H33 API Documentation

The complete post-quantum authentication API. FHE biometrics, ZK proofs, quantum signatures, blockchain attestation. All in one platform, at 2,648 microseconds.

Base URL: https://api.h33.ai/v1 15 Patent Claims Pending v2.0 - February 2026
Crypto API Reference
Complete reference for Dilithium, Kyber, Falcon, BFV, CKKS, H33 ZKP Stark Lookup, and MPC endpoints.
View Crypto API Reference

Quick Start

Get started in 3 steps

1
Get API Key
Sign up for free trial (1,000 auths/mo)
2
Install SDK
SDK coming soon
3
Make First Call
Full post-quantum auth in one line
JavaScript
import { H33 } from '@h33/client'; const h33 = new H33('h33_live_xxx'); // Full post-quantum auth: ~1.28ms const result = await h33.auth.fullStack({ userId: 'user_123', biometric: faceData, mode: 'h33' // 1.28ms, NIST L1 }); console.log(result); // { // match: true, // confidence: 0.9847, // zkProof: "0x...", // quantumSignature: "0x...", // blockchainTx: "5KtP...", // latency: "218µs" // }

Authentication

All API requests require authentication using your API key in the Authorization header.

HTTP Header
Authorization: Bearer h33_live_xxxxxxxxxxxxxxxxxxxx
ℹ️
API Key Types
h33_live_* - Production keys, full access
h33_test_* - Test keys, sandbox environment (no auths consumed)

Key Management

API keys can be created, rotated, and revoked from your dashboard. We recommend:

  • Using different keys for different environments
  • Rotating keys every 90 days
  • Never committing keys to version control

Pricing & Usage

H33 uses per-auth pricing with included monthly auths. Annual plans get 2 months free (~17% off).

Starter
$349/mo
5,000 auths/mo
Pro
$899/mo
15,000 auths/mo
Business
$2,499/mo
50,000 auths/mo
Growth
$6,999/mo
175,000 auths/mo
🎁
Free Tier
1,000 auths/mo • All security levels • Full API access

Security Level Surcharges

Higher security levels add a per-auth surcharge:

Tier Surcharge Latency Description
H0 ⚠️ 1 356µs Dev/testing only (~57-bit)
H1 3 ~480µs Lightweight FHE (~86-bit)
H2 ✓ 4 removed Full FHE, deep circuits (NIST L1)
H33 ⭐ 10 1.28ms Zero exposure flagship (NIST L1)
H-256 ✓ 25 5.98ms NIST L5 + k-of-n threshold

KYC / Identity (Fixed Pricing)

Service Price Includes
KYC Basic + SBT $49 ID, Selfie, Liveness, Soulbound NFT
KYC Enhanced + SBT $79 + Proof of Address verification
AML/PEP Screening $19 Sanctions, PEP, Adverse Media
Full Bundle $99 KYC + AML + Soulbound NFT

Full Stack Auth

The flagship endpoint

One API call: biometric + FHE + ZK proof + quantum signature + blockchain. Session resume in 50µs.

1.17ms
Full Auth
50µs
Resume
420µs
Latency
POST /auth/full-stack PATENT PENDING

Complete post-quantum authentication in a single call. Combines FHE-encrypted biometric matching, zero-knowledge proof generation, quantum-resistant signature, and blockchain attestation.

1.17ms
H33 Latency
420µs
H33 Latency
99.7%
Accuracy
7 layers
Security

Request Body

Parameter Type Required Description
userId string Required Unique identifier for the user
biometric object Required Biometric data (face, voice, or fingerprint)
biometric.type string Required "face" | "voice" | "fingerprint"
biometric.data string Required Base64-encoded biometric data
mode string Optional "h0" (dev only ~57-bit) | "h1" (fast non-NIST) | "h2" (NIST L1) | "h33" (1.28ms NIST L1, default) | "h-256" (5.98ms NIST L5)
zkClaims object Optional Additional claims to include in ZK proof
blockchain object Optional Blockchain attestation options

Example Request

cURL
curl -X POST https://api.h33.ai/v1/auth/full-stack \ -H "Authorization: Bearer h33_live_xxx" \ -H "Content-Type: application/json" \ -d '{ "userId": "user_123", "biometric": { "type": "face", "data": "base64_encoded_face_data..." }, "mode": "q2", "zkClaims": { "ageOver": 18, "country": "US" }, "blockchain": { "network": "solana", "mintSbt": true } }'

Example Response

JSON
{ "success": true, "match": true, "confidence": 0.9847, "zkProof": { "proof": "0x1a2b3c...", "publicInputs": ["0x..."], "verificationKey": "0x..." }, "quantumSignature": { "algorithm": "dilithium3", "signature": "0x4d5e6f...", "publicKey": "0x..." }, "blockchain": { "network": "solana", "txHash": "5KtPn...", "sbtMint": "H33sbt..." }, "metadata": { "latency": "218µs", "mode": "q2" } }

Biometric Enroll

POST /biometric/enroll

Enroll a new biometric template. The template is encrypted using FHE before storage - we never see or store raw biometric data.

