Solana-Privacy by H33

Compliance Without Custody.

Solana protocols verify compliance without possessing user data.

Solana-Privacy replaces centralized PII custody with independently verifiable cryptographic attestations.

API proves. H33 attests. Cachee stores. Solana anchors. Anyone verifies.
Try It Live Schedule Demo
LIVE ON SOLANA DEVNET
Program ID: 5eAwAv59YqpnSBMj59KeXhDdLqmn99HBYSjrb6jcLbC5
View on Solscan ↗
Wallets | DeFi Protocols | Stablecoin Issuers | RWA Platforms | Institutional Trading
Compliance Without Custody
1
API proves
STARK proof generated
2
H33 attests
Three PQ families sign
3
Cachee stores
Full proof retrievable
4
Solana anchors
32 bytes on-chain
Full proof off-chain
5
Anyone verifies
No vendor trust
Public HATS verifier
Try It Live
Generate a privacy attestation.
Enter an age threshold. The proof is generated, attested with three post-quantum signature families, and the 32-byte commitment is ready for on-chain anchoring. No data leaves this page.
solana-privacy demo
Select threshold and click Generate Proof
What Never Leaves The User
Never transmitted. Never stored. Never logged.
× Birthdate
× Passport
× SSN
× Biometric data
× Physical address
× Wallet balance
× Portfolio positions
× Counterparty identity

Only cryptographic attestations leave the device.

The Problem
Every Solana protocol faces an impossible choice.
Option A

Collect user data

Become a data custodian. Assume breach liability. Pay for SOC 2, hire a DPO, build PII infrastructure. Get sued when the database leaks.

Option B

Skip compliance

Block institutional capital. Wait for the SEC enforcement action. Watch compliant competitors capture the market.

Option C

Eliminate PII custody from the protocol layer.

Verify compliance cryptographically. The protocol receives a 32-byte proof that the user passed KYC. The protocol never sees the passport, SSN, address, or biometric. Only cryptographic attestations reach the chain.

Products
Three privacy primitives. One integration.
Shield-ID

Identity Without PII

Prove identity attributes without revealing personal information.

  • Age verification (21+) without DOB
  • Jurisdiction proof without address
  • Accredited investor without net worth
  • KYC passed without documents
  • Biometric binding without biometric data
Shield-Comply

Compliance Proofs

Per-transaction regulatory compliance without data exchange.

  • KYC/AML verification proofs
  • OFAC screening attestation
  • Travel rule compliance
  • Jurisdiction verification
  • Continuous monitoring attestation
Shield-DeFi

Private DeFi Primitives

Balance, collateral, and portfolio proofs without revealing positions.

  • Balance range proofs (holds >= X)
  • Collateral sufficiency (ratio >= 150%)
  • Portfolio diversification proof
  • Liquidation threshold monitoring
  • Credit scoring without exposure
Integration
One CPI call. No KYC vendor. No PII storage.
Add compliance verification to any Solana program with a single cross-program invocation. The attestation PDA stores a 32-byte commitment. Your program checks it exists and is not expired.
your_protocol/deposit.rs
// Verify compliance attestation before deposit let shield = ShieldAttestation::try_from(&ctx.accounts.shield)?; // Three checks. That's it. require!(shield.wallet == depositor.key()); require!(shield.attestation_type == COMPLIANCE); require!(shield.expiry > Clock::get()?.unix_timestamp); // Depositor is verified. Protocol never saw their documents. // Full proof retrievable from Cachee for audit.
Verification
Three layers. Anyone can verify.
Regulators, auditors, counterparties, and courts can independently verify any attestation without trusting H33, the protocol, or the user.
<400ms
Fast

Solana commitment check. Confirm the 32-byte attestation exists on-chain and is not expired.

<5ms
Standard

H33-74 PQ attestation verify. Fetch 42 bytes from Cachee and verify three post-quantum signatures.

