Compliance Gating with
Coinbase Verifications

Coinbase Verifications are the largest source of on-chain KYC credentials. Over 20 million users have completed Coinbase identity verification, and those credentials are stored on Base as EAS (Ethereum Attestation Service) attestations. InsumerAPI now verifies these attestations with a single API call, using pre-configured compliance templates that abstract away schema IDs, attester addresses, and indexer contracts.

What are EAS attestations?

EAS (Ethereum Attestation Service) is an open protocol for making on-chain statements about anything. An attestation is a signed record that says: a specific address (the attester) is asserting a specific claim (the schema) about a specific recipient (the wallet). Attestations are stored on-chain and can be verified by anyone.

Each attestation references a schema that defines the structure of the credential. The attester is the entity making the assertion. The recipient is the wallet the claim is about. Attestations can also carry an expiry time and a revocation flag, which allows issuers to invalidate credentials after they are issued.

EAS is currently deployed on six chains: Ethereum mainnet, Base, Optimism, Arbitrum, Polygon, and Avalanche. Any entity can publish a schema and issue attestations. What matters for trust is the attester address.

Coinbase Verifications on Base

Coinbase issues KYC attestations on Base using EAS. When a user completes identity verification through Coinbase, Coinbase's attester address issues an attestation to that user's linked wallet. The attestation is on-chain, publicly verifiable, and does not require contacting Coinbase to confirm.

Coinbase publishes three schemas on Base:

• Verified account: The wallet owner has completed Coinbase KYC. This is the standard identity credential. It confirms the account is verified but does not reveal any personal data.
• Verified country: The wallet owner's KYC-verified country of residence. Useful for jurisdiction-based access control.
• Coinbase One: The wallet owner is an active Coinbase One subscriber. Useful as a signal of a paid, committed Coinbase user.

Coinbase maintains its own indexer contract on Base that tracks these attestations. Querying the indexer is significantly more efficient than scanning EAS directly. These three schemas collectively represent the largest deployed source of on-chain identity credentials for EVM wallets.

Compliance templates

Verifying an EAS attestation directly requires knowing the schema ID, the attester address, the indexer contract address, and the chain ID. For Coinbase Verifications, these are fixed and publicly documented, but they still add friction to every integration.

InsumerAPI ships with three pre-configured compliance templates that pre-fill all of these parameters:

• coinbase_verified_account: Coinbase KYC completion on Base
• coinbase_verified_country: Coinbase KYC-verified country on Base
• coinbase_one: Coinbase One membership on Base

To list all available templates and their underlying parameters, call the discovery endpoint:

GET /v1/compliance/templates

The response returns each template name, a description, the resolved schema ID, attester address, indexer contract, and chain ID. This lets you inspect exactly what each template maps to before using it.

One API call

To verify that a wallet holds a valid Coinbase KYC credential, pass the template name in a standard POST /v1/attest request:

POST /v1/attest
X-API-Key: your_api_key

{
  "wallet": "0x1234...abcd",
  "conditions": [
    {
      "type": "eas_attestation",
      "template": "coinbase_verified_account",
      "label": "Coinbase KYC verified"
    }
  ]
}

The response is a standard InsumerAPI attestation with ECDSA signature:

{
  "ok": true,
  "data": {
    "attestation": {
      "id": "ATST-B9A2D6E7F8C01234",
      "pass": true,
      "results": [
        {
          "condition": 0,
          "label": "Coinbase KYC verified",
          "type": "eas_attestation",
          "chainId": 8453,
          "met": true,
          "evaluatedCondition": {
            "type": "eas_attestation",
            "chainId": 8453,
            "schemaId": "0xf8b05c...",
            "operator": "valid"
          },
          "conditionHash": "0x7d2f...",
          "blockNumber": "0x1a2b3c",
          "blockTimestamp": "2026-02-27T10:00:00.000Z"
        }
      ],
      "passCount": 1,
      "failCount": 0,
      "attestedAt": "2026-02-27T10:00:00.000Z",
      "expiresAt": "2026-02-27T10:30:00.000Z"
    },
    "sig": "base64-ecdsa-signature",
    "kid": "insumer-attest-v1"
  },
  "meta": { "creditsRemaining": 99, "creditsCharged": 1, "version": "1.0", "timestamp": "2026-02-27T10:00:01.000Z" }
}

The result costs 1 credit ($0.04). No personal data from the Coinbase KYC process touches the API. The API reads the on-chain attestation record only. met: true means the credential exists, is valid, and passes all four checks described below.