~200µs
Enroll Time
3 types
Face, Voice, Fingerprint

Request Body

Parameter Type Required Description
userId string Required Unique identifier for the user
biometric object Required Biometric data to enroll
biometric.type string Required "face" | "voice" | "fingerprint"
biometric.data string Required Base64-encoded biometric data
mode string Optional "q-dev" | "q2" | "q-256"
JavaScript
const enrollment = await h33.biometric.enroll({ userId: 'user_123', biometric: { type: 'face', data: faceImageBase64 }, mode: 'h33' // 1.28ms, NIST L1 }); // { enrollmentId: "enr_xxx", templateHash: "0x...", status: "active" }

Biometric Verify

POST /biometric/verify POPULAR

Verify a biometric sample against an enrolled template. Matching is performed entirely on encrypted data using FHE - the raw biometric never leaves your device.

1.17ms
H33 Latency
420µs
Verify Time
99.7%
Accuracy
JavaScript
const result = await h33.biometric.verify({ userId: 'user_123', biometric: { type: 'face', data: currentFaceBase64 }, mode: 'h33' // 1.28ms, NIST L1 }); // { match: true, confidence: 0.9847, latency: "218µs" }

FHE Encryption

POST /fhe/encrypt

Encrypt data using Fully Homomorphic Encryption. Encrypted data can be processed without decryption, enabling privacy-preserving computation.

150µs
Encrypt Latency

FHE Modes

Mode Latency Parameter N Use Case
H0 356µs N=1,024 Dev/testing only (~57-bit)
H1 ~480µs N=2,048 Fast non-NIST (~85-bit)
H2 removed N=4,096 Deep circuits (128-bit NIST L1)
H33 1.28ms N=4,096 Production default (128-bit NIST L1)
H-256 5.98ms N=16,384 Max security (256-bit NIST L5)
JavaScript
const encrypted = await h33.fhe.encrypt({ data: sensitiveData, mode: 'h33' // 1.28ms, NIST L1, scheme: 'bfv' // or 'ckks' for floating point }); // { ciphertext: "0x...", publicKey: "0x...", metadata: {...} }

FHE Compute

POST /fhe/compute

Perform computations on encrypted data. Supports addition, multiplication, comparison, and custom operations without ever decrypting.

JavaScript
// Compare encrypted biometric templates const result = await h33.fhe.compute({ operation: 'euclidean_distance', inputs: [encryptedTemplate1, encryptedTemplate2], mode: 'h33' // 1.28ms, NIST L1 }); // Result is still encrypted - decrypt on client side

Zero-Knowledge Proofs

POST /zkp/prove

Generate a zero-knowledge proof. Prove statements about your data without revealing the data itself. Uses H33 ZKP Stark Lookup — Circle STARK, M31 field, Poseidon2 hash, post-quantum safe, no trusted setup.

1.17ms
Cached Circuit
~1ms
Prove Time

Supported Proof Types

Scheme Proof Size Verify Time Notes
H33 ZKP Stark Lookup (Production) ~180KB 2.09ns (cached) Production auth ZK. Circle STARK, M31 field, Poseidon2 hash, PQ-safe
KZG ~200 bytes ~3ms Biometric ZKP commitment scheme
IPA ~1KB ~10ms No trusted setup, biometric ZKP
JavaScript
// Prove user is over 18 without revealing DOB const proof = await h33.zkp.prove({ circuit: 'age_verification', privateInputs: { dateOfBirth: '1990-05-15' }, publicInputs: { minAge: 18, currentDate: '2026-01-26' }, scheme: 'stark' }); // { proof: "0x...", publicInputs: [...], verified: true }
POST /zkp/verify

Verify a zero-knowledge proof. Returns true if the proof is valid for the given public inputs and verification key.

~3ms
Verify Time
~3ms
Verify Time
JavaScript
const isValid = await h33.zkp.verify({ proof: proofFromUser, publicInputs: expectedPublicInputs, verificationKey: circuitVK }); // { valid: true, timestamp: "2026-01-26T..." }

Quantum Signatures

NIST FIPS 203/204 compliant post-quantum digital signatures. Resistant to attacks from both classical and quantum computers.

🔐
Algorithms Supported
CRYSTALS-Dilithium - Primary (FIPS 204)
CRYSTALS-Kyber - Key encapsulation (FIPS 203)
FALCON - Compact signatures
POST /quantum/sign

Sign data using a quantum-resistant algorithm. Default: Dilithium3 (NIST security Level 3).

