H33 FAQ

H33 is a privacy-preserving authentication platform that combines Fully Homomorphic Encryption (FHE), STARK zero-knowledge proofs, and post-quantum cryptography (Dilithium, Kyber) into a single API call. Biometric templates are encrypted client-side and processed entirely on encrypted data using FHE—our servers never see raw biometric information at any stage. The entire pipeline achieves 2,209,429 sustained authentications per second on production hardware.

H33 serves any organization that needs high-security identity verification with privacy guarantees:

• Enterprises requiring cryptographically enforced identity verification
• Financial institutions needing KYC/AML compliance without storing sensitive PII
• Healthcare organizations protecting patient identity under HIPAA
• Government agencies requiring post-quantum secure citizen authentication
• Web3 projects needing Sybil-resistant identity and on-chain proof verification

Traditional identity systems decrypt data for processing, creating vulnerability windows. H33 is fundamentally different:

• FHE-encrypted biometrics: Templates are encrypted on your device and matched using Fully Homomorphic Encryption—our servers compute distance metrics on encrypted data without ever decrypting it
• Zero-knowledge proofs: STARK proofs verify authentication results to third parties without revealing any underlying data
• Post-quantum security: Every component—FHE (lattice-based), ZKP (SHA3-256), and attestation (Dilithium)—is resistant to quantum computer attacks
• Single API call: FHE + ZKP + Dilithium attestation all execute in one request, completing in ~35.25 microseconds per auth

H33 uses a hybrid architecture. Core cryptographic operations (FHE, ZKP, Dilithium attestation) execute on high-performance cloud infrastructure for speed. Identity proofs can be anchored on the Solana blockchain via Soulbound NFTs for immutability and user control. This gives you the benefits of decentralization—user ownership, censorship resistance, on-chain verifiability—with enterprise-grade throughput exceeding 2 million authentications per second.

H33 stores FHE-encrypted ciphertexts and cryptographic commitments—never raw data. We do not store your actual biometrics, government IDs, or personal information in plaintext. Biometric templates exist only as encrypted ciphertexts that cannot be decrypted without the secret key. Even if our storage were fully compromised, attackers would find only mathematically meaningless encrypted values.

Getting started takes minutes:

• Get an API key: Sign up at h33.ai/pricing (free tier includes 500 auths/month)
• Integrate: Call the REST API or install an SDK (JavaScript, Python, Rust, Go)
• Enroll users: Use the /enroll endpoint to register encrypted biometric templates
• Verify: Use the /verify endpoint to authenticate—FHE + ZKP + Dilithium execute in a single call

Full documentation is available at h33.ai/docs.

Absolutely. H33 is a standard REST API—you authenticate with a Bearer token and make HTTP requests. No wallets, gas fees, or blockchain interaction required for core authentication. The optional Solana integration (Soulbound NFTs, on-chain proofs) is available for Web3 use cases but is not required. Most customers use H33 purely as a cryptographic authentication API.

Account recovery depends on your integration model:

• API customers: API keys can be regenerated via your dashboard or by contacting support@h33.ai
• Biometric recovery: If biometric enrollment is used, your unique biometric signature lets you re-authenticate and regain access from any device
• Web3 users: Biometric-based recovery can migrate your identity to a new wallet without seed phrases

Enterprise customers have dedicated support channels for account recovery.

Yes. H33 is available globally via our API. Our privacy-preserving architecture is designed to comply with GDPR, CCPA, BIPA, and other privacy regulations since we never store raw biometric data—only FHE-encrypted ciphertexts. Enterprise customers can request geo-fenced infrastructure for data residency requirements. Some features may have regional availability based on local compliance requirements.

You can reach our team via:

• Email: support@h33.ai
• Documentation: h33.ai/docs
• Enterprise customers: Dedicated Slack channel and priority support
• Security issues: security@h33.ai (PGP key available on our website)

H33 maintains a rigorous security posture validated by 2,342 unit tests plus 300,000 proptest iterations, formal verification via the Kani model checker, and three native Rust AI security agents running in real time. SOC 2 (In Progress) certification is in progress and applies to all paid tiers. Our 7-layer defense-in-depth architecture spans network, authentication, authorization, application, cryptographic, execution, and data protection layers.

Defense-in-depth means multiple independent security layers so that a breach of one layer does not compromise the system. H33 implements 7 layers:

• Layer 1: Network perimeter (TLS 1.3, mTLS, CloudFront CDN)
• Layer 2: Authentication (API key + Bearer token validation)
• Layer 3: Authorization (RBAC, per-tenant isolation)
• Layer 4: Application security (input validation, rate limiting)
• Layer 5: Cryptographic layer (FHE, STARK ZKP, Dilithium/Kyber PQC)
• Layer 6: AI threat detection (3 native Rust agents monitoring in real time)
• Layer 7: Data protection (encryption at rest, key rotation, FHE ciphertexts)

Formal verification uses mathematical proofs to guarantee code correctness for ALL possible inputs, not just tested cases. H33 uses the Kani model checker to formally verify critical properties including memory safety, cryptographic bounds, NTT transform invertibility, and noise budget invariants. This provides mathematical certainty that our FHE and cryptographic operations are correct—a stronger guarantee than testing alone can ever provide.

H33 undergoes continuous automated security auditing via cargo-audit, cargo-deny, cargo-geiger, and Trivy scanning. We maintain zero critical/high vulnerabilities. SOC 2 (In Progress) certification is actively in progress and applies to all paid tiers. Third-party cryptologist review of our FHE and ZKP implementations is planned. All security reports are available to enterprise customers under NDA.

Even in a total server compromise, your identity remains protected because:

• No raw biometrics: We store only FHE-encrypted ciphertexts that cannot be decrypted without the secret key
• ZKP privacy: Zero-knowledge proofs reveal nothing about the underlying data they attest to
• Post-quantum signatures: Dilithium attestations are bound to specific sessions and cannot be replayed
• Key isolation: Secret keys are never co-located with encrypted data in production

A TEE is a secure area of the processor that runs code in isolation from the operating system and other software. Even if the host machine is compromised, code inside the TEE cannot be inspected or tampered with. H33 supports TEE-based processing for high-security scenarios where additional hardware isolation is required beyond our standard FHE-based protection.

