Hedera
  • Welcome to Hedera — let’s build the future
  • Getting Started
    • Environment Setup
    • Web2 Developers
      • Transfer HBAR
      • Create a Token
      • Create a Topic
    • EVM Developers
      • Deploy a Contract
  • Tutorials
    • Smart Contracts
      • How to Mint & Burn an ERC-721 Token Using Hardhat and Ethers (Part 1)
      • How to Set Access Control, a Token URI, Pause, and Transfer an ERC-721 Token Using Hardhat (Part 2)
      • How to Upgrade an ERC-721 Token with OpenZeppelin UUPS Proxies and Hardhat (Part 3)
      • How to Verify a Smart Contract on HashScan
      • Deploy a Smart Contract Using Remix
      • Deploy a Smart Contract Using Hardhat and Hiero JSON-RPC Relay
      • Deploy Your First Smart Contract
      • Deploy a Contract Using the Hedera Token Service
      • Send and Receive HBAR Using Solidity Smart Contracts
      • Deploy By Leveraging Ethereum Developer Tools On Hedera
      • Deploy a Subgraph Using The Graph and Hedera JSON-RPC Relay
      • Deploy Smart Contracts on Hedera Using Truffle
      • The Power of Native Hedera Tokens as ERC-20 Tokens: A step-by-step guide
      • HTS x EVM - Part 1: How to Mint NFTs
      • HTS x EVM - Part 2: KYC & Update
      • HTS x EVM - Part 3: How to Pause, Freeze, Wipe, and Delete NFTs
      • Hedera Smart Contracts Workshop
        • Setup
        • Solidity
        • Hedera SDK JS
        • Hardhat and EthersJs
        • Outro
      • Foundry
        • How to Setup Foundry and Write a Basic Unit Test
        • How to Deploy and Verify a Hedera Smart Contract with Foundry
        • How to Test A Solidity Event
        • How to Fork Testnet on Latest Block
    • Consensus
      • Submit Your First Message
      • Submit Message to Private Topic
      • Query Messages with Mirror Node
    • Tokens
      • Create and Transfer Your First NFT
      • Create and Transfer Your First Fungible Token
      • Create and Transfer an NFT using a Solidity Contract
      • Structure Your Token Metadata Using JSON Schema V2
      • Hedera Token Service - Part 1: How to Mint NFTs
      • Hedera Token Service - Part 2: KYC, Update, and Scheduled Transactions
      • Hedera Token Service - Part 3: How to Pause, Freeze, Wipe, and Delete NFTs
      • Create Your First Frictionless Airdrop Campaign
    • Local Node
      • How to Run Hedera Local Node in a Cloud Development Environment (CDE)
        • Run a Local Node in Gitpod
        • Run a Local Node in Codespaces
      • How to Set Up a Hedera Local Node
      • Set Up a Hedera Local Node using the NPM CLI
    • More Tutorials
      • Create and Fund Your Hedera Testnet Account
      • How to Create a Personal Access Token (API Key) on the Hedera Portal
      • How to Auto-Create Hedera Accounts with HBAR and Token Transfers
      • How to Configure a Mirror Node and Query Data
      • How to Generate a Random Number on Hedera
      • Get Started with the Hedera Consensus Service Fabric Plugin
        • Virtual Environment Setup
      • Schedule Your First Transaction
      • How to Connect to Hedera Networks Over RPC
        • Configuring Hashio RPC endpoints
        • Configuring Hiero JSON-RPC Relay endpoints
        • Configuring Validation Cloud RPC endpoints
      • JavaScript Testing
      • Create a Hedera DApp Integrated with WalletConnect
      • How to Connect MetaMask to Hedera
    • Demo Applications
    • Starter Projects
    • Building on Hedera (course)
  • Networks
    • Mainnet
      • Mainnet Accounts
      • Mainnet Consensus Nodes
        • Node Requirements
          • FAQ
      • Fees
        • Transaction Records
    • Testnets
      • Testnet Accounts
      • Testnet Consensus Nodes
    • Localnet
      • Single Node Configuration
      • Multinode Configuration
    • Network Explorers and Tools
    • Release Notes
