- Key Takeaway 1: Solana Token Extensions (Token-2022) let developers bake compliance rules — KYC checks, freeze authority, audit trails — directly into a token at the protocol level, no custom smart contracts needed.
- Key Takeaway 2: The five core compliance extensions are Transfer Hook, Permanent Delegate, Default Account State, Confidential Transfers, and Required Memo on Transfer.
- Key Takeaway 3: Extensions must be chosen at mint creation — you cannot add them later, so planning ahead is critical.
- Key Takeaway 4: Some extensions are incompatible with each other. Confidential Transfers cannot be paired with Transfer Hook because encrypted amounts prevent hooks from reading values.
- Key Takeaway 5: Major regulated issuers — including PayPal (PYUSD) and Paxos — already rely on Token Extensions to meet real-world regulatory requirements.
- Key Takeaway 6: For Chia builders, Transfer Hooks are conceptually similar to Chialisp puzzles: both are custom programs that run at the moment of a transaction to decide whether to allow or block it.
Solana Token Extensions compliance refers to the set of built-in, audited tools inside the Token-2022 program that allow token issuers to enforce legal and institutional rules — such as KYC, sanctions screening, and asset recovery — directly at the protocol layer, without writing custom smart contract code. These extensions give regulated institutions a standardized, battle-tested way to issue compliant digital assets on a fast, low-cost public blockchain.
What Are Solana Token Extensions?
The original Solana token program, known as SPL Token, handled the basics well: mint tokens, transfer them, burn them, freeze an account. For a lot of use cases, that was enough. But as more banks, fintech companies, and regulated businesses started looking at Solana, the basic SPL program showed its limits. If you wanted to add compliance logic — like requiring KYC before a wallet could receive tokens — you had to write your own custom program. Custom programs mean more code, more auditing costs, more bugs, and more risk.
Solana Labs solved this by building Token-2022, also called Token Extensions. Token-2022 is a superset of the original SPL Token program — it does everything the old program could do, and adds a menu of optional modules that developers can switch on at mint creation.1 These modules are the “extensions,” and they cover everything from metadata storage to compliance controls.
Token-2022 — The Technical Foundation
Under the hood, Token-2022 uses a data structure called TLV (Type-Length-Value) that sits after the standard 82-byte mint account layout. Each extension appends its own data block to the mint or token account. When the program reads an account, it skips through these blocks to find the extensions it knows about. This design makes Token-2022 forward-compatible — a wallet written today will not break when new extensions are added tomorrow.2
One important detail: most extensions must be set at the time you create the mint. You cannot upgrade an existing SPL token into a Token-2022 token. This means if you are planning a compliant token launch, you need to decide which compliance extensions you want before you deploy. Missing this step means starting over with a new mint and migrating all holders — a painful process. Plan first, deploy second.
Why Extensions Beat Custom Smart Contracts
Before Token Extensions existed, building a compliant token on Solana meant either using a third-party service or writing your own custom token program from scratch. Both paths were expensive, risky, and hard to audit. Every wallet and decentralized application also had to explicitly trust your custom program before they would display or interact with your token — limiting adoption. Token-2022 changes this completely. Because extensions live inside a single, shared, multiply-audited program, wallets and dApps that support Token-2022 automatically support any token built on it — compliance controls included.3
The Token-2022 program has been audited by multiple independent security firms, including Halborn, Zellic, Trail of Bits, NCC Group, OtterSec, and Certora. Each audit report is published publicly on GitHub. When you build with Token Extensions, you are inheriting that security track record rather than starting from zero.2
The Core Solana Token Extensions Compliance Toolkit
There are more than a dozen extensions available in Token-2022, but a handful are specifically designed for regulatory compliance. Here is what each one does, and when you would use it.