H33 employs a multi-layered key management approach:

• FHE keys: Generated per-tenant; public keys used for encryption, secret keys for decryption
• Dilithium keys: Used for post-quantum digital signatures on attestation proofs
• Kyber keys: Used for post-quantum key encapsulation during secure channel establishment
• Rotation: Keys are rotated on a scheduled basis with backward-compatible decryption
• Isolation: AWS Secrets Manager + encrypted environment variables; no keys in source code

Our security testing pipeline includes:

• 2,342 unit tests covering all cryptographic modules
• 300,000 proptest iterations for property-based fuzz testing
• Kani formal verification for mathematical correctness proofs
• cargo-audit: CVE database scanning on every build
• cargo-deny: License and dependency policy compliance
• cargo-geiger: Unsafe code tracking and minimization
• Trivy: Container vulnerability scanning

We operate a coordinated disclosure policy. Please report vulnerabilities to security@h33.ai using our PGP key (available on our website). We acknowledge all valid reports within 24 hours and work with researchers to fix issues before public disclosure. We do not pursue legal action against good-faith security researchers.

H33 runs three native Rust AI agents in real time within the authentication pipeline:

• Harvest Detection (0.69µs): Detects "harvest now, decrypt later" surveillance patterns and anomalous data collection behavior
• Side-Channel Agent (1.14µs): Monitors for timing attacks, power analysis, and other side-channel exploitation attempts
• Crypto Health Agent (0.52µs): Continuously validates cryptographic parameter health, noise budgets, and key entropy

All three agents add less than 2.4 microseconds total overhead and are included on all plans.

Fully Homomorphic Encryption (FHE) is considered the "holy grail" of cryptography. It allows computation on encrypted data without ever decrypting it. The encrypted result, when decrypted, matches what you would get from computing on the original plaintext. This means biometrics, medical records, and financial data can be processed while remaining encrypted the entire time—even the server performing the computation never sees the raw data.

H33 implements two primary FHE schemes, each optimized for different workloads:

• BFV (Brakerski-Fan-Vercauteren): Exact integer arithmetic on encrypted data. Used for biometric template matching, distance calculations, and inner products. Production engine at N=4096, t=65537.
• CKKS (Cheon-Kim-Kim-Song): Approximate arithmetic on encrypted real/complex numbers with SIMD batching. Used for ML inference, similarity scoring, and feature extraction on encrypted data.

Both are built from scratch in Rust with zero external FHE dependencies.

H33 v11.0 benchmarks on AWS Graviton4 (c8g.metal-48xl, March 2026):

• FHE batch encrypt (32 users): 937µs
• Per-auth FHE cost: ~29µs
• Full pipeline (FHE + ZKP + Dilithium): 1,128µs per 32-user batch
• 23.6× faster than Microsoft SEAL on BFV encrypt at the same N=4096 parameters

Note: The SEAL comparison covers FHE encryption only. H33's pipeline includes FHE plus real STARK proofs plus Dilithium attestation—and is still faster than SEAL doing FHE alone. See h33.ai/benchmarks for methodology.

SIMD (Single Instruction, Multiple Data) batching packs multiple plaintext values into a single ciphertext using the Chinese Remainder Theorem (CRT). H33 uses this to process 32 users per ciphertext: 4,096 polynomial slots divided by 128 biometric dimensions = 32 user slots. This means one FHE operation simultaneously processes 32 users at essentially the same cost as processing one, providing a massive throughput multiplier. Template storage drops from ~32MB to ~256KB per user (128× reduction).

On BFV encrypt at the same N=4096 parameters, H33 is 23.6× faster than Microsoft SEAL. This advantage comes from H33's Montgomery NTT with Harvey lazy reduction, pre-NTT public keys at keygen, batch CBD sampling, and NEON-accelerated Galois operations. Important caveat: SEAL is a general-purpose FHE library providing FHE only. H33 is a purpose-built authentication engine that includes FHE + real STARK proofs + Dilithium attestation in one pipeline. The comparison reflects FHE encrypt performance specifically.

BFV (Brakerski-Fan-Vercauteren) is an FHE scheme based on the Ring Learning With Errors (RLWE) problem. It performs exact integer arithmetic on encrypted data—critical for security-sensitive comparisons where approximation is unacceptable. H33 uses BFV with parameters N=4096, a single 56-bit modulus Q, and plaintext modulus t=65537 (the H33-128 configuration). Key optimizations include Montgomery-form NTT twiddles, NTT-domain ciphertext operations, and formally verified noise bounds via Kani.

CKKS (Cheon-Kim-Kim-Song) enables approximate arithmetic on encrypted real and complex numbers. Unlike BFV which handles exact integers, CKKS encodes floating-point values and supports rescaling to manage precision. H33 uses CKKS for ML inference on encrypted features, similarity scoring, and batch operations where slight approximation is acceptable. Our CKKS engine supports encode/decode for real and complex vectors, SIMD-style batching, and is documented at h33.ai/h33-ckks.

Yes. H33's CKKS engine supports the operations needed for ML inference on encrypted data: addition, multiplication, rotation, and rescaling. You can run linear layers, polynomial activations, and inner products on CKKS-encrypted feature vectors without decrypting them. This enables privacy-preserving ML where the model processes encrypted inputs and produces encrypted outputs—the compute provider never sees the data. BFV can also be used for integer-based ML operations (decision trees, lookup-based models).

H33-FHE-IQ is our automatic FHE parameter selection engine. Given your security level, performance budget, and operation type, FHE-IQ selects the optimal scheme (BFV or CKKS), polynomial degree (N), modulus chain, and plaintext modulus. It eliminates the need for deep FHE expertise—you describe your workload and FHE-IQ configures the engine. This is particularly useful for teams new to FHE who want production-grade parameters without manual tuning.