      • Consensus Node
      • Hedera Mirror Node
  • Core Concepts
    • Accounts
      • Account Creation
      • Auto Account Creation
      • Account Properties
    • Keys and Signatures
    • Schedule Transaction
    • Smart Contracts
      • Understanding Hedera's EVM Differences and Compatibility
        • For EVM Developers Migrating to Hedera
          • Accounts, Signature Verification & Keys (ECDSA vs. ED25519)
          • JSON-RPC Relay and EVM Tooling
          • Token Management with Hedera Token Service
          • Decimal Handling (8 vs. 18 Decimals)
          • Handling HBAR Transfers in Contracts
        • For Hedera-Native Developers Adding Smart Contract Functionality
          • Integrating ED25519 Accounts and Advanced Features Into Smart Contracts
          • JSON-RPC Relay and State Queries
          • Extending Token Management with Smart Contracts
      • Creating Smart Contracts
      • Compiling Smart Contracts
      • System Smart Contracts
        • Hedera Account Service
        • Hedera Schedule Service
      • Gas and Fees
      • JSON-RPC Relay
      • Deploying Smart Contracts
      • Smart Contract Addresses
      • Verifying Smart Contracts
      • Smart Contract Traceability
      • Tokens Managed by Smart Contracts
        • ERC-20 (Fungible Tokens)
        • ERC-721 (Non-Fungible Token)
        • ERC-3643 Real World Assets (RWA)
        • ERC-1363 (Payable Tokens)
        • Hedera Token Service System Contract
      • Wrapped HBAR (WHBAR)
      • Smart Contract Rent
      • Smart Contract Security
      • EVM Archive Node Queries
    • Tokens
      • Tokenization on Hedera
      • Hedera Token Service (HTS) Native Tokenization
        • Token Types and ID Formats
        • Token Properties
        • Token Creation
        • Custom Fee Schedule
        • Token Airdrops
      • ERC/EVM-Compatible Tokenization
      • Hybrid (HTS + EVM ) Tokenization
    • Staking
      • Staking Program
      • Stake HBAR
    • Hashgraph Consensus Algorithm
      • Gossip About Gossip
      • Virtual Voting
    • Transactions and Queries
      • Transaction Properties
    • State and History
    • Mirror Nodes
      • Hedera Mirror Node
      • One Click Mirror Node Deployment
      • Run Your Own Mirror Node
        • Run Your Own Mirror Node with Google Cloud Storage (GCS)
        • Run Your Mirror Node with Amazon Web Services S3 (AWS)
  • Open Source Solutions and Integrations
    • AI Studio on Hedera
      • ElizaOS Plugin for Hedera
      • Hedera AI Agent Kit
      • MCP Server
      • OpenConvAI
    • AI Tools for Developers
      • Hedera Hivemind
      • Kapa AI
    • Asset Tokenization Studio (ATS)
      • Web User Interface (UI)
      • Frequently Asked Questions (FAQs)
    • HashioDAO
      • Governance Token DAO
      • NFT DAO
      • Multisig DAO
      • DAO Proposals
      • Local Environment Setup
    • Hedera CLI
    • Hedera Contract Builder
    • Hedera Custodians Library
      • How to use it
    • Hedera Developers Code Repository
    • Hedera Developer Playground
    • Hedera Wallet Snap By MetaMask
      • Hedera Wallet Snap Documentation
      • Tutorial: MetaMask Snaps – What Are They and How to Use Them
    • Interoperability and Bridging
      • LayerZero
    • NFT Studio
      • Airdrop List Verifier
      • Metadata Validator
      • NFT Rarity Inspector
      • NFT Token Holders List Builder
      • NFT Risk Calculator
      • Token Balance Snapshot
      • Hedera NFT SDK
    • Oracle Networks
      • Chainlink Oracles
      • Pyth Oracles
      • Supra Oracles
    • Stablecoin Studio
      • Core Concepts
      • Web UI Application
      • CLI Management
      • TypeScript SDK
    • Hedera Guardian
    • Hedera WalletConnect
  • SDKs & APIs
    • SDKs
      • Build Your Hedera Client
      • Set Up Your Local Network
