Compliance does not require identity exposure. It requires proof of eligibility. H33 separates the two. Users prove KYC status, OFAC clearance, accredited investor eligibility, and jurisdiction through zero-knowledge proofs and fully homomorphic encryption -- without revealing name, date of birth, address, Social Security number, or net worth. The regulator gets a verifiable attestation. The user keeps their privacy. Both parties get what they actually need.
Traditional compliance requires collecting and storing personal data to verify eligibility. This creates the very exposure it is supposed to prevent. H33 inverts the model: prove the property, not the identity.
Financial institutions are required to know their customers. Anti-money-laundering regulations require screening against watchlists. Securities regulations require verifying accredited investor status. Cross-border regulations require confirming jurisdiction. Every one of these requirements is currently satisfied by collecting personal data -- names, addresses, Social Security numbers, dates of birth, financial statements -- and storing it in databases that become high-value targets for breach.
The paradox is structural: the compliance process that is supposed to protect the financial system creates the largest single category of data breaches in the financial sector. KYC databases contain everything an attacker needs for identity theft, account takeover, and synthetic identity fraud. The more thoroughly an institution complies, the more personal data it accumulates, and the more attractive it becomes as a target.
H33 resolves this paradox by separating the proof from the data. A KYC check does not require the institution to possess the user's name and date of birth. It requires proof that the user has been verified by a qualified identity provider. An OFAC screen does not require the institution to possess the user's identity in cleartext. It requires proof that the identity does not match any entry on the watchlist. These are different requirements. Traditional compliance conflates them. H33 separates them.
Each step produces a cryptographic proof or attestation. The user's personal data never leaves their device. The institution receives proofs, not data.
The user's device runs the ProofOfKycAir STARK circuit against their KYC credential (issued by a verified identity provider). The circuit outputs a boolean attestation: "this person has passed KYC verification." The proof reveals nothing about the user's name, date of birth, address, or any other personal identifier. The proof is bound to the user's cryptographic identity, preventing transfer to another party.
The verifier receives a STARK proof and a commitment. They can verify that a qualified identity provider issued a valid KYC credential to this cryptographic identity. They learn nothing else. Not the provider's name (unless they need it for regulatory reasons, in which case it can be selectively disclosed). Not the date of verification. Not the verification method. Just the boolean: verified or not verified.
The user's identity fields are encrypted under BFV lattice-based FHE before entering the screening pipeline. The OFAC screening engine performs an inner product between the encrypted identity vector and each encrypted watchlist entry. The result is an encrypted boolean -- match or no match. At no point is the user's identity decrypted on the screening infrastructure. The screening attestation proves the check was performed without exposing who was checked.
The user generates a ZK range proof attesting that their net worth exceeds the applicable regulatory threshold (e.g., $1,000,000 for SEC Rule 501). The proof takes the user's financial credential as a private witness and outputs a boolean: threshold met or not met. The actual net worth is never revealed. The proof is bound to the KYC attestation from Step 1, preventing proof transfer.
The jurisdiction proof circuit takes the user's residence credential as a private witness and outputs only the country code (e.g., "US", "DE", "JP"). The street address, city, state, and postal code remain private. This is sufficient for jurisdiction-based compliance decisions -- sanctioned country checks, cross-border transaction authorization, regulatory regime determination -- without creating a database of user addresses.
The KYC proof, OFAC screening result, accredited investor proof, and jurisdiction proof are bundled into a single compliance session and attested with an H33-74 proof bundle. Three independent post-quantum signature families -- ML-DSA-65, FALCON-512, SLH-DSA-SHA2-128f -- sign the bundle and compress to 74 bytes. The bundle is the complete compliance evidence for this user, without containing any personal data.
A regulator can replay the entire compliance session using the H33 Verifier CLI, including at a specific historical timestamp. The replay confirms that each proof was valid at the time it was generated, that the OFAC screening was performed against the correct watchlist version, and that all attestations are correctly signed. The regulator verifies proofs, not personal data.
# Replay the compliance session at a specific point in time
h33 replay session compliance.json --at "2026-05-01T00:00:00Z"
# Verify the compliance receipt
h33 verify receipt compliance-receipt.json
# Diff two compliance sessions (e.g., before/after policy change)
h33 diff receipt compliance-v1.json compliance-v2.jsonThe @h33/agent SDK provides the full compliance pipeline: KYC proof generation, OFAC screening, accredited investor verification, jurisdiction proof, attestation, and replay.
