The XRP Ledger (XRPL) is introducing new tools to enhance compliance, security, and institutional adoption. One of the most important developments in this space is Permissioned Domains (XLS-80), a proposed amendment that enables issuers and financial institutions to create controlled environments for blockchain-based transactions.
Permissioned Domains allow institutions to define access requirements for specific parts of the XRPL, ensuring that only authorized users — those with verifiable credentials — can participate in certain transactions. Permissioned Domains enable other features to become more compliant, representing a major step toward institutional-grade decentralized finance (DeFi) by ensuring privacy, regulatory compliance, and controlled asset flows.
What are Permissioned Domains?
Permissioned Domains introduce a new on-chain access control mechanism that allow institutions, businesses, and issuers to define rules for participation in specific financial activities.
More specifically, they enable the creation of controlled environments within a broader system where specific rules and restrictions can be applied to user interactions and asset flows. These rules are recorded directly on the XRPL, enabling domain creators to establish a trusted, transparent framework for their blockchain-based operations, helping traditional financial institutions meet the regulatory requirements they face.
For example, credential-gating ensures that via a Domain object, institutions can specify which credentials are required for access to their permissioned domain, ensuring compliance with relevant KYC/AML regulations. Permissioned Domains allow for institutional-grade compliance and risk management without relying on external intermediaries or encroaching on privacy. The ledger itself only tracks whether the user’s credential is valid and accepted by the domain.
For a closer look at Credentials on the XRPL, a feature introduced through XLS-70 that allows for on-chain identity management and credential verification, you can check out my recent piece on DevTo.
A Key Enabler for the Upcoming Permissioned DEX
Permissioned Domains are not just an isolated feature — they serve as the foundation for another major institutional finance upgrade: the Permissioned DEX.
What is the Permissioned DEX?
The Permissioned DEX is effectively an evolution of the XRPL’s existing decentralized exchange (DEX) that allows only credentialed participants to trade within specific liquidity pools. While the XRPL’s native DEX has provided seamless on-chain trading for years, regulated financial institutions require greater control over who can participate in certain transactions.
How Permissioned Domains Enable the Permissioned DEX:
- Restricted Orderbooks: Trading pairs on the Permissioned DEX can require users to hold approved credentials (facilitated by Permissioned Domains), ensuring that only authorized participants can place orders.
- Regulatory Compliance: Institutions issuing tokenized real-world assets (RWAs) or stablecoins can create private trading environments that comply with financial regulations.
- Permissioned but Decentralized: Instead of splitting into separate private blockchains or special authorized tokens, the Permissioned DEX allows regulated institutions to reuse XRPL’s core DEX capabilities — just with added checks to ensure participants belong to the same, credential-gated domain.
With Permissioned Domains, the Permissioned DEX will allow financial institutions to engage in DeFi while meeting compliance requirements, opening the door to regulated secondary markets for tokenized assets.
Credentials: A Prerequisite for Permissioned Domains
As outlined in my earlier blog, Permissioned Domains build on top of Credentials and DID to facilitate a flexible, institutional-grade identity system on XRPL. Before users can access a Permissioned Domain, they must hold the required Credentials.
How Credentials Work with Permissioned Domains
- Credential-Gated Membership: A domain object can list accepted credentials, such that any account holding any one of those credentials is automatically considered a member.
- Streamlined Control: Organizations can define requirements (like KYC credentials from a trusted issuer) and manage who joins or transacts within a domain.
- Privacy Preservation: Rather than upload personal information to the public blockchain or provide it to each platform, users only need to prove they hold a required credential. The network itself only tracks whether the user’s credential is valid and accepted by the domain.
By combining Credentials and Permissioned Domains, XRPL ensures on-chain privacy, security, and compliance, making institutional DeFi more accessible and scalable.
How to Vote for Permissioned Domains
To support the adoption of Permissioned Domains on the XRPL, you can participate in the amendment voting process!
Refer to the Amendments Guide for a step-by-step overview of how to vote.
New to the XRPL? The guide also explains how the amendment process works and how you can contribute to the network’s evolution.
Top comments (0)