Carmen is a Customer Relationship Management (CRM) network for inter-firm process automation.

1) Install the Carmen CRM CorDapp locally via Git:

git clone

2) Deploy the Nodes

cd carmen-cordapp && gradlew.bat deployNodes (Windows) OR ./gradlew deployNodes (Linux)

3) Run the Nodes

cd workflows
cd build 
cd nodes
runnodes.bat (Windows) OR ./runnodes (Linux)

4) Run the Spring Boot Server

cd ..
cd ..
cd server
../gradlew.bat bootRun -x test (Windows) OR ../gradlew bootRun -x test

The Carmen CRM Network API Swagger will be running at http://localhost:8080/swagger-ui.html#/

To change the name of your organisation or any other parameters, edit the node.conf file and repeat the above steps.

Add the following to the node.conf file:


This is the current network map and doorman server URL for the DSOA Testnet

1) Remove Existing Network Parameters and Certificates

cd build
cd nodes
cd Dapps
rm -rf nodeInfo-* network-parameters certificates additional-node-infos

2) Download the Network Truststore

curl -o /var/tmp/network-truststore.jks

3) Initial Node Registration

java -jar corda.jar --initial-registration --network-root-truststore /var/tmp/network-truststore.jks --network-root-truststore-password trustpass

4) Start the Node

java -jar corda.jar


  • Corda version: Corda 4
  • Vault SQL Database: PostgreSQL
  • Cloud Service Provider: GCP
  • JVM or Kubernetes

So far, we get:

  • Connected to the DSOA Network Map
  • Carmen CRM Spring Boot Webserver
  • Corda Node for your Organization

Customer States are transferred between stakeholders on the network.


The first state to be deployed on the network is the Account. Version 0.1 of the Account State has the following structure:

// *********
// * Account State *
// *********

data class Account(val accountId: String,
                   val accountName: String,
                   val accountType: String,
                   val industry: String,
                   val phone: String,
                   val controller: Party,
                   val processor: Party,
                   override val linearId: UniqueIdentifier = UniqueIdentifier())

The Account has the following business flows that can be called:

  • CreateAccount - Create an Account between your organization and a known counterparty on the DSOA
  • TransferAccount - Transfer the Account between your organization and a counterparty on the DSOA
  • ShareAccount - Share the Account Data with a counterparty
  • EraseAccount - Erase the Account Data


The second state to be deployed on the network is the Contact. Version 0.1 of the Contact State has the following structure:

// *********
// * Contact State *
// *********

data class Contact(val contactId: String,
                   val firstName: String,
                   val lastName: String,
                   val email: String,
                   val phone: String,
                   val controller: Party,
                   val processor: Party,
                   override val linearId: UniqueIdentifier = UniqueIdentifier())

The Contact has the following business flows that can be called:

  • CreateContact - Create a Contact between your organization and a known counterparty on the DSOA
  • TransferContact - Transfer the Contact between your organization and a counterparty on the DSOA
  • ShareContact - Share the Contact Data with a counterparty
  • EraseContact - Erase the Contact Data


The third state to be deployed on the network is the Lead. Version 0.1 of the Lead State has the following structure:

// *********
// * Lead State *
// *********

data class Lead(val leadId: String,
                val firstName: String,
                val lastName: String,
                val company: String,
                val title: String,
                val email: String,
                val phone: String,
                val country: String,
                val controller: Party,
                val processor: Party,
                override val linearId: UniqueIdentifier = UniqueIdentifier())

The Lead has the following business flows that can be called:

  • CreateLead - Create a Lead between your organization and a known counterparty on the DSOA
  • TransferLead - Transfer the Lead between your organization and a counterparty on the DSOA
  • ShareLead - Share the Lead Data with a counterparty
  • EraseLead - Erase the Lead Data
  • ConvertLead - Convert a Lead State into an Account State and Contact State

We created the Carmen Dashboard to provide the ability for organizations to create Accounts, Contacts, and Leads with counterparties on the network.


// *********
// * Case State *
// *********

data class Case(val caseId: String,
                val description: String,
                val caseNumber: String,
                val caseStatus: CaseStatus,
                val casePriority: CasePriority,
                val submitter: Party,
                val resolver: Party,
                override val linearId: UniqueIdentifier = UniqueIdentifier()) 

The Case has the following business flows that can be called:

  • CreateCase - Create a Case between your organization and a known counterparty on the DSOA
  • StartCase - Start on an unstarted Case
  • CloseCase - Close the Case with a counterparty
  • EscalateCase - Escalate the Case

Message States are transferred between stakeholders on the network. Messages are encrypted and directly sent to individual users at nodes on the network.


The first state to be deployed on the network is the Message. Version 0.1 of the Message State has the following structure:

// *********
// * Message State *
// *********

     data class Message(val id: UniqueIdentifier,
                       val body: String,
                       val fromUserId: String,
                       val to: Party,
                       val from: Party,
                       val toUserId: String,
                       val sentReceipt: Boolean?,
                       val deliveredReceipt: Boolean?,
                       val fromMe: Boolean?,
                       val time: String?,
                       val messageNumber: String,
                       override val participants: List<AbstractParty> = listOf(to, from)) : ContractState

Go to the Network Map tab and you can see other organizations that are part of the network.