H33's FHE engines are proprietary, built from scratch in Rust with zero external FHE dependencies. This gives us full control over optimization, security auditing, and performance tuning. The engines are formally verified using Kani and validated against Known Answer Test (KAT) vectors. We publish detailed benchmarks, white papers, and API documentation so customers can evaluate our claims independently. Enterprise customers can request source code review under NDA.

A zero-knowledge proof (ZKP) lets you prove something is true without revealing any information about WHY it is true. For example, you can prove you are over 21 without revealing your actual birthdate, or prove you are a verified user without revealing your name. H33 uses ZKPs to prove that an FHE-encrypted biometric match succeeded, so third parties can trust the result without ever seeing the biometric data.

H33 uses native STARK proofs (Scalable Transparent Arguments of Knowledge) with SHA3-256 hashing. STARKs are post-quantum secure because they rely on hash function collision resistance rather than elliptic curve assumptions. They require no trusted setup—security comes entirely from the hash function. H33's STARK implementation is proprietary, built from scratch in Rust, and optimized for the authentication pipeline.

H33 v11.0 STARK performance:

• Full proof generation: 68ms
• Full proof verification: 14ms
• Cached lookup (DashMap): 0.059µs (1.159µs including overhead)
• In-pipeline ZKP step: 0.059µs per batch (using in-process DashMap cache)

The in-process DashMap cache provides 44× faster lookups than raw STARK verification by caching previously computed proofs. First-time proofs take 68ms; returning users verify in under 1.2 microseconds.

A ZKP lookup table (also called a plookup) allows the proof system to efficiently verify that a value belongs to a pre-computed set. H33 uses STARK-based lookup tables to verify that authentication results fall within valid ranges without recomputing the full proof each time. This is the mechanism behind our sub-microsecond cached ZKP verification—once a proof is generated and cached, subsequent verifications are simple table lookups at 0.059µs.

H33 uses an in-process DashMap (concurrent hash map) for ZKP caching in single-instance deployments. This eliminates network overhead entirely—lookups complete in 0.059µs compared to 14ms for full verification (237× speedup). We tested TCP-based caching (Cachee RESP proxy) at 96 workers and found it caused an 11× throughput regression due to connection serialization. The in-process DashMap is the production default. For multi-container distributed deployments, Cachee provides shared caching across instances.

The key differences are:

• Trusted setup: SNARKs (like Groth16) require a trusted setup ceremony. STARKs do not—they are "transparent"
• Post-quantum security: STARKs are based on hash functions (quantum-resistant). Most SNARKs rely on elliptic curves (vulnerable to quantum attacks)
• Proof size: SNARK proofs are smaller (~200 bytes). STARK proofs are larger but still practical
• Verification speed: SNARKs verify faster on-chain. STARKs verify faster off-chain with caching

H33 chose STARKs because post-quantum security and no trusted setup are critical for an identity platform.

Yes. H33's STARK proofs use SHA3-256 hashing, which is inherently resistant to quantum computer attacks. Unlike elliptic curve-based proof systems (Groth16, PLONK), there are no algebraic structures that Shor's algorithm can exploit. Combined with Dilithium signatures (lattice-based, NIST FIPS 204) for attestation, the entire ZKP verification and attestation pipeline is fully post-quantum secure.

H33's ZKP system can prove:

• Identity: Prove you are a verified user without revealing personal data
• Biometric match: Prove your biometrics match an enrolled template without exposing the biometrics
• Attributes: Prove age, citizenship, credentials, or KYC status without revealing details
• Uniqueness: Prove you are a unique human for Sybil resistance
• Eligibility: Prove you meet criteria (age > 18, accredited investor, etc.) without disclosing specifics

In H33's single-API-call pipeline, ZKP verification is the second stage:

• Stage 1 — FHE Batch: BFV inner product on encrypted biometric data (937µs for 32 users)
• Stage 2 — ZKP: In-process DashMap lookup verifies the cached STARK proof (0.059µs)
• Stage 3 — Attestation: SHA3 prefix + Dilithium sign+verify produces a post-quantum attestation (189µs)

The ZKP stage adds essentially zero latency to the pipeline thanks to DashMap caching. First-time proofs are pre-generated during enrollment.

The ZK eligibility check allows applications to verify that a user meets specific criteria without learning anything beyond the yes/no result. For example, a financial application can verify "this user is an accredited investor" without learning their net worth, income, or identity. H33 generates a STARK proof attesting to the eligibility criterion, which the application verifies. The proof is reusable and can be presented to multiple verifiers without re-computation.

Post-quantum cryptography (PQC) refers to cryptographic algorithms designed to resist attacks from quantum computers. Current widely-deployed encryption (RSA, ECC) can be broken by sufficiently powerful quantum computers using Shor's algorithm. PQC algorithms are based on mathematical problems—such as lattice problems—that remain hard even for quantum computers. NIST finalized the first PQC standards in 2024 (FIPS 203, FIPS 204), and H33 implements both.

Estimates range from 10 to 30 years for cryptographically-relevant quantum computers, but the exact timeline is uncertain. The critical threat is "harvest now, decrypt later"—adversaries can record encrypted data today and decrypt it once quantum computers exist. Identity data, biometric templates, and authentication secrets have long-term value. NIST, NSA, and CISA all recommend migrating to PQC now. H33 implements PQC today to protect data that needs to remain secure for decades.

H33 implements both NIST-standardized PQC algorithms:

• FIPS 203 — ML-KEM (Kyber): Module Lattice-based Key Encapsulation Mechanism for secure key exchange
• FIPS 204 — ML-DSA (Dilithium): Module Lattice-based Digital Signature Algorithm for authentication attestation

Additionally, H33's STARK ZKPs use SHA3-256 (NIST FIPS 202), which is inherently quantum-resistant. The entire authentication pipeline—FHE (lattice-based), ZKP (hash-based), and attestation (lattice-based)—is fully post-quantum secure.

