A stablecoin transfer on Ethereum moves value. Musubi moves value and the compliance record that regulators require for that value to be moved — in one atomic contract. Public chains can’t collapse those two planes without exposing PII; Canton’s sub-transaction privacy is what makes the collapse possible.
The reference case throughout this page: VASP A sends 1,000,000 USDC on Ethereum to VASP B.
What’s On-Chain
| Artifact | USDC on Ethereum | Musubi FXOrder |
|---|
| On-chain record | One Transfer(from, to, amount) event on the ERC-20 contract | Full FXOrder: originator + beneficiary + VASPs + KYC (status/provider/expiry) + sanctions (status/list version/freshness) + jurisdictions + purpose code + consent + settlement legs |
| Party identity | Hex addresses (pseudonymous) | Canton party identities + IVMS 101 legal persons, observer-visible only to entitled parties |
| Compliance evidence | None on-chain | Signatory-bound on the same contract as the settlement |
Transfer event fires regardless of whether any compliance step was completed. Everything that makes the transfer lawful lives in systems the blockchain never touches.
Where Compliance Lives
One USDC/ETH VASP-to-VASP transfer produces artifacts across seven separate systems:
| Side | System | What it records |
|---|
| Originator VASP | KYC vendor (Persona, Sumsub, Jumio) | Originator identity |
| Originator VASP | Sanctions vendor (Chainalysis, Elliptic, TRM) | Screening result |
| Originator VASP | Travel Rule provider (Notabene, TRUST, Sygna, CODE, VerifyVASP) | IVMS 101 message sent |
| Beneficiary VASP | KYC vendor | Beneficiary identity |
| Beneficiary VASP | Sanctions vendor | Screening result |
| Beneficiary VASP | Travel Rule receive queue | IVMS 101 message received |
| Public | Ethereum | Transfer event |
Transfer event. The linkage is “we both agree this Travel Rule message is about tx 0xabc…” — an assertion, not a proof. On Musubi, every compliance field and every settlement leg is on the same FXOrder contract, signed by the same parties.
Atomicity of Enforcement
| Scenario | USDC on Ethereum | Musubi |
|---|
| Travel Rule message not sent | Transfer settles anyway | ExecuteSettlement has the IVMS 101 fields on the FXOrder — can’t settle without them |
| KYC expired between screening and transfer | Transfer settles anyway | ExecuteSettlement rejects expired KYC |
| Sanctions list stale at screening time | Transfer settles anyway | Rejected against sanctionsFreshnessWindow |
| Beneficiary VASP not whitelisted | Transfer settles anyway | Rejected without active RegisteredVASP attestation |
| BLOCK-severity AML alert unresolved | Transfer settles anyway | ComplianceClearance gate refuses to settle |
What the Regulator Sees
Ask: “show me everything about the transfer of 1M on 2026-01-15.”
Assemble, across organizations and vendors:
- On-chain tx data (Etherscan)
- Originator’s KYC vendor record
- Originator’s sanctions screening record
- Originator’s Travel Rule provider sent-message log
- Beneficiary VASP’s matching KYC, sanctions, and Travel Rule receive records
- Possibly defunct vendors, archived systems, deprecated APIs
Response time: weeks. Some records may not exist because a vendor was acquired, changed schema, or archived to cold storage. GET /api/v1/compliance/orders/{intent_id}
Non-Repudiation
| Signature | USDC on Ethereum | Musubi |
|---|
| Value movement | Hot wallet ECDSA signature | Operator + sender custodian + market maker + receiver custodian Canton signatures |
| KYC attestation | Row in a SaaS database (no cryptographic signature) | Field on a contract signed by operator + custodian |
| Sanctions attestation | API response stored in a vendor portal | Field on the same signed contract |
| Travel Rule message | Travel Rule API-key signature by VASP A’s service account | IVMS 101 fields on the same signed FXOrder |
| Binding between them | Convention — tx hash referenced in each | Single contract, single signature chain |
Integrity Through Time
Compliance vendor landscapes churn. Persona gets acquired. Chainalysis revises their alert schema. CODE or VerifyVASP pivot. Any one of those disrupts the linkage between yesterday’s on-chain transfer and today’s audit.
Musubi snapshots the vendor name, list version, and timestamp on the FXOrder at the moment of the intent, and retains the record for ten years. An auditor inspecting a 2026 settlement in 2036 sees the same record they would have seen at the time.
What You Give Up
Musubi isn’t strictly better — it’s a different trade.
| USDC on Ethereum | Musubi |
|---|
| Liquidity | $30B+ daily global volume, thousands of counterparties | Closed counterparty set (approved participants on a Canton network) |
| Composability | Tx can atomically interact with DeFi, bridges, wrapped instruments | Purpose-built for regulated cross-border FX; no general composability |
| Access | Permissionless — any address can transact | Permissioned — you must join the network as a known participant |
| Audience | Any use case that wants USD-stable on-chain | Licensed VASPs with cross-border obligations |
The Structural Point
Public chains pushed compliance off-chain because putting PII on a public ledger is unacceptable. Canton’s sub-transaction privacy lets the FXOrder carry IVMS 101 + KYC + sanctions + consent fully on-ledger without any of it being publicly visible — only parties entitled to see each field do.
USDC-on-Ethereum is “the ledger tracks value; seven other systems track whether anyone was allowed to move it.” Musubi is one ledger, one record, one signature chain — compliance is a pre-condition to settlement, not a post-hoc audit.
This page compares the operational and regulatory shape, not the technical merits of EVM vs. Canton as such. Ethereum remains the correct choice for permissionless access and DeFi composability. Musubi is the correct choice for regulated cross-border FX between known VASPs.
