G

Sanctions Compliance Policy

Sanctions Compliance Policy

1. Overview#

Gao Internet is an open infrastructure platform designed to support decentralized identity, decentralized applications, AI agents, and decentralized infrastructure networks.

Gao Internet includes both:

  • Open protocol layers that operate in a permissionless manner

  • Service layers operated by Gao entities that provide user-facing interfaces and tools

As a U.S.-based project and ecosystem, Gao Internet is committed to complying with applicable U.S. sanctions laws administered by the U.S. Department of the Treasury’s Office of Foreign Assets Control (OFAC).

This document describes how sanctions compliance is implemented across the Gao ecosystem.

2. Compliance Scope#

Sanctions compliance applies differently depending on the type of component within the Gao ecosystem.

2.1 Protocol Layer (Permissionless Infrastructure)

Certain components of Gao Internet operate as open protocols or decentralized infrastructure networks.

Examples include:

  • Gao Domain protocol

  • Gao DePIN network

  • Gao AI agent runtime

  • Gao smart contracts

  • Gao identity protocol

  • Gao decentralized storage and compute layers

These components:

  • are open-source

  • operate permissionlessly

  • do not custody user assets

  • do not control user wallets

Accordingly, Gao entities do not control or restrict access to protocol-level interactions.

2.2 Service Layer (Gao Operated Services)

Some services are operated by Gao entities and therefore must comply with applicable sanctions laws.

Examples include:

  • gao.global (Gao Workspace)

  • gao.domains website

  • gao.systems

  • Payii payment interface

  • Gao dashboards and developer portals

  • API services hosted by Gao

These services are considered U.S. services and are subject to OFAC sanctions compliance.

3. Sanctioned Jurisdictions#

Gao-operated services restrict access from jurisdictions subject to comprehensive U.S. sanctions.

These jurisdictions may include:

  • Iran

  • North Korea

  • Cuba

  • Syria

  • Crimea region

  • Donetsk region

  • Luhansk region

Access from these jurisdictions may be restricted through geolocation controls and service access policies.

The list may be updated based on changes to OFAC regulations.

4. Geo-Blocking Controls#

Gao-operated web services implement risk-based geographic access restrictions.

These may include:

  • IP geolocation filtering

  • traffic inspection

  • cloud infrastructure geo-blocking

Access attempts from sanctioned jurisdictions may be denied.

Example enforcement points include:

  • account registration

  • login

  • API access

  • payment services

  • service dashboards

Geo-blocking controls may be implemented using standard infrastructure tools such as CDN or edge security providers.

5. Wallet Address Screening#

Where Gao-operated services interact with blockchain addresses (for example in payment or service integrations), Gao may perform sanctions screening on blockchain addresses.

Screening may include:

  • comparison against sanctioned wallet address lists

  • blockchain analytics risk scoring

  • detection of exposure to sanctioned entities

If a wallet address is identified as associated with a sanctioned entity, Gao-operated services may restrict interactions with that address.

6. Transaction Monitoring#

Certain Gao services that interact with digital asset payments (such as Payii interfaces) may perform transaction monitoring.

This monitoring may include:

  • blockchain transaction analysis

  • detection of exposure to sanctioned entities

  • monitoring of high-risk addresses

If a transaction is identified as linked to a sanctioned entity or jurisdiction, the service may reject or prevent the transaction.

7. Non-Custodial Infrastructure#

Gao Internet is designed as a non-custodial infrastructure platform.

Gao does not:

  • control user private keys

  • custody digital assets

  • operate custodial wallets

  • control user on-chain transactions

Users maintain full control of their wallets and private keys.

Because of this architecture:

  • Gao cannot freeze user assets

  • Gao cannot confiscate funds

  • Gao cannot reverse on-chain transactions

Sanctions compliance is therefore implemented at the service access layer, not the protocol layer.

8. Prohibited Circumvention#

Users may not attempt to bypass sanctions restrictions.

This includes:

  • using VPN services to circumvent geo-blocking

  • masking location to access restricted services

  • using sanctioned entities to access Gao services

Violation of these policies may result in:

  • service access restrictions

  • termination of accounts or services

9. Reporting Obligations#

If Gao-operated services identify interactions with sanctioned entities or addresses, Gao may comply with applicable reporting obligations under U.S. law.

This may include reporting to relevant authorities when required by applicable sanctions regulations.

10. Updates to This Policy#

Sanctions regulations may change over time.

Gao Internet may update this policy to reflect:

  • updates to OFAC sanctions programs

  • regulatory guidance

  • evolving compliance practices in the digital asset industry

Updated versions of this policy will be published through Gao documentation.

Gao Internet is an open infrastructure protocol.

The Gao protocol and open-source software operate independently of Gao-operated services.

Gao entities do not control decentralized protocol interactions conducted directly on public blockchains.

Users are responsible for complying with applicable laws and regulations in their jurisdiction.