ML-KEM (Module Lattice-based Key Encapsulation Mechanism), previously known as CRYSTALS-Kyber, is a NIST-standardized algorithm (FIPS 203) for establishing shared secret keys over insecure channels. H33 uses Kyber-768 which provides 128-bit security against both classical and quantum attacks. It replaces traditional key exchange mechanisms like ECDH that would be vulnerable to quantum computers. H33 uses Kyber for secure channel establishment and hybrid key exchange.

ML-DSA (Module Lattice-based Digital Signature Algorithm), previously known as CRYSTALS-Dilithium, is a NIST-standardized digital signature scheme (FIPS 204). H33 uses Dilithium in the attestation stage of the authentication pipeline—after FHE matching and ZKP verification, a Dilithium signature is generated to create a post-quantum attestation proof. In v11.0, the Dilithium sign+verify step takes 189µs per 32-user batch (batch attestation: one signature covers all 32 users).

H33's triple-key architecture layers three independent cryptographic systems:

• Key 1 — FHE (lattice-based): Encrypts and processes biometric data homomorphically
• Key 2 — Kyber (lattice-based): Establishes secure channels via post-quantum key encapsulation
• Key 3 — Dilithium (lattice-based): Signs attestation proofs with post-quantum digital signatures

An attacker would need to break all three independent systems simultaneously. Each uses different lattice problem instantiations, providing defense-in-depth at the cryptographic layer.

Hybrid key exchange combines classical and post-quantum algorithms so that security is maintained even if one algorithm is unexpectedly broken. H33 supports hybrid mode where key exchange uses both X25519 (classical elliptic curve) and Kyber-768 (post-quantum lattice). The shared secret is derived from both algorithms—an attacker must break BOTH to compromise the channel. This provides backward compatibility with classical security while adding quantum resistance.

Yes. H33 implements both NIST post-quantum standards: FIPS 203 (ML-KEM / Kyber) for key encapsulation and FIPS 204 (ML-DSA / Dilithium) for digital signatures. Our implementations are validated against NIST Known Answer Test (KAT) vectors and include comprehensive test suites covering NTT transforms, polynomial operations, key generation, encapsulation/decapsulation, and sign/verify operations. FIPS 140-3 validation for government use cases is under review.

H33 targets NIST Security Level 3 (equivalent to AES-192 against quantum attacks) across the PQC components. Kyber-768 and Dilithium Level 3 both provide this guarantee. The FHE layer (BFV with RLWE) provides at least 128-bit security based on lattice hardness assumptions. The STARK ZKP layer provides 128-bit security via SHA3-256 collision resistance. All three layers independently exceed the minimum security threshold for long-term protection.

H33 is designed for cryptographic agility. Our modular architecture separates the FHE engine, ZKP system, and PQC layer so each can be upgraded independently. If NIST revises standards or new attacks emerge, we can swap algorithm implementations without changing the API contract. Enrolled biometric templates are re-encrypted under new parameters during key rotation. We actively monitor NIST post-quantum cryptography developments, IACR publications, and quantum computing milestones to stay ahead of the threat landscape.

H33's biometric pipeline operates entirely on encrypted data:

• Client-side: Biometric features are extracted and encrypted using BFV FHE before leaving your device
• Server-side FHE: Encrypted templates are compared using homomorphic inner products—distance and similarity metrics computed on ciphertexts
• ZKP attestation: A STARK proof verifies the match result without revealing the biometric data
• Dilithium signature: The final attestation is signed with a post-quantum digital signature

Your raw biometric data is NEVER transmitted to or decrypted on H33 servers.

No. This is the fundamental guarantee of Fully Homomorphic Encryption. Your biometric template is encrypted on your device using FHE. It is transmitted encrypted, stored encrypted, and processed encrypted. The matching computation (inner product, distance calculation) happens on the encrypted ciphertexts. Only the final match/no-match result is decrypted—never the biometric data itself. Our servers literally cannot decrypt your biometrics because the FHE secret key never touches the server.

H33 supports multiple biometric modalities through encrypted template matching:

• Facial recognition: Via device cameras, encrypted feature vectors
• Fingerprint: Via device sensors, encrypted minutiae templates
• Voice: Speaker verification via encrypted voiceprint features
• Behavioral: Typing patterns and device handling characteristics

All modalities use the same FHE pipeline—128-dimensional feature vectors encrypted and matched homomorphically. Multi-modal fusion combines modalities for higher security.

FHE-based matching achieves the same accuracy as plaintext matching because BFV provides exact integer arithmetic. There is zero accuracy loss from encryption:

• False Acceptance Rate (FAR): < 0.001% (1 in 100,000)
• False Rejection Rate (FRR): < 1%

The match threshold is configurable per application—higher security applications can use stricter thresholds. Multi-modal biometrics further improve accuracy.

Encrypted template matching computes biometric similarity on FHE ciphertexts. H33 uses a fused NTT-domain inner product: enrolled templates are stored in NTT form, and the matching operation performs polynomial multiplication and accumulation without intermediate inverse transforms. One final INTT produces the encrypted distance result. This approach saves 2×M NTT transforms per operation (where M is the number of moduli) and is a key reason H33 achieves sub-millisecond batch matching.

H33 implements multiple anti-spoofing layers:

• Liveness detection: Ensures a real person is present (not a photo, video, or 3D mask)
• Challenge-response: Random actions to prove real-time presence
• AI Detection agent: Our native AI Detection module identifies synthetic/deepfake biometric inputs
• Template binding: Enrolled templates are cryptographically bound to the user's identity—presenting someone else's biometrics fails the FHE comparison

Yes. Unlike raw biometrics (which you cannot change), H33's encrypted templates can be revoked and re-issued. Since templates are encrypted with a specific FHE key, revoking the key invalidates all associated templates. Users can re-enroll with the same biometrics under a new key, generating a completely different ciphertext. This solves the fundamental problem of biometric data breaches—even if an encrypted template leaks, it can be revoked and replaced.