      • Network Address Book
      • Keys
        • Generate a new key pair
        • Import an existing key
        • Create a key list
        • Create a threshold key
        • Generate a mnemonic phrase
        • Recover keys from a mnemonic phrase
      • HBAR
      • Specialized Types
      • Pseudorandom Number Generator
      • Transactions
        • Create a Batch Transaction
        • Transaction ID
        • Modify transaction fields
        • Create an unsigned transaction
        • Manually sign a transaction
        • Submit a transaction
        • Sign a multisignature transaction
        • Get a transaction receipt
        • Get a transaction record
      • Schedule Transaction
        • Schedule ID
        • Create a schedule transaction
        • Sign a scheduled transaction
        • Delete a schedule transaction
        • Get schedule info
        • Network Response Messages
      • Queries
      • General Network Response Messages
      • Accounts and HBAR
        • Create an account
        • Update an account
        • Transfer cryptocurrency
        • Approve an allowance
        • Delete an allowance
        • Delete an account
        • Get account balance
        • Get account info
        • Network Response Messages
      • Consensus Service
        • Create a topic
        • Update a topic
        • Submit a message
        • Delete a topic
        • Get topic messages
        • Get topic info
        • Network Response
      • Token Service
        • Token ID
        • NFT ID
        • Token types
        • Create a token
        • Custom token fees
        • Update a token
        • Update token custom fees
        • Update NFT metadata
        • Transfer tokens
        • Airdrop a token
        • Claim a token
        • Cancel a token
        • Reject a token
        • Delete a token
        • Mint a token
        • Burn a token
        • Freeze an account
        • Unfreeze an account
        • Enable KYC account flag
        • Disable KYC account flag
        • Associate tokens to an account
        • Dissociate tokens from an account
        • Pause a token
        • Unpause a token
        • Wipe a token
        • Atomic swaps
        • Get account token balance
        • Get token info
        • Get NFT info
        • Network Response Messages
      • File Service
        • Create a file
        • Append to a file
        • Update a file
        • Delete a file
        • Get file contents
        • Get file info
        • Network Response Messages
      • Smart Contract Service
        • Delegate Contract ID
        • Create a smart contract
        • Update a smart contract
        • Delete a smart contract
        • Call a smart contract function
        • Ethereum transaction
        • Get a smart contract function
        • Get smart contract bytecode
        • Get smart contract info
        • Hedera Service Solidity Libraries
        • Network Response Messages
      • Signature Provider
        • Provider
        • Signer
        • Wallet
        • Local Provider
    • Mirror Node REST API
      • Accounts
      • Balances
      • Blocks
      • Schedule Transactions
      • Smart Contracts
      • Tokens
      • Topics
      • Transactions
      • Network
    • Hedera Consensus Service gRPC API
    • Hedera APIs
      • Basic Types
        • AccountAmount
        • AccountID
        • ContractID
        • CryptoAllowance
        • CurrentAndNextFeeSchedule
        • FeeComponents
        • FeeData
        • FeeSchedule
        • FileID
        • Fraction
        • HederaFunctionality
        • Key
        • KeyList
        • NftAllowance
        • NftTransfer
        • NodeAddress
        • NodeAddressBook
        • RealmID
        • ScheduleID
        • SemanticVersion
        • ServicesConfigurationList
        • ServiceEndpoint
