Gateway FM

Gateway has completed its SOC 2 Type 2 report for Security, covering the design and operating effectiveness of its security controls from January 31, 2026 to April 30, 2026. This report is another step Gateway has taken to support secure, reliable infrastructure for institutions building onchain financial products. Together with ISO 27001, SOC 2 Type 2 adds another layer of assurance to Gateway’s security and compliance foundation. We expect regulated onchain finance to become an increasingly important part of the global financial infrastructure, making security, operational resilience, and compliance readiness critical to scaling it responsibly.

I’ll be in Amsterdam this week for Money20/20, mostly looking forward to getting out of the usual workday and having some good conversations with people building around payments, stablecoins, and yield. If you’re around too, let me know. I’d be happy to grab a coffee or just catch up between sessions.

Most block explorers were built for public chains where transparency is the point. On an institutional permissioned network that default doesn't work. The Open Privacy Suite block explorer enforces the same disclosure rules as the proxy. Real-time indexing, full-text search, ERC-20 and ERC-721 tracking, privacy-aware throughout.

It’s been a busy few months behind the scenes, but I'm finally packing my bags again, starting with Brussels and The Banking Scene this Thursday. If you're in town, feel free to reach out to me. I'd love to discuss payments, compliance, and bringing regulated onchain finance to production safely.

The 2026 regulatory environment for institutional on-chain operations has shifted. EU Transfer of Funds Regulation is now zero-threshold across every CASP-to-CASP transfer. MiCA full enforcement begins July 1, 2026. Travel rule legislation has been adopted across 99 jurisdictions. Privacy and compliance now operate at the infrastructure layer or not at all.

Blockchain privacy isn't an on/off switch. If you hide the entire state, regulators will block you. If you expose it, competitors will front-run you. The Open Privacy Suite handles this tension with three levels of selective disclosure: Full (Real addresses for regulators), Pseudonymous (Consistent aliases for counterparties) and Hidden (no visible data for competitors and unrelated parties). Grants are time-limited, auto-expire, and enforce multi-jurisdiction policies from a single deployment. Same chain, different views depending on who is looking.

The perceived difficulty of switching infrastructure often prevents teams from optimizing their costs and performance. Migration to the Gateway stack is primarily an endpoint replacement process that requires no downtime. Once you provide your contract addresses and Oracle specifications, we provide sandbox access on the same day. Most protocols are fully migrated and live within 72 hours without any disruption to their existing users or integrations.

The next shift in on-chain activity is being driven by autonomous agents that require identity verification and spending controls at the infrastructure level. Gateway’s Indexer and Oracle bundle is engineered for this transition, providing the high-throughput and low-latency data feeds necessary for agents transacting at scale. If your chain infrastructure cannot support sub-second query speeds for autonomous actors, it will struggle to capture the next wave of protocol adoption.

If your compliance team is relying on manual reconciliation for on-chain transactions, you have a massive exposure gap. Compliance cannot be a post-execution process. It must be enforced at the proxy layer, before anything hits the network. The Open Privacy Suite enforces this natively. See how: https://t.co/W6sqwbgDuQ

Oracle costs can consume up to 50% of protocol revenue for many DeFi applications, yet this budget line often scales aggressively without notice. Managing separate contracts for indexers and oracles adds unnecessary latency and synchronization overhead. Consolidating into a single, high-performance stack removes third-party dependencies and stabilizes protocol economics. Gateway provides an integrated Indexer and Oracle bundle that deploys together to ensure data consistency across your entire stack.

Building a production-grade indexer in-house appears simple until you face the complexities of chain reorgs and state reconstruction. Maintaining internal systems drains engineering cycles that belong to your product roadmap. Gateway redefines the benchmark by industrialising the stack. Our Indexer and Oracle are built on a geo-distributed, bare-metal foundation, offering sub-second latency at a fraction of standard market costs. Operating within an ISO 27001:2022 certified environment, we provide the security and reliability of a global failover architecture.