Biometric data is classified as "special category" data under GDPR Article 9, requiring the highest level of protection. H33 exceeds these requirements because:

• No raw biometric storage: Only FHE-encrypted ciphertexts exist on our servers
• No plaintext processing: FHE eliminates the decryption window that other providers require
• Right to erasure: Users can delete their encrypted templates at any time
• Data minimization: We store only the minimum encrypted representation needed for matching

This approach also satisfies BIPA (Illinois), CCPA (California), and other biometric data regulations.

Enrollment registers a user's encrypted biometric template:

• Step 1: Client captures biometric data (face, fingerprint, etc.) on the user's device
• Step 2: Feature extraction produces a 128-dimensional vector
• Step 3: The vector is encrypted client-side using BFV FHE
• Step 4: The encrypted ciphertext is sent to H33 via the /enroll API endpoint
• Step 5: H33 stores the ciphertext in NTT form for optimized future matching

The entire enrollment process completes in seconds. Raw biometric data never leaves the device.

H33 uses SIMD batching to pack 32 users per ciphertext. The math: N=4096 polynomial slots divided by 128 biometric feature dimensions = 32 user slots. This means a single FHE batch operation simultaneously verifies 32 users at essentially the same cost as verifying one. Batch verification is constant time—whether you are verifying 1 or 32 users in a batch, the FHE computation takes approximately the same 937µs. This is the key to achieving over 2 million authentications per second.

H33 v11.0 achieves 2,209,429 sustained authentications per second over a 120-second benchmark run on AWS Graviton4 (c8g.metal-48xl, 192 vCPUs, 96 workers). This is the sustained rate, not a burst peak. Each authentication includes the full post-quantum pipeline: FHE encrypted biometric matching, STARK ZKP verification, and Dilithium signature attestation. See h33.ai/benchmarks for the complete methodology and reproducible benchmark scripts.

Production benchmarks run on AWS c8g.metal-48xl instances with Graviton4 (ARM) processors:

• CPU: 192 vCPUs (96 physical cores), AWS Graviton4
• Memory: 377 GiB
• Workers: 96 parallel workers (1 per physical core)
• Cost: ~$1.80-$2.30/hr on spot instances
• Allocator: System (glibc) — jemalloc caused 8% regression on Graviton4

The Graviton4 ARM architecture provides excellent performance for lattice-based cryptography due to its memory hierarchy and NEON SIMD instructions.

The full pipeline latency for a 32-user batch is 1,128µs, which breaks down to 35.25µs per individual authentication:

• FHE batch (32 users): 937µs
• ZKP lookup (DashMap): 0.059µs
• Dilithium attestation: 189µs
• Total per batch: 1,128µs
• Per auth: 35.25µs

All three stages are post-quantum secure. The ZKP step adds near-zero latency thanks to in-process DashMap caching.

Several architectural decisions combine to deliver this throughput:

• SIMD batching: 32 users per ciphertext via CRT-based slot packing
• Montgomery NTT: Twiddle factors in Montgomery form eliminate division from the hot path
• Harvey lazy reduction: Butterfly values stay in [0, 2q) between NTT stages, halving reductions
• NTT-domain persistence: Templates stored in NTT form, avoiding redundant forward transforms
• Batch attestation: One Dilithium sign+verify per 32-user batch instead of per-user
• In-process DashMap: ZKP cache with 0.059µs lookups, zero network overhead
• 96 parallel workers: One per physical Graviton4 core, no hyperthreading contention

The v11.0 FHE pipeline for a 32-user batch on Graviton4:

• Key generation: Performed once at setup (not in hot path)
• Encrypt (batch): Parallel NTT across moduli via Rayon, batch CBD sampling, pre-NTT public keys
• Inner product: NTT-domain fused multiply-accumulate with one final INTT
• Decrypt: NTT(c1) * sk_ntt, INTT, add c0, modular reduction
• Total FHE: 937µs for 32 users (~29µs per user)

Ciphertexts are in coefficient form (INTT after encrypt), secret keys in NTT form, and enrolled templates in NTT form for optimized matching.

The Number Theoretic Transform (NTT) is the core operation in lattice-based cryptography. H33's Montgomery NTT stores all twiddle factors in Montgomery form, which replaces expensive modular division with cheap multiply-and-shift operations (Montgomery REDC). Combined with Harvey lazy reduction (keeping intermediate values in [0, 2q) between butterfly stages), this eliminates nearly all division operations from the critical path. The implementation uses radix-4 butterflies for optimal cache utilization on Graviton4.

Key production optimizations (all verified, in deployment):

• Montgomery NTT with Harvey lazy reduction (no division in hot path)
• Parallel NTT in encrypt() across all moduli via Rayon
• Batch CBD sampling: 1 RNG call per 10 coefficients (5× faster)
• NEON Galois operations: Branchless permutation + vectorized key-switch
• NTT-domain fused inner product: One final INTT instead of per-chunk
• Pre-NTT public keys: pk0 stored in NTT form at keygen time
• NTT-form enrolled templates: Skip forward NTT during matching
• Batch Dilithium attestation: 1 sign+verify per 32-user batch
• In-process DashMap ZKP cache: 0.059µs lookups

On bare-metal instances (c8g.metal-48xl), sustained cryptographic workloads can cause thermal throttling. H33 addresses this with:

• Frequency pinning: CPU frequency locked to avoid dynamic scaling overhead
• NUMA-aware allocation: Workers pinned to local NUMA nodes to minimize cross-socket traffic
• Worker tuning: 96 workers (not 192) to avoid hyperthreading contention and reduce heat
• Observed variance: ±6% throughput variation over 120-second sustained runs (1.62M low to 1.83M high)

The sustained 120-second benchmark accounts for thermal effects; the 2,209,429 auth/sec figure is the sustained average.