        • Setting
        • ShardID
        • Signature
        • SignatureList
        • SignatureMap
        • SignaturePair
        • SubType
        • TransferList
        • TransactionID
        • ThresholdKey
        • ThresholdSignature
        • TokenAllowance
        • TokenBalance
        • TokenBalances
        • TokenFreezeStatus
        • TokenPauseStatus
        • TokenID
        • TokenKycStatus
        • TokenRelationship
        • TokenTransferList
        • TokenType
        • TokenSupplyType
        • TopicID
        • TransactionFeeSchedule
      • Cryptocurrency Accounts
        • CryptoService
        • CryptApproveAllowance
        • CryptoDeleteAllowance
        • CryptoCreate
        • CryptoTransfer
        • CryptoUpdate
        • CryptoDelete
        • CryptoGetAccountBalance
        • CryptoGetAccountRecords
        • CryptoGetInfo
        • CryptoGetStakers
      • Consensus Service
        • Consensus Service
        • ConsensusCreateTopic
        • ConsensusUpdateTopic
        • ConsensusSubmitMessage
        • ConsensusDeleteTopic
        • ConsensusTopicInfo
        • ConsensusGetTopicInfo
      • Schedule Service
        • ScheduleService
        • SchedulableTransactionBody
        • ScheduleCreate
        • ScheduleDelete
        • ScheduleSign
        • ScheduleGetInfo
      • Token Service
        • TokenService
        • CustomFees
          • AssessedCustomFee
          • CustomFee
          • FractionalFee
          • FixedFee
          • RoyaltyFee
        • TokenCreate
        • TokenUpdate
        • TokenFeeScheduleUpdate
        • TokenDelete
        • TokenMint
        • TokenBurn
        • TokenFreezeAccount
        • TokenUnfreezeAccount
        • TokenGrantKyc
        • TokenRevokeKyc
        • TokenAssociate
        • TokenDissociate
        • TokenWipeAccount
        • TokenPause
        • TokenUnpause
        • TokenGetInfo
        • TokenGetNftInfo
        • TokenGetNftInfos
        • TokenGetAccountNftInfo
      • File Service
        • FileService
        • FileCreate
        • FileAppend
        • FileUpdate
        • FileDelete
        • FileGetContents
        • FileGetInfo
      • Smart Contracts
        • SmartContractService
        • ContractCall
        • ContractCallLocal
        • ContractCreate
        • ContractUpdate
        • ContractDelete
        • ContractGetByteCode
        • ContractGetInfo
        • ContractGetRecords
      • Miscellaneous
        • Duration
        • ExchangeRate
        • Freeze
        • FreezeType
        • GetByKey
        • GetBySolidityID
        • NetworkGetVersionInfo
        • NetworkService
        • Query
        • QueryHeader
        • Response
        • ResponseCode
        • ResponseHeader
        • SystemDelete
        • SystemUndelete
        • TimeStamp
        • Transaction
        • TransactionBody
        • TransactionContents
        • TransactionGetFastRecord
        • TransactionGetReceipt
        • TransactionGetRecord
        • TransactionReceipt
        • TransactionRecord
        • TransactionResponse
        • UncheckedSubmit
    • Hedera Status API
  • Support & Community
    • Glossary
    • Contributing to Hedera documentation
      • Contribution Guidelines
        • Creating Issues
        • Creating Pull Requests
        • Hedera Improvement Proposal (HIP)
        • Submit Demo Applications
      • Style Guide
        • Understanding different types of documentation
        • Use of HBAR and tinybars
        • Use of web2 and web3
        • Language and grammar
        • Formatting
        • Punctuation
        • GitBook Markdown Syntax
    • Discord
    • GitHub
    • Stack Overflow
    • Hedera Blog
    • Bug Bounty
    • Hedera Help
    • Documentation Survey
    • Meetups
    • Brand Guidelines
    • Status Page
Powered by GitBook
LogoLogo

