# tbdiligence Architecture ## Impulse Modules #### API - HTTP server - Request validation and client authentication - Implements high level of tbdiligence features by calling other modules #### SanctionScreener - Manages screening of submissions - Reads and writes via SubmissionPersistence #### SubmissionPersistence - Persist all data about submissions - Handles encryption/tokenisation - The only module that talks to DB #### CastellumClient - Wrapper around Castellum's API - Uses OAuth token stored in Secrets Manager #### VCIssuer - Produces signed VCs from a Submission - Talks to AWS KMS to sign and verify with Issuer keys #### ReScreenJob - Periodic task - Searches for Submissions that need re-screening - Submits them to SanctionScreener ### Castellum Refresh Lambda - Periodically fetches an OAuth token from Castellum, stores in Secrets Manager - Not an Impulse module - Lambda is invoked on schedule by AWS ## Lines and Boxes  ## Flow ### Submission ```mermaid sequenceDiagram actor D as DIDPay participant A as API participant SS as SanctionsScreener participant SP as SubmissionPersistence participant C as CastellumClient participant VC as VCIssuer D->>+A: POST /submissions A->>SP: Create Submission A-->>+SS: Screen Submission :id (async) A->>-D: 202 Accepted SS->>+SP: Read Submission :id SP->>-SS: Alice SS->>+C: Screen Entity C->>-SS: Result SS->>-SP: Update Submission D->>+A: GET /submissions/:id A->>+SP: Read Submission SP->>-A: Alice A->>+VC: Generate VC VC->>-A: VC A->>-D: 200 Submission ``` ### Re-Screening ```mermaid sequenceDiagram participant R as ReScreenJob participant SP as SubmissionPersistence participant SS as SanctionsScreener participant C as CastellumClient loop Every N minutes R->>+SP: Fetch Submissions SP->>-R: Submission IDs loop Each Submission R->>+SS: Screen Submission :id SS->>+SP: Read Submission :id SP->>-SS: Alice SS->>+C: Screen Entity C->>-SS: Result SS->>-SP: Update Submission end end ``` Note: The Screen Submission unit in SubmissionScreener is used by the initial screen and re-screen