H33 v11.0 maintains comprehensive test coverage:

• 2,342 unit tests covering all cryptographic modules (FHE, ZKP, PQC, biometrics)
• 300,000 proptest iterations for property-based fuzz testing across parameter ranges
• Kani formal verification proofs for critical invariants (polynomial bounds, NTT invertibility, noise budgets)
• Known Answer Test (KAT) vectors for Kyber and Dilithium NIST compliance
• Integration tests covering the full enroll-verify pipeline end-to-end

All tests pass on both x86_64 (AVX-512) and aarch64 (ARM NEON) architectures.

Performance evolution from v7.0 baseline to v11.0:

• FHE batch: 1,375µs → 937µs (-31.7%)
• Dilithium attestation: 375µs → 189µs (-22.4%)
• ZKP lookup: 2.0µs → 0.059µs (-97.1% via DashMap)
• Throughput: 1,291,207 → 2,209,429 auth/sec (+68.3%)
• Tests: 1,751 → 2,342 tests + 300K proptests

Key improvements: NTT-form multiply_plain, Montgomery domain persistence, batch attestation, and in-process DashMap caching.

H33 offers a comprehensive product suite built on the same post-quantum cryptographic foundation:

• H33-Shield: Privacy-preserving identity verification with FHE-encrypted biometrics
• H33-Gateway: Post-quantum API authentication gateway
• H33-Health: HIPAA-compliant healthcare authentication
• Encrypted Search: Search over encrypted data without decryption
• PQ Video: Post-quantum encrypted video communications
• H33-Vault: Post-quantum key management and secret storage
• Storage Encryption: FHE-based encrypted data storage
• AI Detection: Deepfake and synthetic media identification
• H33-MPC: Secure multi-party computation protocols

All products are accessible via API and included in credit-based pricing plans.

H33-Shield is the core identity verification product. It provides FHE-encrypted biometric matching, STARK zero-knowledge proof generation, and Dilithium post-quantum attestation in a single API call. Use cases include enterprise identity verification, KYC/AML compliance without storing PII, Sybil-resistant authentication for Web3, and any scenario where you need to verify a person's identity without exposing their biometric data. H33-Shield powers the authentication pipeline that achieves 2.1M+ auth/sec.

H33-Gateway is a post-quantum API authentication gateway that protects your API endpoints with Kyber key exchange and Dilithium-signed tokens. It drops in front of existing APIs and upgrades all authentication to post-quantum security without requiring changes to your backend. Gateway handles TLS 1.3 termination, token validation, rate limiting, and generates audit-ready Dilithium attestations for every authenticated request.

H33-Health is a HIPAA-compliant authentication module designed for healthcare organizations. It provides FHE-encrypted patient identity verification, ensuring that Protected Health Information (PHI) is never exposed during authentication. H33-Health includes BAA (Business Associate Agreement) eligibility, HIPAA-compliant audit logging, and post-quantum security for long-term patient data protection. Healthcare-specific compliance documentation is available on request.

Encrypted Search allows you to search over encrypted datasets without decrypting them. Using FHE, your search query is encrypted, matched against encrypted records, and returns encrypted results—the server never sees the query or the matching records in plaintext. Use cases include searching encrypted patient records, querying encrypted financial databases, and privacy-preserving log analysis. Encrypted Search leverages the same BFV/CKKS engines that power biometric matching.

PQ Video provides post-quantum encrypted video communications. Video streams are encrypted using Kyber key exchange (FIPS 203) and authenticated with Dilithium signatures (FIPS 204). This protects video calls against both current eavesdropping and future quantum decryption of recorded sessions. PQ Video is designed for government, healthcare, legal, and financial communications where long-term confidentiality is critical.

H33-Vault is a post-quantum key management and secret storage service. It stores cryptographic keys, API secrets, and sensitive configuration data encrypted with Kyber-based key wrapping. Access is authenticated via Dilithium signatures and controlled by per-tenant policies. Vault supports automatic key rotation, audit logging, and hardware-backed key generation. It is designed for organizations that need quantum-resistant secret management today.

Storage Encryption provides FHE-based encrypted data storage where data remains encrypted even during processing. Unlike traditional encryption-at-rest (which decrypts for processing), H33 Storage Encryption uses FHE to perform operations on encrypted data directly. This is ideal for cloud storage scenarios where you do not trust the storage provider, multi-tenant environments requiring cryptographic isolation, and compliance requirements demanding end-to-end encryption.

AI Detection identifies synthetic and AI-generated media (deepfakes, voice clones, generated faces) during the authentication process. It works alongside H33's biometric pipeline to detect spoofing attempts that use AI-generated content. The detection engine runs as one of H33's native Rust AI agents with sub-microsecond latency, adding negligible overhead to the authentication pipeline. AI Detection is included on all plans as a security feature.

H33-MPC (Multi-Party Computation) enables multiple parties to jointly compute a result without any party revealing their private inputs. For example, two hospitals can compare patient records for duplicate detection without either hospital seeing the other's data. H33-MPC combines FHE for encrypted computation with post-quantum key exchange (Kyber) for secure channel setup. It supports threshold operations, secret sharing, and collaborative computation across organizational boundaries.

Integration is straightforward via REST API:

• Step 1: Get a free API key at h33.ai/pricing
• Step 2: Install an SDK (JavaScript, Python, Rust, Go) or use the REST API directly
• Step 3: Call POST /enroll to register encrypted biometric templates
• Step 4: Call POST /verify to authenticate—returns FHE match result + ZKP proof + Dilithium attestation

Basic integration takes under an hour. See h33.ai/docs and h33.ai/docs/api for complete reference.

H33 provides official SDKs for:

• JavaScript/TypeScript: npm install @h33/sdk
• React: @h33/react-sdk with hooks and pre-built components
• Python: pip install h33-sdk
• Rust: h33-sdk crate on crates.io
• Go: go get github.com/h33-ai/h33-go
• REST API: Language-agnostic HTTP endpoints for any platform

All SDKs handle FHE client-side encryption, key management, and response parsing automatically.