INTRODUCTION

  • Fees
  • Core Concepts
  • Network Information

TOOLS

  • Bridge
  • Oracles
  • Explorers
  • Developer Portal & Faucet

RESOURCES

  • Status
  • Bug Bounty
  • Build on Hedera (course)
  • Documentation Survey
On this page
  • Prerequisites
  • Table of Contents
  • Step 1: Project Setup
  • Step 2. Creating an NFT
  • Step 3. Minting an NFT
  • Step 4. Granting KYC
  • Step 5. Revoking KYC
  • Step 6. Transferring NFTs and Enforcing KYC
  • Step 7. Updating the KYC Key
  • Token Association in the Tests
  • Conclusion
  • Additional Resources

Was this helpful?

Edit on GitHub
  1. Tutorials
  2. Smart Contracts

HTS x EVM - Part 2: KYC & Update

PreviousHTS x EVM - Part 1: How to Mint NFTsNextHTS x EVM - Part 3: How to Pause, Freeze, Wipe, and Delete NFTs

Last updated 1 month ago

Was this helpful?

In of the series, you saw how to mint, transfer, and burn an NFT using Hedera'a EVM and . In this guide, you’ll learn the basics of how to configure / permission native Hedera Tokens via a Smart Contract. Specifically, you will learn how to:

  • Create and configure an NFT.

  • Grant and revoke a Know Your Customer (KYC) flag.

  • Update the KYC key with an Admin (to rotate compliance keys, for example)


Prerequisites

  • ECDSA account from the .

  • Basic understanding of Solidity.


Table of Contents


Step 1: Project Setup

  1. Clone the repository

git clone https://github.com/hedera-dev/hts-evm-hybrid-mint-nfts.git
cd hts-evm-hybrid-mint-nfts
  1. Install dependencies

npm install
  1. Create .env file set up environment variables

cp .env.example .env

Edit the .env file to include your Hedera Testnet account's private key. Use your ECDSA Hex Encoded Private Key when interacting with Hedera's EVM via the JSON-RPC relay.

PRIVATE_KEY=0x
  1. Run the test script

npx hardhat test test/2-KYCandUpdateNFT.ts

This script deploys and tests all of the functionality inside the KYCandUpdateNFT Smart Contract. We'll deep dive into the Smart Contract's functions and corresponding tests below!


Step 2. Creating an NFT

Function: createNFT(string memory name, string memory symbol, string memory memo)

Purpose: Deploy an HTS non-fungible token (NFT) via a Solidity contract call to HederaTokenService.createNonFungibleToken.

Key Code Snippet:

contracts/2-KYCandUpdateNFT.sol
function createNFT(
    string memory name,
    string memory symbol,
    string memory memo
) external payable onlyOwner {
    IHederaTokenService.HederaToken memory token;
    token.name = name;
    token.symbol = symbol;
    token.memo = memo;
    token.treasury = address(this);

    // 3 keys: Admin, Supply, KYC
    IHederaTokenService.TokenKey[] memory keys = new IHederaTokenService.TokenKey[](3);
    keys[0] = getSingleKey(KeyType.ADMIN, KeyValueType.CONTRACT_ID, address(this));
    keys[1] = getSingleKey(KeyType.SUPPLY, KeyValueType.CONTRACT_ID, address(this));
    keys[2] = getSingleKey(KeyType.KYC, KeyValueType.CONTRACT_ID, address(this));

    token.tokenKeys = keys;

    (int responseCode, address createdToken) = createNonFungibleToken(token);
    require(responseCode == HederaResponseCodes.SUCCESS, "Failed to create NFT");

    tokenAddress = createdToken;
    emit NFTCreated(createdToken);
}

How It Works

  1. Define Token Details – Provide name, symbol, and an optional memo.

  2. Set Keys – We generate three token keys:

    • AdminKey: Grants permission to update token-level properties later.

    • SupplyKey: Permits minting and burning of tokens.

    • KYCKey: Allows the contract (acting as the KYC authority) to grant or revoke KYC on specific accounts.

  3. Create the NFT – Call the HTS System Contract's createNonFungibleToken function from within the contract. If successful, store the resulting HTS token address in tokenAddress.

Test Implementation:

test/2-KYCandUpdateNFT.ts
it("should create an NFT", async () => {
    const createTx = await kycNftContract.createNFT(
        "KYC Test NFT",
        "KYCNFT",
        "NFT with KYC",
        {
            gasLimit: 250_000,
            value: ethers.parseEther("7") // sending HBAR needed to pay for tx fee
        }
    );

    await expect(createTx)
        .to.emit(kycNftContract, "NFTCreated")
        .withArgs(ethers.isAddress);
});

We call createNFT(...) and expect it to emit an NFTCreated event with a valid token address.


Step 3. Minting an NFT


Step 4. Granting KYC

Function: grantKYC(address account)

Purpose: Enable KYC for a specific account. If a token is configured to enforce KYC, that account must be “granted” KYC before it can receive or send the token.