45µs
Sign Time
36.9µs
Verify Time
JavaScript
// Generate quantum-resistant key pair const keys = await h33.quantum.generateKeyPair({ algorithm: 'dilithium3' }); // Sign data const signature = await h33.quantum.sign({ data: messageToSign, privateKey: keys.privateKey, algorithm: 'dilithium3' }); // Verify signature const valid = await h33.quantum.verify({ data: messageToSign, signature: signature, publicKey: keys.publicKey });

Blockchain Attestation

POST /blockchain/attest

Create an immutable attestation record on Solana. Perfect for audit trails, compliance records, and tamper-proof logging.

~400ms
Confirmation
JavaScript
const attestation = await h33.blockchain.attest({ data: { userId: 'user_123', action: 'kyc_verified', timestamp: Date.now() }, network: 'solana', compress: true // ZK-compressed (5000x less expensive) }); // { txHash: "5KtPn...", slot: 123456789, explorer: "https://..." }
POST /blockchain/mint-sbt

Mint a Soulbound Token (non-transferable NFT) representing verified identity credentials. Included with KYC packages.

JavaScript
const sbt = await h33.blockchain.mintSbt({ userId: 'user_123', walletAddress: 'Gh9ZwE...', credentials: { kycLevel: 'enhanced', verifiedAt: '2026-01-26', expiresAt: '2027-01-26' } }); // { mint: "H33sbt...", metadata: "https://...", txHash: "..." }

KYC Verification

POST /kyc/verify

Complete KYC verification with FHE-encrypted biometrics, ZK proofs, and blockchain attestation. Includes Soulbound NFT minting.

Pricing

Package Price Includes
KYC Basic + SBT $49 ID + Selfie + Liveness + Soulbound NFT
KYC Enhanced + SBT $79 Basic + Proof of Address
Full Bundle $99 Enhanced KYC + AML + Soulbound NFT
JavaScript
const kyc = await h33.kyc.verify({ userId: 'user_123', package: 'full_bundle', // $99 documents: { idFront: idFrontBase64, idBack: idBackBase64, selfie: selfieBase64, proofOfAddress: pobBase64 }, walletAddress: 'Gh9ZwE...' // For SBT mint }); // { // status: "verified", // level: "enhanced", // amlClear: true, // zkProof: "0x...", // sbtMint: "H33sbt..." // }

Continuous Authentication

WS /auth/continuous PATENT PENDING

Real-time continuous authentication using multi-modal behavioral biometrics. LSTM-based temporal modeling of keystroke, mouse, face, and voice patterns.

99.2%
Attack Detection
94.7%
User Accuracy
4 modalities
Fusion
JavaScript
const session = await h33.auth.continuousSession({ userId: 'user_123', modalities: ['keystroke', 'mouse', 'face'], sensitivity: 'high' }); // Stream behavioral data session.on('keystroke', (event) => { session.send({ type: 'keystroke', ...event }); }); // Receive confidence updates session.on('confidence', ({ score, anomaly }) => { if (score < 0.7) triggerReauth(); });

Invisible Authentication

POST /auth/invisible PATENT PENDING

Zero-transmission authentication. No codes displayed on screen. Authentication keys are hardware-secured and never transmitted over the network.

⚠️
Requires Client SDK
Invisible auth requires the H33 client SDK with secure enclave access (iOS Secure Enclave, Android StrongBox, or TPM).
JavaScript
// Initialize invisible auth (one-time setup) const registration = await h33.auth.invisibleRegister({ userId: 'user_123', deviceId: deviceFingerprint }); // Authenticate (no visible codes) const auth = await h33.auth.invisible({ userId: 'user_123', challenge: serverChallenge }); // { authenticated: true, zkProof: "0x...", timestamp: ... }

Estate Fraud Detection

POST /fraud/estate/analyze PATENT PENDING

Detect behavioral anomalies indicating potential estate fraud. Analyzes shifts from deceased user baselines and detects beneficiary collusion patterns. Generates court-admissible evidence packages.

JavaScript
const analysis = await h33.fraud.estateAnalyze({ accountId: 'account_123', deceasedUserId: 'user_456', suspectedActivity: recentTransactions, generateEvidence: true }); // { // fraudProbability: 0.94, // behavioralShift: { magnitude: 0.87, indicators: [...] }, // collusionDetected: true, // evidencePackage: { hash: "0x...", courtAdmissible: true } // }

Bundled Services

High-performance bundled endpoints using h33_fhe and h33_stark internally—our fastest, most secure implementations.

Auth Complete

Full authentication flow in a single call. Biometric + FHE + ZK proof + quantum signature.

1.28ms
Latency
1 auth
Per Call
POST /h33/auth/complete NEW

Complete authentication in one call. Uses h33_fhe for encryption and h33_stark for proof generation. Returns verified identity with quantum-resistant signatures.