| Compliance Goal | Best Extension | Best For |
|---|---|---|
| Block transfers unless KYC is verified | Transfer Hook | RWA tokens, regulated stablecoins |
| Freeze or seize funds under law enforcement order | Permanent Delegate | Regulated stablecoin issuers |
| Ensure only approved wallets can hold a token | Default Account State (Frozen) | Permissioned markets, securities tokens |
| Hide amounts from public but allow regulator audit | Confidential Transfers | Institutional payments, privacy-preserving assets |
| Attach payment references for reconciliation | Required Memo on Transfer | B2B payments, MiFID II reporting |
| Prevent secondary market trading entirely | Non-Transferable | Credentials, soulbound compliance flags |
Transfer Hook — The KYC Gatekeeper
The Transfer Hook extension lets you attach a custom program to your token that runs automatically every time a transfer is attempted.3 Think of it like a bouncer at the door of every transaction. Before any tokens move, your hook program gets called. Inside that hook, you can check anything you want: Is this wallet on a KYC-approved list? Is this address flagged on an OFAC sanctions list? Is the transfer happening from an allowed jurisdiction?
If your hook program approves the transaction, it proceeds. If it rejects it, the transaction fails — no tokens move. This is powerful because the enforcement happens on-chain, automatically, for every transfer, without any manual intervention. You write the hook logic once, and it guards every future transfer forever. For real-world asset (RWA) tokenization projects, this is often the first extension they reach for.
Permanent Delegate — Freeze and Seize Authority
The Permanent Delegate extension assigns a special authority that can burn or transfer tokens from any wallet that holds the token — at any time, without the wallet owner’s permission.4 This sounds alarming until you understand why it exists. Regulated financial institutions are legally required to be able to freeze or seize funds in response to law enforcement orders, court rulings, or sanctions violations. Without this capability, a regulated stablecoin could not legally operate.
PayPal’s PYUSD stablecoin on Solana uses this extension for exactly this reason. The permanent delegate is held by Paxos Trust Company, the regulated issuer, and exists specifically to allow compliance with legal orders. The average holder is never affected — but if a wallet is tied to illicit activity, the issuer has a legal and technical path to act on it.5
Default Account State — Whitelist-First by Design
By default, when someone creates a new token account on Solana, that account is immediately active and ready to receive tokens. The Default Account State extension changes this behavior. You can set all new accounts to be frozen by default, meaning no one can receive or send tokens until the issuer explicitly unfreezes their account.6 This enforces a whitelist model: holders must complete onboarding — KYC, accredited investor verification, jurisdiction checks — before they can hold a single token.
This extension is especially useful for securities tokens and permissioned markets where regulatory rules prevent just anyone from holding the asset. The issuer retains full control over who enters the ecosystem while still benefiting from Solana’s open blockchain infrastructure.
Confidential Transfers with Auditor Keys
Confidential Transfers use zero-knowledge (ZK) proofs to hide the amounts of token transfers from public view. On a normal blockchain, every transfer amount is visible to anyone. With Confidential Transfers, the amount is encrypted — but crucially, the extension also includes an auditor key.3 An authorized party — such as a regulator or the issuer — can decrypt balances using this key for reporting and audit purposes.
This gives institutions the best of both worlds: transaction privacy for business confidentiality, plus regulatory auditability that lets them meet reporting obligations. One important technical limitation: Confidential Transfers cannot be combined with Transfer Hook on the same token, because the hook program cannot read encrypted amounts to make compliance decisions. If you need both privacy and KYC gating, you will need to choose one or architect a workaround.
Required Memo on Transfer
The Required Memo extension mandates that every transfer include an attached message or note. This mirrors a practice that traditional banking has used for decades — every wire transfer includes a reference number, a payment description, or a counterparty note. Banks use these for reconciliation, auditing, and anti-money-laundering tracking.7
For regulated on-chain payments, Required Memo helps create an audit trail that maps on-chain transactions to off-chain business events. A business paying an invoice can include the invoice number. A payroll system can include an employee identifier. This makes the blockchain record directly useful for accounting and compliance reporting without needing a separate off-chain database to link transactions to their purpose.
Real-World Adoption — Who Is Using Solana Token Extensions Compliance Today?
The compliance capabilities of Token Extensions are not theoretical. Several major regulated institutions have already deployed them in production environments.