Key Code Snippet:

test/2-KYCandUpdateNFT.ts
grantKYC(address account) external {
    require(tokenAddress != address(0), "Token not created yet");
    int response = grantTokenKyc(tokenAddress, account);
    require(response == HederaResponseCodes.SUCCESS, "Failed to grant KYC");
    emit KYCGranted(account);
}

Test Implementation:

test/2-KYCandUpdateNFT.ts
it("should grant KYC to account1", async () => {
    const grantKycTx = await kycNftContract.grantKYC(account1.address, {
        gasLimit: 350_000
    });

    await expect(grantKycTx)
        .to.emit(kycNftContract, "KYCGranted")
        .withArgs(account1.address);
});

Without this step, the account won’t be able to receive or transact the NFT.


Step 5. Revoking KYC

Function: revokeKYC(address account)

Purpose: Disable KYC for a specific account. After revocation, that account can no longer receive or transfer the token.

Key Code Snippet:

test/2-KYCandUpdateNFT.ts
function revokeKYC(address account) external {
    require(tokenAddress != address(0), "Token not created yet");
    int response = revokeTokenKyc(tokenAddress, account);
    require(response == HederaResponseCodes.SUCCESS, "Failed to revoke KYC");
    emit KYCRevoked(account);
}

Test Implementation:

test/2-KYCandUpdateNFT.ts
it("should revoke KYC from account1 (example)", async () => {
    const revokeTx = await kycNftContract.revokeKYC(account1.address, {
        gasLimit: 350_000
    });

    await expect(revokeTx)
        .to.emit(kycNftContract, "KYCRevoked")
        .withArgs(account1.address);
});

Step 6. Transferring NFTs and Enforcing KYC

Function: transferNFT(address receiver, uint256 serialNumber)

Purpose: Transfer an NFT from the treasury (address(this)) to another account. The receiving account must have KYC because this token has a KYC key.

Key Code Snippet:

test/2-KYCandUpdateNFT.ts
function transferNFT(address receiver, uint256 serialNumber) external {
    require(tokenAddress != address(0), "Token not created yet");
    IERC721(tokenAddress).transferFrom(address(this), receiver, serialNumber);
    emit NFTTransferred(receiver, serialNumber);
}

Test Implementation:

test/2-KYCandUpdateNFT.ts
it("should fail to transfer NFT to account without KYC", async () => {
    const serialNumber = 1n; // First minted NFT

    await expect(
        kycNftContract.transferNFT(account1.address, serialNumber, {
            gasLimit: 350_000
        })
    ).to.be.reverted;
});

it("should successfully transfer NFT to account with KYC", async () => {
    const serialNumber = 1n;

    // first, grant KYC
    const grantKycTx = await kycNftContract.grantKYC(account1.address);
    await grantKycTx.wait();

    // then transfer
    const transferTx = await kycNftContract.transferNFT(account1.address, serialNumber);
    await expect(transferTx)
        .to.emit(kycNftContract, "NFTTransferred")
        .withArgs(account1.address, serialNumber);

    // Verify ownership
    const tokenAddress = await kycNftContract.getTokenAddress();
    const nftContract = await ethers.getContractAt("IERC721", tokenAddress);
    expect(await nftContract.ownerOf(serialNumber)).to.equal(account1.address);
});

The first test expects the transfer to fail when KYC hasn’t been granted.

The second test demonstrates a successful transfer once grantKYC(...) has been called.


Step 7. Updating the KYC Key

Function: updateKYCKey(bytes memory newKYCKey)

Purpose: Change the KYC key on the token. This could be a “key rotation” to maintain compliance or to assign another entity control over KYC status.

Key Code Snippet:

function updateKYCKey(bytes memory newKYCKey) external onlyOwner {
    require(tokenAddress != address(0), "Token not created yet");

    // Create a new TokenKey array with just the KYC key
    IHederaTokenService.TokenKey[] memory keys = new IHederaTokenService.TokenKey[](1);
    keys[0] = getSingleKey(KeyType.KYC, KeyValueType.SECP256K1, newKYCKey);

    int responseCode = updateTokenKeys(tokenAddress, keys);
    require(responseCode == HederaResponseCodes.SUCCESS, "Failed to update KYC key");

    emit KYCKeyUpdated(newKYCKey);
}

Test Implementation:

test/2-KYCandUpdateNFT.ts
it("should successfully update KYC key to account1", async () => {
    const account1CompressedPublicKey = getSignerCompressedPublicKey(0);
    const updateKycTx = await kycNftContract.updateKYCKey(account1CompressedPublicKey, {
        gasLimit: 350_000
    });