The H33 API uses Bearer token authentication. Include your API key in the Authorization header: Authorization: Bearer h33_pk_.... API keys are scoped per-tenant and can be rotated at any time via the dashboard. All API communication is encrypted via TLS 1.3. Enterprise customers can optionally enable mTLS (mutual TLS) for additional transport security.

H33 does not enforce per-tier rate limits. You pay for credits (fungible units), not requests per second. Use your allocation however you want—burst, steady, or any pattern. Our infrastructure handles over 2 million authentications per second, so your usage pattern is entirely up to you. If you need guaranteed capacity reservation for traffic spikes, enterprise plans include dedicated infrastructure options.

Fungible units are H33's credit currency. Each API operation costs a specific number of units based on its computational complexity:

• Basic authentication: 1 unit
• Biometric enrollment: Variable units based on template complexity
• Encrypted search: Units based on dataset size
• STARK proof generation: Units based on proof complexity

Unit pricing ranges from $0.006 to $0.060 per unit depending on your plan tier. Higher tiers get lower per-unit costs. Credits are purchased monthly and do not expire within the billing period. See h33.ai/pricing for detailed unit costs.

Yes. H33 offers multiple ways to evaluate before committing:

• Free tier: 500 authentications per month at no cost, forever
• Sandbox API: Full functionality with test data for development and integration testing
• Benchmarks page: Independently verifiable performance data at h33.ai/benchmarks
• Documentation: Complete API reference at h33.ai/docs/api

No credit card is required for the free tier. Upgrade to paid plans only when you need more capacity.

The enrollment API (POST /enroll) registers a user's encrypted biometric template. The client SDK encrypts the biometric feature vector using BFV FHE on the user's device, then sends the ciphertext to H33. H33 stores the encrypted template in NTT form for optimized future matching. The response includes a user ID and enrollment confirmation. Enrollment is a one-time operation per user per modality. Re-enrollment (template update) is supported via PUT /enroll/{userId}.

The verify API (POST /verify) is the core authentication endpoint. It accepts an FHE-encrypted biometric probe and executes the full pipeline in a single call:

• FHE matching: Compares the encrypted probe against enrolled templates
• ZKP verification: Generates or retrieves a cached STARK proof of the match result
• Dilithium attestation: Signs the result with a post-quantum digital signature

The response includes the match result, STARK proof, Dilithium signature, and confidence score. Total latency: ~35.25µs per auth.

Yes. H33 can notify your server of authentication events via webhooks:

• identity.enrolled — User completed biometric enrollment
• authentication.success — User authenticated successfully
• authentication.failed — Authentication attempt failed
• template.updated — Biometric template was re-enrolled
• template.revoked — Biometric template was deleted

All webhooks are signed with HMAC-SHA256 for integrity verification and support retry with exponential backoff.

The H33 API returns JSON by default for all endpoints. Responses include structured fields for match results, proof data, attestation signatures, and metadata. Binary proof data (STARK proofs, Dilithium signatures) is Base64-encoded within the JSON response. The API follows RESTful conventions with standard HTTP status codes, pagination for list endpoints, and descriptive error messages. OpenAPI/Swagger specifications are available at h33.ai/docs/api.

H33 uses credit-based pricing with fungible units. All plans include the full post-quantum security stack (FHE + ZKP + Dilithium):

• Free: 500 authentications/month — $0
• Starter: 5,000 credits/month — $99/mo ($0.020/unit)
• Pro: 50,000 credits/month — $899/mo ($0.018/unit)
• Business: 250,000 credits/month — $2,499/mo ($0.010/unit)
• Scale: 2,500,000 credits/month — $17,999/mo ($0.007/unit)

Unit pricing ranges from $0.006 to $0.060 depending on volume. See h33.ai/pricing for complete details and the unit cost calculator.

Credit-based pricing means you purchase fungible units that can be spent on any H33 API operation. Each operation (authentication, enrollment, search, proof generation) costs a specific number of units based on its computational complexity. This is simpler than per-endpoint pricing because you don't need to predict your usage pattern. Credits are purchased monthly, and unused credits do not roll over. The per-unit cost decreases at higher tiers, rewarding volume.

H33's compliance posture:

• SOC 2 (In Progress): In progress, applies to all paid tiers
• GDPR: Compliant by design—no raw PII storage, FHE eliminates plaintext processing
• CCPA / BIPA: Compliant—no biometric data stored in usable form
• HIPAA: BAA available on request for healthcare use cases
• NIST PQC: FIPS 203 (ML-KEM) and FIPS 204 (ML-DSA) implemented
• ISO 27001: Planned
• FIPS 140-3: Under review for government use cases

H33 supports HIPAA-covered entities through the H33-Health product. Our FHE-based processing ensures that Protected Health Information (PHI) is never exposed during authentication—biometric data remains encrypted at all times. Business Associate Agreements (BAAs) are available on request for paid tier customers. HIPAA-compliant audit logging is included, satisfying the accountability requirements of the HIPAA Security Rule.

Yes. H33 exceeds GDPR requirements through privacy-by-design:

• Data minimization: We store only FHE-encrypted ciphertexts, not personal data
• No plaintext processing: FHE eliminates the decryption window required by other providers
• Right to erasure (Art. 17): Users can delete their encrypted templates at any time
• Data portability (Art. 20): Encrypted templates can be exported
• Special category data (Art. 9): Biometric data protections are inherently satisfied by FHE

Our Data Processing Agreement is available for enterprise customers.

H33 accepts the following payment methods via Stripe:

• Credit/debit cards: Visa, Mastercard, American Express
• ACH bank transfers: US-based accounts
• Wire transfers: For enterprise annual contracts

All payments are processed securely through Stripe. Invoicing is available for annual enterprise contracts. Pricing is in USD.

Yes. H33's free tier includes:

• 500 authentications per month at no cost
• Full post-quantum security stack (FHE + ZKP + Dilithium)
• Access to all API endpoints (enroll, verify, search)
• Full sandbox/development environment
• Community support via documentation

No credit card is required to sign up. The free tier is designed for evaluation, prototyping, and small-scale applications. Upgrade to a paid plan when you need more capacity.