PayPal PYUSD — Compliance in a Box
PayPal USD (PYUSD) is issued by Paxos Trust Company, a New York State Department of Financial Services (NYDFS) regulated trust company. When PayPal expanded PYUSD to Solana in 2024, the team chose to build it on Token-2022 specifically because of the compliance extensions.8 PYUSD initializes six extensions, including Permanent Delegate (for fund seizure under legal order), Transfer Hook (enabled for future compliance logic), Transfer Fees (set to 0% but ready to activate), and Confidential Transfers (initialized for future use).
Sheraz Shere, GM of Payments at the Solana Foundation, explained the reasoning directly: “The Solana network’s speed and scalability make it the ideal blockchain for global financial institutions, like PayPal, to create new payment solutions that are accessible, cost-effective, and instantaneous.”8 The Token Extensions program was built in collaboration with PayPal, Visa, and Stripe — three of the largest payments companies in the world — which speaks to the institutional seriousness behind its compliance design.
Case Study: PYUSD on Solana demonstrates that Token Extensions can handle enterprise-grade compliance requirements at scale. The token settles transactions near-instantly, costs fractions of a cent per transfer, and includes permanent delegate authority that allows Paxos to respond to law enforcement orders — all without writing a single line of custom smart contract code.5
Paxos and NYDFS Regulatory Standards
Paxos, as both the issuer of PYUSD and operator of its own USDP stablecoin, applies Token Extensions to meet NYDFS regulatory standards. The NYDFS framework for virtual currency businesses requires issuers to maintain the technical ability to freeze assets under legal order and to maintain audit trails for transaction activity. Token Extensions fulfill both requirements natively, making Token-2022 a natural fit for any NYDFS-regulated digital asset issuer operating on Solana.
| Factor | Solana Token Extensions (Token-2022) | ERC-20 Custom Compliance Contracts |
|---|---|---|
| Compliance logic location | Built into the shared token program (protocol-level) | Separate smart contract per token (app-level) |
| Audit burden | Inherit Token-2022’s audits (Halborn, Trail of Bits, etc.) | Must audit each custom contract independently |
| Wallet support | Automatic for Token-2022 compatible wallets | Wallets must explicitly support each custom contract |
| KYC enforcement | Transfer Hook runs on every transfer natively | Requires custom modifier logic in token contract |
| Freeze & seize | Permanent Delegate extension (native, audited) | Custom owner/admin functions (varies by implementation) |
| Transaction speed | ~400ms finality, sub-cent fees | ~12 second finality, variable gas costs |
| Extension incompatibilities | Known and documented (e.g., Confidential + Hook) | Hidden until tested in production |
Compatibility Gotchas — What You Cannot Combine
Token Extensions are powerful, but not every extension can be paired with every other. These incompatibilities are not bugs — they are logical consequences of how the extensions work. Understanding them before you deploy prevents costly mistakes.1
The most critical incompatibility for compliance builders is between Confidential Transfers and Transfer Hook. A Transfer Hook works by calling your custom program before allowing a transfer, so the hook can inspect the transfer details. But with Confidential Transfers active, the transfer amount is encrypted — your hook program cannot see the amount, so any compliance check that depends on knowing the value (velocity limits, large-transfer alerts) becomes impossible. You must choose one or the other.
Non-Transferable tokens also conflict with any transfer-related extension (Transfer Fees, Transfer Hook) because the token is designed to never move in the first place. Enabling transfer extensions alongside Non-Transferable would add code that can never execute. Similarly, if you want to add extensions after minting, you largely cannot — the Token-2022 architecture requires extensions to be declared and initialized when the mint is created. This is a hard design constraint, not a temporary limitation.
Solana Token Extensions Compliance vs. Chialisp — A Familiar Pattern for Chia Builders
If you have spent time with Chialisp, Chia Network’s native smart coin language, the Transfer Hook extension will feel immediately familiar. In Chia, every coin is locked by a “puzzle” — a program written in Chialisp that must be satisfied before the coin can be spent. You write the conditions into the puzzle, and the network enforces them at the protocol level during every spend attempt. No coin moves unless the puzzle agrees.
