview — narrative context
- Features — what's live in the app today
- The blockchain layer — on-chain authority model
- How proposals stay tamperproof — the proposal lifecycle in detail