How enforcement works

Compliance

Every registered model has a compliance state. Commercial users flow through the same lifecycle as they submit reports and pay out quarterly. OMLA publishes the blacklist each quarter as signed JSON.

State machine

How are transitions triggered?

Transitions fire in two places:

Weekly cron — the compliance-tick Edge Function calls tick_compliance(), which advances every model based on its recent reports and payments.
Event triggers — inserting a complaint row moves the target model to UNDER_REVIEW immediately (not waiting for the weekly cron).

Transitions are deterministic and idempotent: running the tick twice in a row produces the same result. You can see every historical transition in the audit_log table.

Reverse transitions happen too: a DELINQUENT model that pays up lands back in COMPLIANT on the next tick. UNDER_REVIEW rolls back to the previous state when the complaint resolves.

REGISTERED REPORTING (first usage report received)

REPORTING COMPLIANT (payment verified)

REPORTING DELINQUENT (missed quarterly deadline — 30 days past end)

DELINQUENT BLACKLISTED (90 days delinquent without resolution)

Complaint & appeal process

What actually happens to my payouts while under review?

While a complaint is open:

The disputed wallet's share of incoming royalties is held — not paid out and not lost.
Flow-through to other recipients continues normally. A complaint about one creator doesn't punish the rest.
The model's public registry page shows the UNDER_REVIEW badge so downstream users can see something is contested.

Outcomes:

Resolved in holder's favour — accumulated balance pays out on the next quarterly cycle.
Resolved against holder — wallet deactivated; balance either refunded to the commercial user, redistributed per board decision, or held pending legal process.

Who may file: anyone. No account required.
24-hour notice: OMLA attempts to notify the wallet holder within 24 hours of a valid complaint.
Response window: 24 hours for the holder to respond with documentation.
Non-payable wallets: share set to 0% until restored; flow-through to other recipients continues.
Appeals: reviewed within 7 days (extendable by written notice). Reinstatement is prospective; catch-up only when legally required.
Blacklisting: published quarterly; misuse or willful non-payment may trigger inclusion.

File a complaint →

Quarterly blacklist

How do consumers verify the blacklist is authentic?

Every quarterly blacklist JSON is signed with OMLA's association-level Ed25519 key. The signature is a separate field inside the same document.

To verify, a consumer fetches /api/blacklist.json, removes the signature field, and verifies against the OMLA public key shipped in config.js as omlaSigningPublicKey.

Current state: the published JSON ships a literal UNSIGNED_PLACEHOLDER signature until the association signing key is generated and published. Do not enforce against it yet.

A signed JSON file is published each quarter at /api/blacklist.json. This is the authoritative list that payment processors and SDKs should consult.

View current blacklist JSON

Data & privacy

Private data is retained in the country of origin and released only under lawful subpoena or equivalent. OMLA does not host model files or mediate IP ownership disputes — those go through normal legal channels. See Legal for details.