Solana’s Transfer Hook and Chia’s puzzle model are solving the same fundamental problem: how do you run custom validation logic at the moment of a transaction, enforced at the protocol layer, without requiring a separate smart contract deployment? Both approaches give the issuer or developer a programmatic checkpoint inside the transaction itself — not sitting outside it as an optional layer. The key difference is architectural: Chialisp puzzles are coin-level programs that can express arbitrarily complex conditions, while Transfer Hooks are program calls that happen within the broader Token-2022 framework.
For Chia miners and developers exploring the broader blockchain landscape, this parallel is useful. The mental model you already use for Chialisp — “what conditions must be met for this coin to move?” — maps directly onto what Token Extensions are doing on Solana. The vocabulary is different, but the intent is the same: programmable, enforceable controls baked into the transaction itself. To understand how Solana’s modular approach fits alongside other Layer 0 and Layer 1 architectures, see our piece on Celestia’s modular blockchain revolution.
Conclusion
Solana Token Extensions compliance is one of the most practical answers blockchain infrastructure has produced to the question regulators keep asking: how can you run a compliant financial product on a permissionless network? Token-2022 shows the answer is not to abandon permissionlessness — it is to build permissioned controls directly into the protocol. The Transfer Hook, Permanent Delegate, Default Account State, Confidential Transfers, and Required Memo extensions give you a real compliance toolkit that is already audited, already battle-tested by PayPal and Paxos, and already supported by the wallets and tools your users are running. If you are building a regulated token on Solana, start with the compliance extensions you need, plan them before you deploy, and respect the known incompatibilities. That groundwork will save you significant rework down the road — and it will give you a product that both regulators and users can trust.
Solana Token Extensions Compliance FAQs
What is solana token extensions compliance?
Solana token extensions compliance refers to the use of built-in modules in Solana’s Token-2022 program — such as Transfer Hook, Permanent Delegate, and Default Account State — that let token issuers enforce regulatory rules like KYC, sanctions screening, and asset seizure directly at the protocol level. These tools allow regulated institutions to issue compliant digital assets on Solana without writing custom smart contracts.
Can I add solana token extensions compliance features after a token is already deployed?
No — most Token-2022 extensions, including the compliance-focused ones, must be initialized when the mint account is first created. You cannot add extensions to an existing token after deployment, which means planning your compliance architecture before launch is essential to avoid having to migrate to a new mint.
What is the difference between Transfer Hook and Permanent Delegate in Token Extensions?
Transfer Hook is a compliance gate that runs custom logic before every transfer, allowing you to check KYC status or sanctions lists and block non-compliant moves. Permanent Delegate is an authority that can burn or transfer tokens from any wallet after the fact — it is used for asset seizure in response to law enforcement orders. Both can be used together in the same token for layered compliance.
Why can’t Confidential Transfers and Transfer Hook be used together?
Confidential Transfers encrypt the amount of a transfer using zero-knowledge proofs, which means the Transfer Hook program cannot read the value being sent. Since many compliance checks — like detecting large transfers or flagging unusual amounts — require seeing the actual number, combining these two extensions creates an irreconcilable conflict, so the Token-2022 program blocks this combination.
Which real-world projects use solana token extensions compliance?
PayPal’s PYUSD stablecoin on Solana is one of the earliest and most prominent examples, using Permanent Delegate, Transfer Hook, and other extensions to meet regulatory requirements enforced by Paxos Trust Company under NYDFS oversight. Paxos also applies these same extensions to its USDP stablecoin for institutional compliance on Solana.
Solana Token Extensions Compliance Citations
- Solana Documentation — Extensions Overview
- Solana Program Library — Token-2022 Extension Guide
- Solana — Token Extensions: Permissioned Tokens on a Permissionless Network
- Solana — A Technical Deep Dive into PYUSD on Solana
- PayPal Developer Blog — A Deep Dive into PYUSD and Solana Token Extensions
- Ackee Blockchain — Solana Handbook: Token-2022
- BCAS — Solana Token Extensions and Their Legal Implications
- Solana Foundation — PayPal Announces PYUSD on Solana
- Blockworks — How Solana Hooked PayPal (Token Extensions Built with Visa and Stripe)
