HATS Export Control and Cryptography Notice
DRAFT -- Subject to revision by legal counsel
1. Purpose and Scope
1.1. This document provides notice regarding the cryptographic algorithms used in the HATS (H33 AI Trust Standard) v1.0 ecosystem, associated export control classifications, and the responsibilities of parties that distribute, deploy, or use HATS-related software across national borders.
1.2. This document is informational and does not constitute legal advice. H33.ai, Inc. ("H33") is not a law firm, customs broker, or export licensing agency. All parties are responsible for obtaining their own export control legal counsel and making their own classification and licensing determinations.
1.3. This notice covers two distinct categories of HATS-related software: (a) the HATS verifier (hash-only verification mode), which uses only hash functions; and (b) the H33 platform (full implementation), which uses post-quantum digital signatures, fully homomorphic encryption, and additional cryptographic primitives. These categories have materially different export control profiles.
2. Cryptographic Algorithms Used in HATS
2.1. The HATS v1.0 specification and ecosystem employ the following cryptographic algorithms:
2.1.1. Hash Functions
| Algorithm | Standard Reference | HATS Usage |
|---|---|---|
| SHA3-256 (Keccak) | NIST FIPS 202 | Canonical hashing of governance nodes, Merkle tree construction, replay frame hashing, domain-separated binding, graph root computation |
2.1.2. Digital Signature Algorithms (Post-Quantum)
| Algorithm | Standard Reference | HATS Usage |
|---|---|---|
| ML-DSA-65 (CRYSTALS-Dilithium) | NIST FIPS 204 | Default signature algorithm for governance receipts, signer key binding, cryptographic profile HATS-PROFILE-PQ-SHA3-256-v1 |
| FALCON-512 | NIST selected (FIPS pending) | Secondary signature algorithm in multi-signer configurations |
| SLH-DSA-SHA2-128f-simple (SPHINCS+) | NIST FIPS 205 | Stateless hash-based signature algorithm in three-key signer configurations |
2.1.3. Additional Algorithms (H33 Platform, Not HATS Specification)
| Algorithm | Standard Reference | H33 Platform Usage |
|---|---|---|
| ML-KEM (CRYSTALS-Kyber) | NIST FIPS 203 | Key encapsulation for encrypted data exchange |
| BFV (Brakerski/Fan-Vercauteren) | Academic; no NIST standard | Fully homomorphic encryption for biometric authentication |
| AES-256-GCM | NIST FIPS 197 + SP 800-38D | Symmetric encryption in hybrid constructions |
3. Export Control Framework Overview
3.1. United States. The export of cryptographic software from the United States is regulated by the Export Administration Regulations ("EAR"), 15 C.F.R. Parts 730-774, administered by the Bureau of Industry and Security ("BIS") of the U.S. Department of Commerce.
3.2. Wassenaar Arrangement. The Wassenaar Arrangement on Export Controls for Conventional Arms and Dual-Use Goods and Technologies includes cryptographic items in Category 5, Part 2 ("Information Security"). Participating states implement Wassenaar controls through their national export control regimes. Forty-two (42) participating states as of the date of this document.
3.3. Other Jurisdictions. Many countries maintain independent export control, import control, or use restrictions on cryptographic software, including but not limited to the European Union (Dual-Use Regulation, Regulation (EU) 2021/821), the United Kingdom, China, Russia, India, Israel, and others. This document focuses on U.S. EAR analysis but parties in or shipping to other jurisdictions must consult applicable local law.
4. ECCN Classification Guidance
4.1. Important Disclaimer. The Export Control Classification Numbers ("ECCNs") discussed in this section are H33's good-faith analysis for informational purposes only. Official classification is determined by BIS through a Commodity Classification Automated Tracking System ("CCATS") request, or by the exporter's own classification based on the Commerce Control List. H33 has not obtained a formal CCATS classification for all items described below. Parties should not rely on this analysis as a substitute for their own classification.
4.2. HATS Verifier (Hash-Only Mode -- HATS-PROOF-HASH-ONLY-v1)
4.2.1. A HATS verifier operating in hash-only mode implements only SHA3-256 hashing. It does not implement encryption, decryption, key agreement, or digital signature generation. It performs hash computation and comparison.
4.2.2. Preliminary Classification Analysis. Items that perform only authentication functions (including hash-based integrity checking) without encryption capability are generally classified under ECCN 5A002.a.1 or may fall outside Category 5, Part 2 controls if the cryptographic functionality is limited to authentication. Hash-only software used for data integrity verification, without encryption or signature generation, may be classified as EAR99 (no license required for most destinations) depending on the specific implementation and ancillary functionality.
4.2.3. Open-Source Consideration. If a hash-only HATS verifier is made publicly available as open-source software, it may qualify for the publicly available exclusion under 15 C.F.R. Section 734.7 and/or the "publicly available" technology and software exclusions under 15 C.F.R. Section 742.15(b), provided the requirements for notification to BIS and the NSA are met (email notification to crypt@bis.gov and enc@nsa.gov with the URL of the publicly available source code).