H33's per-unit cost decreases at higher volumes:

• Free: $0 (500 auth/mo included)
• Starter ($99/mo): ~$0.020/unit for 5K credits
• Pro ($899/mo): ~$0.018/unit for 50K credits
• Business ($2,499/mo): ~$0.010/unit for 250K credits
• Scale ($17,999/mo): ~$0.007/unit for 2.5M credits
• Custom Enterprise: Contact sales for volumes above 2.5M credits/month

The more you use, the less you pay per authentication. All tiers include the same full security stack.

Service Level Agreements vary by plan:

• Free / Starter: Best effort, no guaranteed uptime SLA
• Pro: 99.9% uptime SLA
• Business: 99.95% uptime SLA with priority incident response
• Scale / Enterprise: 99.99% uptime SLA with dedicated support, custom incident response times, and service credits for downtime

All plans include monitoring and automatic failover. Enterprise customers receive dedicated infrastructure options for the highest availability requirements.

H33 plans are flexible:

• Monthly plans: Cancel anytime, effective at end of current billing period
• No long-term commitments: Month-to-month by default
• Annual plans: Can be cancelled with prorated refund for unused months
• Data retention: Encrypted templates can be exported or deleted upon cancellation
• Downgrade: You can downgrade to the free tier at any time and retain up to 500 auth/month

Enterprise contracts have specific terms outlined in the agreement. See h33.ai/billing-policy for full details.

Yes. H33 replaces Auth0 for organizations that need post-quantum security guarantees. Auth0 uses classical cryptography (RSA/ECDSA) and stores credentials in plaintext on their servers. H33 uses fully homomorphic encryption so biometric templates are never decrypted, even during matching. Auth0 has zero post-quantum cryptography. H33’s entire pipeline—FHE, ZK-STARKs, Dilithium signatures—is quantum-safe. See the full comparison at /auth0-alternative.

H33 replaces Okta for identity verification and authentication with cryptographic privacy guarantees that Okta cannot offer. Okta stores identity data in plaintext and uses classical PKI. H33 encrypts everything with FHE, proves identity with zero-knowledge proofs, and signs attestations with Dilithium—all in a single API call at 35.25µs per authentication. Enterprise customers migrate from Okta when they need NIST post-quantum compliance or zero-trust biometric verification. See /okta-alternative.

Zama provides open-source FHE libraries (Concrete, TFHE-rs) and toolkits for building FHE applications. H33 is a production-ready FHE API with four optimized engines. The difference: Zama gives you building blocks that require cryptography expertise to deploy. H33 gives you a REST API that processes 32 users in 937 microseconds. H33 also integrates ZK proofs and Dilithium signatures—components Zama does not offer. See the full comparison at /zama-alternative and /fhe-comparison.

Passwordless authentication eliminates passwords entirely, replacing them with biometrics, hardware tokens, or cryptographic proofs. H33 implements passwordless authentication using encrypted biometrics—users verify with face, fingerprint, or voice, but the biometric data is encrypted with FHE before it leaves the device. The server matches encrypted templates without ever seeing raw biometrics. This is fundamentally more secure than FIDO2/passkeys, which still rely on classical cryptography vulnerable to quantum computers. See /passwordless-authentication.

Zero-knowledge authentication allows a user to prove their identity without revealing any underlying data. Instead of sending a password or biometric to a server, the user generates a cryptographic proof that they possess valid credentials. The server verifies the proof without seeing the credentials. H33 uses ZK-STARK proofs (no trusted setup, SHA3-256 hash-based, post-quantum secure) to achieve this in 0.059 microseconds per cached verification. See /zero-knowledge-authentication.

Quantum-safe digital identity means identity credentials (biometrics, keys, attestations) that remain secure even against quantum computer attacks. H33 provides this through soulbound identity tokens (non-transferable, cryptographically bound to the holder), selective disclosure (prove attributes without revealing full identity), and verifiable credentials signed with Dilithium post-quantum signatures. Every component—FHE encryption, ZK proofs, digital signatures—uses quantum-resistant algorithms. See /quantum-safe-identity.

An FHE API lets you perform computations on encrypted data without decrypting it, accessible via a simple REST endpoint. Without an API, implementing FHE requires deep cryptography expertise, parameter tuning, and months of engineering. H33’s FHE API provides four engines (H33-128/BFV, H33-256, H33-CKKS) optimized for different workloads—biometric matching, ML inference, encrypted search—all at sub-millisecond latency. One API call. No PhD required. See /fhe-api.

H33 runs three native Rust AI agents in parallel with every authentication: Harvest Detection (0.69µs) identifies harvest-now-decrypt-later attack patterns, Side-Channel Detection (1.14µs) catches timing and cache-based attacks, and Crypto Health Monitor (0.52µs) verifies cryptographic parameter integrity in real-time. Total ML pipeline: ~2.35µs. These agents operate on encrypted data—they never see plaintext biometrics. See /ai-fraud-detection.

Soulbound identity refers to non-transferable digital identity tokens that are cryptographically bound to a specific individual. Unlike traditional credentials that can be shared, copied, or stolen, soulbound tokens cannot be transferred because they are tied to the holder’s encrypted biometric proof. H33 implements soulbound identity using FHE-encrypted biometric templates combined with Dilithium-signed attestations. The result: a digital identity that is provably yours, quantum-safe, and impossible to forge or transfer. See /quantum-safe-identity.

These platforms detect threats by monitoring plaintext data—network traffic (Darktrace), endpoints (CrowdStrike), or devices (SentinelOne). H33 operates in a fundamentally different category: cryptographic security infrastructure. H33 prevents threats by ensuring data is never plaintext in the first place. FHE encryption means the server processes encrypted data. ZK proofs mean identity is verified without exposure. Dilithium signatures mean attestations are quantum-safe. Traditional AI security monitors the breach. H33 makes the breach mathematically impossible. See /ai-security-comparison.