The interface will populate with known legal entities that are part of the network.


Identity is managed for individual users leveraging Hyperledger Indy Credentialing.

Note: This is the first iteration of the DSOA Network and the following roles are subject to change for future networks.


Asset Issuerpermalink



Oracle services are provided natively by the Corda Protocol Chainlink and by Oraclize. The Oraclize service can be called at the beginning of a flow to get validation data from a trusted source.

DSOA Notarypermalink

Dapps Inc. is the BNG for the DSOA Network.

It is critically important that a commercial entity should not control Corda Network going forwards, and that it should be governed transparently, with a fair and representative structure that can deliver a stable operating environment for its members in the long term.

A separate entity called DSOA Network Foundation has been set up, using a not-for-profit legal entity type known as a Stichting, residing in the Netherlands. This type is suited for governance activities, able to act commercially, with limited liability but no shareholders, capital or dividends. Its constitution is defined in a set of Articles of Association and By-laws.

A Foundation enables Network participants to be involved with, and also understand, how decisions are made (including around issues of identity and permission), building trust and engagement from a wide range of stakeholders. We believe this will bring about the best decisions and outcomes for the Network’s long-term success.

Its governance bodies shall include:

  • A Governing Board (‘the Board’) of 11 representatives (‘Directors’).
  • A Technical Advisory Committee (‘the TAC’), comprised of representatives of Participant organisations.
  • A Governance Advisory Committee, comprised of representatives of Participant organisations.
  • A Network Operator (‘the Operator’), charging the Foundation reasonable costs for providing network and administration services, paid by the Foundation through membership funds, and accountable directly to the Board. Operating on behalf of:

Participants (‘Participants’), open to any legal entity participating in Corda Network, and independent of R3 alliance membership.

Nodes are up with 99.999% up time once deployed in the DSOA.

Dapps Inc. is the BNO for the DSOA.

The set of services provided by a business network operator node vary by application. The following sections discuss typical services that may be required:

In addition to the assignment of a base identity to a Corda node that ensures each node across all business networks have a unique identity, each business network performs its own deeper membership management process, e.g., registration, licensing, and KYC/AML checks. While the exact requirements for each business network are governed by the network policies, the process of allowing nodes to join and transact on a network will be performed by the BNO node.

A certificate will be provided to non-natural persons, i.e. organisations that are an incorporated legal entity. The following information should be provided by all Participants seeking access to Corda Network:

  • Entity name
  • Entity Address
  • Contact Name
  • Contact Email Address
  • Contact Phone Number
  • Unique ID – (GLEIF ID, EIN, CRN, etc.)
  • Website Domain (Optional)

Note: additional details may be required for Participation billing, but these requirements do not form part of this Policy.

The Operator must conduct a sanction review commensurate with jurisdictional laws and regulations on all entities and establish a process to clear false positives. Positive matches will not receive a certificate for the network. Business Network Operators must perform their own KYC check and should not rely on the Operator’s identification or sanction review. Business Network Operators are responsible for obtaining further documentation such as articles of incorporation, ultimate beneficial owners, etc. to verify identity and conduct appropriate due diligence checks (high risk industry analysis, high risk geographies, negative news checks) to ensure entities meet acceptable risk tolerance standards designed by the business network.

Certifications will be issued based on the information provided in the certification request. Any changes to information provided, including updating the entity name or contact information, will require a certification to be revoked and subsequently re-issued by the operator.


A common requirement for business networks is the need to maintain a set of shared master data that pertains to the application domain and made available to all business network participating nodes. This data may be served via an API, messaging system, or stored on-ledger, and governed by one more contracts.


Depending on the network policies, certain activities such as vault synchronisations or upgrades may require authorisation from the business network operator node.

For commercial, operational or regulatory reasons it is often a requirement to monitor and/or report on network level metrics. For example, an operator may want to monitor network health by tracking operational metrics such transaction volumes and latency. It may also choose to bill its members (periodically or on-demand) by tracking transactions across the network. The network may be designed to reveal as much or as little about the transactions as appropriate.

Certain network level events such as planned maintenance, outages and upgrades must be communicated to all network users. In many cases, traditional communications channels may suffice but in some cases it may be appropriate to use a BNO service to distribute such information such that it can be integrated into the application itself.

Although distribution of CorDapp jars and other shared dependencies may be managed via traditional deployment software tools, it may be appropriate to integrate this into the network itself.


This is the policy for the deployment of software components by the Operator onto physical infrastructure for the DSOA Network.

Wherever possible, deployment procedures shall be executed via an automation tool or combination of tools. The Operations team is responsible for selecting an appropriate tool, or combination of tools, for each element of a deployment procedure requiring automation. The default preferred tools for each activity are listed below; these should be used for all deployment procedures in the absence of technical obstacles.

The Operations team may, at its discretion, select an alternative tool to perform a given task where the default tool is determined to be unfit for purpose. The rationale for using alternative tooling should be documented within the associated deployment procedure(s).