4.3. HATS Verifier (Signed Mode -- HATS-PROOF-SIGNED-v1)
4.3.1. A HATS verifier operating in signed mode implements ML-DSA-65 signature verification (not generation). It verifies existing digital signatures but does not generate new signatures.
4.3.2. Preliminary Classification Analysis. Software that performs signature verification (but not signature generation, encryption, or decryption) occupies a nuanced position under the EAR. BIS has generally treated signature verification as an authentication function. However, because ML-DSA-65 is a public-key algorithm and the verification implementation necessarily includes mathematical operations that are closely related to the signing algorithm, the classification may depend on the specific implementation. Parties should consider whether the implementation could be trivially modified to perform signature generation.
4.3.3. Open-Source Consideration. The same open-source exclusion analysis in Section 4.2.3 applies.
4.4. H33 Platform (Full Implementation)
4.4.1. The H33 platform implements ML-DSA-65 (signature generation and verification), FALCON-512 (signature generation and verification), SLH-DSA (signature generation and verification), ML-KEM (key encapsulation), BFV fully homomorphic encryption, and AES-256-GCM symmetric encryption.
4.4.2. Preliminary Classification Analysis. The H33 platform likely falls under ECCN 5D002.c.1 (software that provides or performs cryptographic functionality using algorithms that exceed the parameters of Note 3 to Category 5, Part 2 of the Commerce Control List). The platform implements: (a) public-key cryptography exceeding 56 bits of symmetric equivalent security; (b) symmetric cryptography exceeding 56 bits (AES-256); (c) key establishment exceeding 56 bits (ML-KEM).
4.4.3. Items classified under ECCN 5D002 require a license for export to most destinations listed in Country Groups D:1 and E:1/E:2 of Supplement No. 1 to Part 740. License Exception ENC (15 C.F.R. Section 740.17) may be available for certain end users and end uses, subject to the requirements therein, including classification review or self-classification reporting.
4.4.4. Open-Source Consideration. Portions of the H33 platform that are published as open-source software may qualify for the publicly available exclusion (15 C.F.R. Section 742.15(b)), provided the notification requirements are met. However, open-source publication does not automatically exclude software from EAR jurisdiction; the analysis depends on whether the software is "published" within the meaning of Section 734.7 and whether it falls within the encryption object code exclusion.
5. Open-Source Exemption Reference (15 C.F.R. Section 742.15(b))
5.1. Under 15 C.F.R. Section 742.15(b), publicly available encryption source code that is not subject to an express agreement for the payment of a licensing fee or royalty for commercial production or sale of any product developed with the source code is released from the EAR requirement for a license, provided:
(a) The source code is publicly available (e.g., published on a public repository).
(b) The person making the source code publicly available sends an email notification to BIS (crypt@bis.gov) and the ENC Encryption Request Coordinator (enc@nsa.gov) with the URL or other location information.
(c) No export-controlled technical data is bundled with the source code beyond what is necessary to use the publicly available software.
5.2. This exemption applies to source code only. Object code (compiled binaries) derived from controlled source code may remain subject to export controls under ECCN 5D002.
5.3. H33 will comply with notification requirements for any HATS-related source code that H33 publishes as open-source. Independent implementors that publish their own HATS verifier source code are independently responsible for their own BIS/NSA notifications.
6. Distinction: HATS Verifier vs. H33 Platform
6.1. For export control purposes, parties must distinguish between:
| Component | Cryptography | Likely Classification | Key Consideration |
|---|---|---|---|
| HATS Verifier (hash-only, HATS-PROOF-HASH-ONLY-v1) | SHA3-256 hash only | Likely EAR99 or excluded under 742.15(b) if open-source | No encryption, no signatures |
| HATS Verifier (signed, HATS-PROOF-SIGNED-v1) | SHA3-256 hash + ML-DSA-65 verification | Classification depends on implementation; may be EAR99 or 5D002 | Verification only, no key generation or signing |
| H33 Platform (full) | ML-DSA-65, FALCON-512, SLH-DSA, ML-KEM, BFV FHE, AES-256-GCM | Likely 5D002.c.1 | Full PQ crypto suite + FHE |
7. Customer and Implementor Responsibility
7.1. Classification Responsibility. Each party that exports, re-exports, or transfers HATS-related software or any product incorporating HATS-related software is solely responsible for determining the applicable ECCN classification and obtaining any required export licenses.
7.2. End-Use and End-User Screening. Exporters must screen end users and end uses against applicable denied persons, entity, and unverified lists, including the BIS Denied Persons List, Entity List, Unverified List, Treasury Department OFAC Specially Designated Nationals and Blocked Persons List (SDN List), and State Department debarred parties lists.
7.3. Record Keeping. Exporters must maintain records as required by 15 C.F.R. Part 762, including records of all exports and re-exports of items classified under ECCNs in Category 5, Part 2.
7.4. H33 Disclaimer. H33 does not act as an export compliance agent for Certificate Holders, Independent Verifier Implementors, or any other party. H33's publication of this notice does not create any obligation by H33 to monitor, advise, or assist with any party's export compliance obligations.
