MiCA / DORA compliance · July 2026 deadline

Stops the attack.
Files the evidence.

POLARIS intercepts a malicious transaction before your wallet signs it, then auto-generates a regulator-ready DORA/MiCA evidence package — in one step. The only tool that stops the hack and does the regulator's homework.

Request Early AccessView Live Demo
polaris / pre-sign threat engine / live
ACTIVE
Destination / RuleSimulationVerdict
0x722122dF5b6967Transfer · ETH
OFAC-sanctioned — Tornado Cash mixer
approve() → blocked spender
BLOCK
0xBC4CA0Ed36f13DNFT contract · ERC-721
setApprovalForAll — unknown operator
Full collection access granted
REVIEW
0xd8dA6BF2A96045Transfer · USDC
vitalik.eth · no policy violations
State delta nominal
PASS
3 transactions screened · evidence_hash: sha256:a4f8c2…DORA Art. 16(1)(d) · 187ms
$2.2B
Stolen in crypto in 2024
~900
Pre-MiCA VASPs, July 2026
<200ms
Simulation latency (p99)
€199K
Chainalysis ACV — we're a fraction
The Problem

$1.5B stolen with a single signature.
Existing tools saw it after the fact.

The Bybit hack (Feb 2025) used one malicious approve() call — signed by a hardware wallet after UI manipulation. MiCA and DORA require evidence of pre-signing controls. Nobody had them.

Bybit-class drainer
Unlimited ERC-20 approve to sanctioned spender — POLARIS blocks before the hardware wallet even sees the request.
R3 · R5
Tornado Cash deposits
OFAC-listed mixer destinations — blocked with sanctions evidence hash appended to the compliance log.
R1 · R6
NFT setApprovalForAll
Full collection access to unknown operator — flagged for manual review with full simulation trace.
R4 · R7
Address poisoning
Look-alike destination addresses detected via simulation state delta — not retrospective OSINT.
R8 · R12
How POLARIS works

Three seconds between
intent and signature.

A sandboxed pre-flight check happens entirely in your infrastructure — raw transaction data never leaves your perimeter.

01

Intercept

POLARIS hooks into the signing flow via your wallet SDK or API gateway. The pending transaction is captured before it reaches any signer.

Dfns MPC · Safe{Core} · ERC-7579 hooks · direct API

02

Simulate

A sandboxed EVM (revm) replays the transaction against the live chain state. Approvals are decoded, destinations cross-checked against threat intel.

Verdict in <200ms · on-prem node · tx data never leaves your infra

03

Evidence

Every decision — BLOCK, REVIEW, or PASS — is SHA-256 hashed, chain-linked, and stored in an append-only evidence log. One-click PDF export.

DORA Art. 16(1)(d) · MiCA Art. 68 · SOC 2 Type II ready

Regulatory coverage

The only tool that stops the hack
and does the regulator's homework.

Chainalysis costs €199K/year and tells you what happened after the fact. POLARIS intervenes before signing and auto-generates the evidence your regulator requires.

~1,300 regulated CASPs/VASPs face a MiCA compliance deadline in 2026. POLARIS is purpose-built for this cohort.

DORA
Regulation (EU) 2022/2554
  • Art. 16(1)(d) — ICT security tools & anomaly detection
  • Art. 17 — ICT incident management & evidence retention
  • Art. 19 — Incident classification & NCA reporting
  • Art. 28 — Third-party ICT provider risk monitoring
MiCA
Regulation (EU) 2023/1114
  • Art. 68 — CASP ICT security & operational requirements
  • Art. 64 — Authorisation evidence (security controls)
  • Art. 63 — Ongoing CASP operational obligations
  • Pre-authorisation evidence package for NCA submission
SOC 2
AICPA Type II (observation Q1 2027)
  • CC6.1 — Logical access controls
  • CC7.3 — Incident monitoring & response
  • CC9.2 — Vendor / third-party risk management
  • Continuous CloudTrail + GuardDuty evidence trail
Pricing

A fraction of traditional compliance tooling.

Annual subscription. No tokens. No per-transaction fees. No setup cost. 60-day compliance pilot included.

Starter
€18K/year
  • 1 EVM chain
  • Up to 10K tx/month
  • DORA PDF export
  • Email support
  • 60-day compliance pilot
Get started
Most popular
Growth
€48K/year
  • 3 EVM chains
  • Up to 100K tx/month
  • MiCA + DORA export
  • Slack + API support
  • SOC 2 evidence package
  • 60-day compliance pilot
Request access
Enterprise
€120K+/year
  • Unlimited chains
  • On-prem simulation nodes
  • Custom policy rules
  • SLA 99.9%
  • Dedicated compliance engineer
  • 60-day compliance pilot
Talk to us
July 2026 deadline approaching

~900 pre-MiCA VASPs.
One compliance deadline.

POLARIS provides the ICT security evidence NCAs require for CASP authorisation. Schedule a 30-minute call to see the live demo.

Schedule a callLive Demo