What gets verified

For every eas_attestation condition, the API runs four checks against the on-chain record:

• Recipient match: The attestation's recipient field must match the wallet address in the request. This confirms the credential belongs to the wallet being checked, not a different one.
• Not revoked: The attestation's revocation status is checked. If Coinbase has revoked the credential (for example, due to a flagged account), the condition fails.
• Not expired: If the attestation carries an expiry timestamp, the API confirms the current time is before that timestamp. Expired credentials return met: false.
• Attester match: The attestation's attester field must match the expected Coinbase attester address for that schema. This prevents accepting attestations from unknown or fraudulent attesters claiming the same schema.

All four checks must pass for met: true. If any check fails, the result is met: false with no additional data about which check failed. The response does not reveal wallet holdings, personal data, or the raw contents of the attestation record.

Raw schemas for custom providers

Templates are optional. If you are working with a credential provider other than Coinbase, or a custom schema you have deployed yourself, you can pass the raw parameters directly:

{
  "type": "eas_attestation",
  "schemaId": "0xabcd...",
  "attester": "0x1234...",
  "indexer": "0x5678...",
  "chainId": 8453,
  "label": "Custom KYC credential"
}

This works with any EAS-compatible credential on any of the six supported chains: Ethereum, Base, Optimism, Arbitrum, Polygon, and Avalanche. Gitcoin Passport attestations, Worldcoin credentials, custom compliance schemas, and any other EAS-based credential issued by a known attester can be verified the same way.

The same four checks (recipient, revocation, expiry, attester) apply regardless of whether you use a template or raw parameters.

Use cases

EAS attestation verification is most useful when you need to confirm a real-world identity property about a wallet without handling personal data yourself:

• KYC gating for DeFi and lending: Require verified account status before allowing access to lending pools, borrowing functions, or high-value transactions. The protocol never sees KYC data. It only receives a signed boolean.
• Compliance checks for autonomous AI agents: An agent transacting on behalf of a user can verify the wallet's KYC status before executing a regulated action. The signed result can be passed to downstream agents without re-calling the API.
• Accredited investor verification: Custom EAS schemas can encode accreditation status issued by a regulated verifier. The same API call verifies the credential.
• Age and country verification for regulated content: Use coinbase_verified_country to gate access by jurisdiction. No need to collect or store country data in your application.
• Cold-start trust signals for new agent wallets: New wallets have no transaction history. A valid Coinbase verification provides a meaningful trust signal for agent-to-agent workflows, including the x402 ecosystem.

Agent SDK support

All four agent SDKs support the eas_attestation condition type and the compliance templates endpoint:

• MCP server (mcp-server-insumer on npm): The insumer_attest tool accepts eas_attestation conditions with template names. The insumer_compliance_templates tool lists all available templates. Compatible with Claude, Cursor, and any MCP-capable agent.
• LangChain (langchain-insumer on PyPI): InsumerAttestTool handles EAS attestations. InsumerComplianceTemplatesTool wraps the templates endpoint. Both are included in the get_insumer_tools() factory.
• ElizaOS (@insumermodel/plugin-eliza on npm): The VERIFY_WALLET action accepts EAS attestation conditions including compliance templates.
• OpenAI GPT: The InsumerAPI GPT in the GPT Store supports compliance template verification through the same POST /v1/attest action.

Full SDK documentation and code examples are at /developers/compliance.

Getting started

Three steps to verify your first Coinbase attestation:

1. Get a free API key at /developers/#pricing. Instant provisioning, no credit card required.
2. List available compliance templates with GET /v1/compliance/templates to see the full set of pre-configured schemas.
3. Call POST /v1/attest with your wallet address and template: "coinbase_verified_account". Receive a signed result in under a second.

Verify KYC credentials. Reveal nothing else.