    await expect(updateKycTx)
        .to.emit(kycNftContract, "KYCKeyUpdated")
        .withArgs(account1CompressedPublicKey);
});

it("should fail to grant KYC to account2 after KYC key update", async () => {
    await expect(
        kycNftContract.grantKYC(account2.address, {
            gasLimit: 350_000
        })
    ).to.be.revertedWith("Failed to grant KYC");
});

function getSignerCompressedPublicKey(
    index = 0,
    asBuffer = true,
    prune0x = true
) {
    const wallet = new ethers.Wallet(config.networks[network.name].accounts[index]);
    const cpk = prune0x
        ? wallet.signingKey.compressedPublicKey.replace('0x', '')
        : wallet.signingKey.compressedPublicKey;

    return asBuffer ? Buffer.from(cpk, 'hex') : cpk;
}

The compressedPublicKey , not the EVM address, must be passed as the address argument for the updateKeysfunction to work. The getSignerCompressedPublicKey utility function shows how you can get the compressed key using hardat and ethers.

After this key rotation, the contract's key is no longer able to perform KYC operations. In the snippet above, we immediately demonstrate that KYC attempts signed by the contract itself will revert.


Token Association in the Tests

Because we’re using a hybrid approach of EVM and the Native Hedera Token Service, you’ll see special logic to:

  • Associate the newly created token with the signers’ accounts (via TokenAssociateTransaction).

  • Fetch the signers’ Hedera account IDs from EVM addresses with AccountId.fromEvmAddress(...).

  • Use the PrivateKey.fromStringECDSA call to instantiate a Hedera client for executing SDK transactions.

test/2-KYCandUpdateNFT.ts
it("should associate NFT to account 1 and 2", async () => {
    const tokenAddress = await kycNftContract.getTokenAddress();
    const client = Client.forTestnet();

    const accountId1 = await AccountId.fromEvmAddress(0, 0, account1.address).populateAccountNum(client);
    accountId1.evmAddress = null; // ensures we use the Hedera account ID for transactions
    const privateKey = PrivateKey.fromStringECDSA(process.env.PRIVATE_KEY as string);
    client.setOperator(accountId1, privateKey);

    // Repeat for account2...
    // Then call new TokenAssociateTransaction()...
});

This is due to a nuance: In order to grant KYC to an account, it must have the token associated with it. This is the case even if the account has unlimited auto associations.


Conclusion

Using a Solidity Smart Contract on Hedera, you can replicate many of the native HTS functionalities—granting and revoking KYC, updating token keys, minting and transferring NFTs—while retaining the benefit of contract-driven logic and on-chain state. This approach may be preferable if:

  • You want advanced business logic in a self-contained contract.

  • You prefer standard Solidity patterns and tooling for your Web3 workflows.

  • You plan to modularize or integrate your token behavior with other smart contracts.


Additional Resources

Check out our GitHub repo to find the full contract and Hardhat test scripts, along with the configuration files you need to deploy and test on Hedera!

Make sure to use an ECDSA account with for the test script to run successfully.

The covered minting NFTs. Nothing's changed, but if you want a deep dive into how it's done, check it out there!

Account 1 will now be able to grant/revoke KYC .

Check out to learn more about configuring Native Tokens with Smart Contracts.

HTS x EVM - Part 1: How to Mint NFTs
using the SDK
Part 3: How to Pause, Freeze, Wipe, and Delete NFTs
HTS x EVM - Part 3: How to Pause, Freeze, Wipe, and Delete NFTs
Full Contract and Hardhat Test Scripts Repository
Part 1
Hedera Token Service (HTS) System Smart Contracts
Hedera Portal
Project Setup
Creating an NFT
Minting an NFT
Granting KYC
Revoking KYC
Transferring NFTs and Enforcing KYC
Updating the KYC Key
Conclusion
Additional Resources

Writer: Jake, Developer Relations Engineer

Editor: Michiel, Developer Relations Engineer

Editor: Krystal, Technical Writer

|

|

|

GitHub
X
GitHub
LinkedIn
GitHub
X
Unlimited Auto-Associations
previous tutorial