Registry Stack

Ecosystem fit

Designed to work with the infrastructure governments already choose.

Registry Stack assumes a wider ecosystem and is designed to fit into it, not replicate it. It does not replace exchange layers, workflow engines, wallets, public-service platforms, or domain registry systems. It gives them safer registry-facing services to call.

In plain terms

Four things Registry Stack is not.

Categories matter when budgets are assigned and architecture diagrams are drawn. If you are mapping Registry Stack to a program line, start from what it does not do.

  • Not an exchange layer. X-Road-style exchanges carry trust and transport between institutions; Registry Stack is the governed registry surface behind them.
  • Not a benefits or payments platform. Platforms such as OpenSPP own enrollment, case management, and payments; Registry Stack lets the registries they rely on answer their questions safely.
  • Not a foundational identity system. MOSIP and eSignet establish who a person is; Registry Stack answers what is true about that person in a specific registry.
  • Not master data management or a warehouse. No records are copied, matched, or consolidated; every source stays where it is, under its owner’s control.

Neighbor systems

Complementary, not competitive.

Each neighbor keeps what it owns. Registry Stack adds the narrow registry surface that was missing: described, scoped, evidence-shaped, and auditable.

Domain registry platforms

OpenCRVS, OpenSPP, DHIS2, OpenIMIS

The neighbor owns

Storage, business rules, correction workflows, user interfaces, and a domain runtime API.

Registry Stack adds

Standards-shaped metadata, scoped read-only routes, configured evidence responses, and tamper-evident audit.

Workflow engines

OpenFn, Camunda, Flowable

The neighbor owns

Process state, task assignment, timers, branching, retries, escalation, and history.

Registry Stack adds

A stable registry contract a workflow step can call without learning source tables, raw SQL, or full records.

Exchange layers

X-Road, GovStack-style reference exchanges

The neighbor owns

Participant onboarding, message transport, mutual trust, routing, addressing, and cross-institution policy.

Registry Stack adds

The registry-facing surface behind the exchange: route-level scopes, field projection, and source access controls.

Wallets

SD-JWT VC and OpenID4VCI-compatible wallets

The neighbor owns

Key management, credential storage, holder consent, and presentation to relying parties.

Registry Stack adds

The server-side issuance path: claim evaluation against registry data, and discoverable evidence offerings.

Public-service platforms

Citizen portals, casework systems, service catalogs

The neighbor owns

The user journey: forms, case queues, notifications, payments, and channels.

Registry Stack adds

The narrow registry-facing surface those journeys call: entity routes, evidence responses, and audit records.

Foundational ID and identity providers

MOSIP, eSignet

The neighbor owns

Identity enrollment, deduplication, authentication, e-KYC, and assurance levels for who a person is.

Registry Stack adds

The registry-facing side of that question: signed answers about what is true of that person in a specific registry (alive, eligible, registered), issued after the identity layer has done its job.

Demonstrated, not promised

Four of these integrations already run in the lab.

The homepage names five platforms. This list states what exists today for each: four run in the hosted lab, where you can check them yourself, and one is in progress.

OpenFn
Registry Notary ships an OpenFn sidecar. It runs in the hosted lab and is covered by performance tests.
DHIS2
The lab runs a DHIS2 health scenario through the OpenFn sidecar against a live DHIS2 demo instance, with its own smoke test.
OpenCRVS
The lab runs an OpenCRVS DCI notary. A step-by-step tutorial issues a verifiable credential (SD-JWT VC) from an OpenCRVS DCI test birth record.
MOSIP
The lab runs MOSIP eSignet for a citizen self-attestation login flow.
OpenSPP
A Registry Manifest metadata profile for OpenSPP is in progress, and the stack already speaks SP-DCI, the interface OpenSPP uses.

A layered example

Behind an exchange layer, in front of a registry source.

An exchange layer such as X-Road handles network trust between institutions. The registry surface behind it assumes zero trust anyway: a request arriving through a trusted channel is still checked for route-level scope, field projection, and source access. The two layers do different jobs.

Exchange layer

X-Road or a GovStack-style exchange handles trust, transport, routing, and addressing between participants.

Registry Stack
  1. Scope the caller
  2. Project fields
  3. Return evidence
  4. Record audit
Registry source

The legacy database, extract, or domain platform stays where it is, under institutional control.

A request forwarded by the exchange layer arrives at a registry surface that can return a configured evidence response instead of a copied record, and log who asked and why.

Standards we adopt

Established standards, not a new ontology.

Registry Stack adopts standards rather than inventing them. Claim levels vary by standard; the docs carry the full register before assuming conformance. No universal registry ontology is claimed.

  • Metadata: DCAT-AP, BRegDCAT-AP, CPSV-AP, ODRL.
  • Shape: SHACL, JSON Schema, OpenAPI.
  • Evidence: CCCEV (JSON-LD), SD-JWT VC, OpenID4VCI.
  • Sector: SP-DCI, OGC API Records, OGC API Features, GovStack Digital Registries.

Read the docs

See the integration patterns in detail.

Request pilot scope Read the docs