8. Sanctioned Countries and Restricted Destinations
8.1. HATS-related software that is subject to the EAR may not be exported or re-exported to countries subject to comprehensive U.S. sanctions without specific authorization. As of the date of this document, countries subject to comprehensive sanctions include, but may not be limited to: Cuba, Iran, North Korea, Syria, and the Crimea, Donetsk, and Luhansk regions of Ukraine. This list is subject to change; parties must consult current OFAC sanctions programs and BIS country group supplements.
8.2. Even for HATS verifier software that may be classified as EAR99, exports to embargoed destinations or to prohibited end users remain restricted under U.S. sanctions law administered by the Office of Foreign Assets Control ("OFAC").
8.3. H33 restricts access to its commercial HATS certification services, H33 platform, and subscription products in accordance with applicable U.S. sanctions law. H33 does not provide commercial services to parties located in, organized under the laws of, or acting on behalf of governments of comprehensively sanctioned countries.
9. NIST Standards Reference
9.1. The post-quantum cryptographic algorithms used in the HATS ecosystem are standardized or in the process of standardization by the National Institute of Standards and Technology ("NIST") of the United States:
| Algorithm | NIST Standard | Status (as of 2026-05-17) |
|---|---|---|
| ML-DSA (Dilithium) | FIPS 204 | Final Standard |
| ML-KEM (Kyber) | FIPS 203 | Final Standard |
| SLH-DSA (SPHINCS+) | FIPS 205 | Final Standard |
| FALCON | Selected; FIPS pending | Draft Standard |
| SHA3-256 | FIPS 202 | Final Standard |
9.3. HATS does not implement any proprietary or non-public cryptographic algorithm. All cryptographic operations in the HATS specification use algorithms that are fully described in public standards or public academic literature.
10. Wassenaar Arrangement Considerations
10.1. The Wassenaar Arrangement's List of Dual-Use Goods and Technologies, Category 5, Part 2 ("Information Security") covers cryptographic items including software that uses or performs cryptographic functions. The Wassenaar Arrangement is not directly binding; it is implemented through national legislation of participating states.
10.2. Parties in Wassenaar participating states other than the United States must comply with their national implementation of the Wassenaar controls. National implementations may differ in scope, licensing thresholds, and available exemptions.
10.3. The Wassenaar Arrangement includes a "Cryptography Note" (also known as the "mass market" or "personal use" exemption) that excludes certain items designed for personal use from the scope of controls. The applicability of this note to enterprise governance software such as HATS depends on national implementation and should be assessed by local counsel.
10.4. Some Wassenaar participating states provide exemptions for publicly available (open-source) cryptographic software. The scope of these exemptions varies by jurisdiction.
11. European Union Dual-Use Regulation
11.1. For parties subject to EU jurisdiction, Regulation (EU) 2021/821 (the "EU Dual-Use Regulation") controls the export of dual-use items, including cryptographic software. The EU Dual-Use Regulation implements Wassenaar controls with EU-specific modifications.
11.2. Article 15(3) of the EU Dual-Use Regulation provides that authorisations are not required for "software" that is "in the public domain" as defined in the General Technology Note. Open-source HATS verifier software may benefit from this exclusion, subject to analysis under the specific provisions of the regulation.
11.3. EU-based parties should consult their national competent authority for dual-use export controls for jurisdiction-specific guidance.
12. Import Restrictions
12.1. Some countries restrict the import or domestic use of cryptographic software. These restrictions are independent of export controls and are the sole responsibility of the importing party.
12.2. Countries with known import or use restrictions on cryptographic software include, but are not limited to: China (commercial encryption regulations), Russia (FSB notification requirements), India (prior approval requirements for certain algorithms), Israel (encryption import controls), and others. This list is illustrative, not exhaustive, and may not reflect current law.
12.3. H33 does not warrant that HATS-related software may be lawfully imported into or used in any particular jurisdiction. Parties are solely responsible for compliance with the import and use laws of their jurisdiction.
13. No Warranty of Classification
13.1. The ECCN classifications, exemption analyses, and regulatory references in this document represent H33's good-faith informational analysis as of the document date. They are not binding classifications, official rulings, or legal opinions.
13.2. Export control regulations are subject to change. Parties must monitor applicable regulations for updates and must not rely on this document as a substitute for current legal analysis.
13.3. H33 expressly disclaims all liability for any export control violation, penalty, seizure, or adverse action arising from any party's reliance on the classifications or analysis in this document.
14. Contact
14.1. Questions regarding HATS cryptographic usage may be directed to standard@h33.ai.
14.2. H33's response to inquiries under this section is informational and does not constitute export control legal advice.
15. Amendments
15.1. H33 reserves the right to amend this notice as regulations change or as new cryptographic algorithms are added to the HATS ecosystem. Amendments will be published on the HATS public documentation with the updated date.
HATS Export Control and Cryptography Notice v1.0 -- H33.ai, Inc.
HATS Legal & Governance
Review the full set of HATS governance documents, or read the standard itself.
All Legal Documents HATS Standard