Request Body

JSON
{ "user_id": "user_123", "biometric": "base64_encoded_data", "options": { "include_zk_proof": true, "include_signature": true } }

Response

JSON
{ "success": true, "verified": true, "confidence": 0.9847, "zk_proof": "...", "signature": "...", "latency_us": 220 }

Encrypt and Prove

POST /h33/encrypt-and-prove NEW

FHE encryption with ZK proof in one call. Encrypts data using h33_fhe and generates a H33 ZKP Stark Lookup proof of correct encryption. 2.0µs (async) prove, 2.09ns (cached) verify, ~180KB proof.

180µs
Latency
h33_fhe
Encryption
h33_stark
Proof

Request Body

JSON
{ "plaintext": "data_to_encrypt", "public_key": "...", "proof_type": "stark" }

Response

JSON
{ "ciphertext": "...", "proof": "...", "proof_valid": true, "latency_us": 180 }

Secure Compute

POST /h33/secure-compute NEW

FHE computation with correctness proof. Performs operations on encrypted data and generates a H33 ZKP Stark Lookup proof that the computation was performed correctly.

250µs
Latency
Verifiable
Computation

Request Body

JSON
{ "operation": "add", "ciphertext_a": "...", "ciphertext_b": "...", "generate_proof": true }

Response

JSON
{ "result": "...", "correctness_proof": "...", "proof_verified": true, "latency_us": 250 }

Key Ceremony

POST /h33/key-ceremony NEW

Multi-party key generation ceremony. Securely generates shared keys across multiple participants using MPC protocols with quantum-resistant algorithms.

500µs
Per Party
N-of-M
Threshold

Request Body

JSON
{ "ceremony_id": "ceremony_abc123", "participants": 5, "threshold": 3, "algorithm": "dilithium" }

Response

JSON
{ "ceremony_id": "ceremony_abc123", "status": "initialized", "public_key": "...", "participant_shares": ["..."], "latency_us": 2500 }

SDK Initialization

POST /h33/sdk/init NEW

Initialize the H33 SDK with your configuration. Returns optimized settings and pre-computed parameters for subsequent API calls.

Request Body

JSON
{ "api_key": "h33_live_xxx", "environment": "production", "features": ["fhe", "zkp", "quantum"] }

Response

JSON
{ "initialized": true, "session_id": "sess_xxx", "endpoints": { "auth": "/h33/auth/complete", "encrypt": "/h33/encrypt-and-prove", "compute": "/h33/secure-compute" }, "rate_limit": 10000 }

Bundled Status

GET /h33/bundled/status NEW

Health check for bundled services. Returns status of h33_fhe, h33_stark, and all bundled endpoint availability.

Response

JSON
{ "status": "healthy", "services": { "h33_fhe": "operational", "h33_stark": "operational", "auth_complete": "operational", "encrypt_prove": "operational", "secure_compute": "operational", "key_ceremony": "operational" }, "latency_p99_us": 320, "uptime": "99.99%" }

Error Codes

All API errors return a consistent JSON structure with an error code and message.

Error Response
{ "error": { "code": "QUOTA_EXCEEDED", "message": "Monthly auth quota exceeded", "details": { "used": 5000, "limit": 5000 } } }
Code HTTP Description
INVALID_API_KEY 401 API key is missing, invalid, or revoked
QUOTA_EXCEEDED 429 Monthly auth quota exceeded
RATE_LIMITED 429 Too many requests, slow down
INVALID_BIOMETRIC 400 Biometric data is malformed or unreadable
USER_NOT_ENROLLED 404 No biometric template found for user
VERIFICATION_FAILED 200 Biometric match failed (not an error)
CIRCUIT_NOT_FOUND 404 ZK circuit ID not found
PROOF_INVALID 400 ZK proof verification failed
BLOCKCHAIN_ERROR 502 Blockchain network error

Rate Limits

Rate limits vary by tier and are applied per API key.

Tier Requests/sec Requests/day Burst
Trial 10 1,000 20
Starter 50 50,000 100
Growth 100 100,000 200
Business 500 500,000 1,000
Scale+ 1,000 Unlimited 2,000
ℹ️
Rate Limit Headers
X-RateLimit-Limit - Maximum requests allowed
X-RateLimit-Remaining - Requests remaining
X-RateLimit-Reset - Unix timestamp when limit resets

SDKs & Libraries

Official client libraries with TypeScript definitions, async/await support, and automatic retries.

Installation
# Python pip install h33 # Go go get github.com/h33-ai/h33-go # Rust cargo add h33 # React Native npm install @h33/react-native

SDK Features

  • Full TypeScript definitions
  • Automatic retry with exponential backoff
  • Request/response logging
  • Webhook signature verification
  • Secure enclave integration (mobile)
  • Biometric capture helpers