<100ms
Full Mathematical

Complete STARK proof verification. Fetch proof from Cachee. Run the public HATS verifier. Trust only mathematics.

Regulator Verifiable
Privacy regulators can independently verify.
Most privacy projects hide everything. Solana-Privacy proves compliance to the regulator while proving privacy to the user. These are not in tension. The STARK proves both simultaneously.
regulator terminal
$ cargo install hats-verifier $ hats verify attestation.json VALID -- All checks passed Checks: 20 passed, 0 failed Attestation: compliance-kyc-aml-v1 Wallet: 7xKz...4mPq Expiry: 2026-08-15T00:00:00Z Duration: 71us

The HATS verifier is open source. No API key. No vendor cooperation. No platform dependency.

Why This Wins
Compliance-first privacy.
No PII Custody

Protocol never touches identity documents, biometrics, or personal data. No databases to breach. No retention to manage.

32 Bytes On-Chain

Cheapest possible Solana footprint. H33-74 distills a full STARK proof into a 32-byte commitment. Full proof retrievable from Cachee.

Post-Quantum

Three independent PQ signature families (ML-DSA, FALCON, SLH-DSA). Three independent mathematical hardness assumptions. Survives quantum era transitions.

Public Verifier

The HATS verifier is open source. Regulators, auditors, and counterparties verify independently. No vendor trust required.

Compliance-First

Tornado Cash proved privacy without compliance is a regulatory death sentence. Solana-Privacy proves compliance to the regulator while proving privacy to the user.

Independently Verifiable

Any party can verify any attestation at any time. Verification depends on mathematics, not vendor cooperation or platform availability.

Continuous Compliance
Attestation epochs. Not static KYC.
Compliance is not a one-time event. Attestations are time-bound, revocable, and refreshable. Each attestation type has its own epoch — matching real-world compliance cadences.
90 days
KYC Identity

Identity verification attestation. Auto-expires. Wallet must re-verify to maintain compliance status.

24 hours
OFAC Screening

Sanctions screening refreshed daily. Matches real-world OFAC list update cadence.

1 year
Accredited Investor

Accredited investor status valid for 12 months per SEC guidance. Automatically enforced on-chain.

Attestations are revocable, refreshable, and time-bound. Status changes take effect immediately.

Portable Compliance
Verify once. Use everywhere.
A single identity attestation works across every protocol that integrates Solana-Privacy. Users verify once. Protocols check the same 32-byte commitment. No repeated KYC. No redundant data collection. Compliance without surveillance.
Today

Every protocol runs its own KYC. Users submit passports 5, 10, 20 times. Each protocol stores PII independently. Each is a breach target.

With Solana-Privacy

User verifies once. 32-byte attestation on-chain. Every protocol checks the same proof. Zero PII duplication. Zero redundant verification.

Shield-Verify
Proof exports for regulators and auditors.
Institutions need exportable evidence. Shield-Verify provides downloadable proof packages, API verification endpoints, and a public verifier portal for regulators, auditors, and legal proceedings.
Proof Export

Download a complete proof bundle: STARK proof, H33-74 attestation, public inputs, verification instructions. Self-contained. Offline-verifiable.

Audit API

REST endpoint returns structured verification results. Integrate into compliance dashboards, audit workflows, and regulatory reporting pipelines.

Public Verifier

Open-source CLI and web portal. Regulators run hats verify themselves. No vendor trust required. No platform dependency.

Litigation Ready

Proof bundles are deterministically reproducible and independently verifiable. Evidence that holds up in legal proceedings.

Built For
Identify yourself.
Wallet Providers
DeFi Protocols
Stablecoin Issuers
RWA Tokenization
Institutional Desks
Compliance-First Exchanges
Why Now
The window is open.

Bring compliant privacy to your Solana protocol.

Eliminate PII custody from the protocol layer. Verify users without possessing their data.

Schedule Demo

H33.ai, Inc. · Patents Pending · HATS Standard