  • Overall deployment operation: Ansible
  • Code build & packaging: Gradle
  • Cloud infrastructure provisioning: Terraform

The Operations team is responsible for ensuring that all tools used in deployment procedures are themselves updated, and that the testing of the deployment process traps for any version compatibility issues between deployment tools and the software being deployed.

The network commercial model is to charge on a per month basis for access to the network.

The operating costs factor are related to the opeating costs associated with running the nodes in JVMs in addition to paying developers for the ongoing improvement of the network.

The network is for profit and members will be charged by Dapps Inc to transact agreements across the network.

Associated costs for ongoing maintenance of the network as well as additional services will be available for purchase.


Data Privacypermalink

All data is encrypted at rest and owned by the customer in their own secure container.

Governing law is local to the users jusrisdiction.


GDPR is enforced on the DSOA. The following are key definitions as they pertain to the DSOA.

  • Personal Data: means any information relating to an identified or identifiable natural person (‘data subject’). In turn, an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, address, an identification number (such as a passport or a social security number), location data, telephone number, an online identifier or log in details or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person. First Name and Last Name can be personal data if linked to other data (or otherwise independently if they are not common names).
  • Data Controller: “‌controller” means the natural or legal person, public authority, agency or other body (each, a “person”) which, alone or jointly with others, determines the purposes and means of the processing of personal data; where the purposes and means of such processing are determined by Union or Member State law, the controller or the specific criteria for its nomination may be provided for by Union or Member State law.
  • Data Processor: any person (other than an employee of the data controller) who processes the data on behalf of the data controller.
  • Processing, in relation to information or data means obtaining, recording or holding the information or data or carrying out any operation or set of operations on the information or data, including:
  • organization, adaptation or alteration of the information or data,
  • retrieval, consultation or use of the information or data,
  • disclosure of the information or data by transmission, dissemination or otherwise making available or
  • alignment, combination, blocking, erasure or destruction of the information or data.


Customer data is represented a historical set of states between controllers and processors.

The need to prune data on the network map arise over time. Therefore it is imperative that members of the DSOA establish rules for their organziation and policies to ensure efficient keeping of state.

Data Securitypermalink

The Foundation will implement an information security management program with three main components:

  • An information risk management program which will identify, assess and prioritise information security risks to the business. The program will produce an information risk register together with proposed activities to control the risks identified. Those activities will be assessed and prioritised in the light of the impact and likelihood of the risks they address, combined with cost of the control activities themselves. The output of this process will be a prioritised program of activities to establish and maintain a security posture that is aligned to the Foundation’s business objectives and attitude to risk.
  • An information security management capability that delivers the program of work defined by the information risk management program and carries out other major, or highimpact, security projects. The information security management capability will oversee the design and implementation of an information security management system (ISMS) for the Foundation. The ISMS will define such policies, procedures, standards and guidelines as are necessary to maintain the Foundation’s desired security posture.
  • A security operations capability, that monitors and maintains the Foundation’s security posture, provides a security incident response capability and executes smaller projects of limited impact. The security operations capability will operate the information security management system.


Before actively participaing in the DSOA Network, Dapps Inc. will provide the customer with the following Terms of Service for all of the Network Services it provides. At a minimum, Terms of Service shall include clear, explicit statements to cover the following:

  • Identification of Service Operator including relevant contact information, trade registry reference number, legal status and regulated status.
  • Description of the Network Service offered, including technical detail where relevant to its access and operation.
  • Conditions of service, which may include:
  • Any requirements for the User to enter into prior agreements with the Service Operator
  • Applicable hours of operation
  • Specific conditions under which service may be withheld (e.g. legal, regulatory constraints etc.)
  • Data restrictions: Data which Users are prohibited from sending to the Network Service
  • Commitments to deliver a specific level of performance, specifying relevant metrics (e.g. throughput, latency etc.), and how they are measured
  • Commitments to ensure a specific level of availability (uptime) including provisions for planned and unplanned outages
  • Charges due to the Service Operator in relation to the Network Service, and how these are to be paid
  • Acceptance of liability for improper service
  • Dispute resolution procedures, including means to contact the Service Operator
  • Compensation scheme(s) applicable in the event of financial losses by a User due to improper service, and procedures for accessing scheme(s)
  • Disclosures arrangements (see 2.6)
  • Data handling: Treatment and arrangements for secure management of data provided to the Network Service by Users
  • Data retention: Policy on the retention and deletion of data provided to the Network Service by Users
  • Geographical location of all resources (databases, servers etc.) making up the Network Service, naming specific countries in which resources may reside. Where resources are distributed over more than one country, the division of resources across countries shall be unambiguously described.
  • Governing law: Which set(s) of legislation shall be considered to govern the Terms of Service
  • Process for changes to the Terms of Service, including notice given to Participants and notification procedures
  • Process for termination of the Network Service, including requirements for advance notice and migration, where relevant Where any of the above do not apply to a Network Service, the Terms of Service shall include explicit statements to this effect.


Please reach out to