import { H33Client, ComplianceSession, ZkProof } from '@h33/agent';
const h33 = new H33Client({
apiKey: process.env.H33_API_KEY,
endpoint: 'https://api.h33.ai/v1',
});
// Start a compliance session
const session: ComplianceSession = await h33.compliance.startSession({
purpose: 'onboarding-verification',
requiredChecks: ['kyc', 'ofac', 'accredited-investor', 'jurisdiction'],
});
// Step 1: Generate ZK proof of KYC status
const kycProof: ZkProof = await h33.compliance.proveKyc({
sessionId: session.id,
credential: userKycCredential, // issued by verified identity provider
circuit: 'ProofOfKycAir', // STARK-based KYC circuit
});
console.log(`KYC proof generated`);
console.log(` Valid: ${kycProof.valid}`);
console.log(` Reveals: boolean (passed/failed) -- nothing else`);
console.log(` Proof size: ${kycProof.proofSize} bytes`);
// Step 2: OFAC screening on encrypted identity
const ofacResult = await h33.compliance.screenOfac({
sessionId: session.id,
encryptedIdentity: userEncryptedIdentity, // BFV-encrypted
encryption: {
scheme: 'bfv',
profile: 'h33-128',
},
});
console.log(`OFAC screening complete`);
console.log(` Cleared: ${ofacResult.cleared}`);
console.log(` Identity decrypted: never`);
console.log(` Watchlist version: ${ofacResult.watchlistVersion}`);
// Step 3: Accredited investor ZK range proof
const investorProof: ZkProof = await h33.compliance.proveAccreditedInvestor({
sessionId: session.id,
credential: userFinancialCredential,
threshold: 1_000_000_00, // $1,000,000 in cents
circuit: 'RangeProofAir', // STARK-based range proof
});
console.log(`Accredited investor proof generated`);
console.log(` Threshold met: ${investorProof.valid}`);
console.log(` Actual net worth revealed: no`);
// Step 4: Jurisdiction proof (country only)
const jurisdictionProof: ZkProof = await h33.compliance.proveJurisdiction({
sessionId: session.id,
credential: userResidenceCredential,
output: 'country-code-only', // reveals country, hides address
});
console.log(`Jurisdiction proof generated`);
console.log(` Country: ${jurisdictionProof.output.countryCode}`);
console.log(` Address revealed: no`);
// Step 5: Close session and get attested receipt
const receipt = await session.close();
console.log(`Compliance session complete`);
console.log(` All checks passed: ${receipt.allPassed}`);
console.log(` H33-74 bundle: ${receipt.attestation.bundleSize} bytes`);
console.log(` PQ families: ${receipt.attestation.families.join(', ')}`);
console.log(` Replay-deterministic: ${receipt.replayDeterministic}`);
console.log(` Personal data stored: none`);# Regulator replays compliance session at a specific timestamp
curl -X POST https://api.h33.ai/v1/replay/session \
-H "Content-Type: application/json" \
-d '{
"receipt": "compliance-receipt.json",
"at": "2026-05-01T00:00:00Z",
"iterations": 1
}'
# Verify individual compliance proofs
curl -X POST https://api.h33.ai/v1/verify/receipt \
-H "Content-Type: application/json" \
-d @compliance-receipt.jsonMeasured on production infrastructure. ZK proof generation runs client-side. OFAC screening runs server-side on encrypted data via FHE.
Compliance without identity exposure is not a privacy aspiration. It is a deployed architecture. STARK proofs verify in 71 microseconds. OFAC screening on encrypted data completes in under a millisecond per batch. The compliance attestation compresses to 74 bytes. The user's personal data never leaves their device.
H33 compliance proofs map to specific regulatory requirements. Each crosswalk documents which H33 capability satisfies which regulatory control.
| Regulation | H33 Capability | Crosswalk |
|---|---|---|
| HIPAA Privacy Rule | FHE processing of PHI, ZK proof of eligibility | HIPAA Crosswalk |
| EU AI Act | Agent attestation, deterministic replay, conformance vectors | EU AI Act Crosswalk |
| BSA/AML | FHE OFAC screening, ZK range proofs for thresholds | AML Controls |
| SEC Regulation D | ZK range proof for accredited investor status | ZK-KYC Documentation |
| GDPR Art. 25 | Data protection by design (no personal data collected) | GDPR Compliance |
| PCI DSS v4.0 | FHE eliminates cleartext cardholder data | PCI DSS Compliance |
Every component in the compliance workflow maps to a published specification, a machine-readable schema, or a conformance vector.
| Component | Specification | Conformance Vector |
|---|---|---|
| ZK-KYC proof | ZK-KYC (ProofOfKycAir) | zk-kyc-proof-v1 |
| OFAC FHE screening | FHE Inner Product Spec | ofac-fhe-screen-v1 |
| Accredited investor proof | ZKP-AIR Range Proof | zk-accredited-v1 |
| Jurisdiction proof | ZKP-AIR Jurisdiction Circuit | zk-jurisdiction-v1 |
| Compliance attestation | H33-74 Proof Bundle Spec | compliance-attest-v1 |
| Regulator replay | Governance Replay Spec | replay-compliance-v1 |
Every claim on this page links to a live demo, a specification, a benchmark, or a CLI command you can run yourself.
Answers to operational questions about ZK-KYC, encrypted OFAC screening, accredited investor proofs, and regulator replay.
The user generates a ZK proof using the ProofOfKycAir STARK circuit. The circuit takes the user's KYC credential (issued by a verified identity provider) as a private witness and outputs a boolean attestation: "this person has passed KYC verification." The proof reveals nothing about the user's name, date of birth, address, or any other identifier. The proof is attested with H33-74 and can be independently verified by any party using the Verifier CLI.
The user's identity data is encrypted under BFV lattice-based FHE before it enters the screening pipeline. OFAC screening runs as an FHE inner product between the encrypted identity and encrypted watchlist entries. The computation returns an encrypted boolean -- match or no match -- without ever decrypting either the user's identity or the watchlist. The compliance officer receives a verified "not on watchlist" attestation without ever accessing the user's plaintext identity.
Yes. The user generates a ZK range proof that attests "net worth >= $1,000,000" (or the applicable threshold) without revealing the actual amount. The proof uses a STARK-based arithmetic circuit. The verifier learns only that the threshold is met. The proof is bound to the user's KYC attestation, preventing a wealthy person from lending their proof to an unverified person.
The jurisdiction proof uses a ZK circuit that takes the user's residence credential as a private witness and outputs the country code (e.g., "US", "DE", "JP") without revealing street address, city, state, or postal code. This is sufficient for jurisdiction-based compliance decisions -- sanctioned country checks, cross-border authorization, regulatory regime determination -- without creating a database of user addresses.
Yes. The entire compliance flow is captured in a session receipt. A regulator can replay the session using the H33 Verifier CLI: h33 replay session compliance.json --at "2026-05-01T00:00:00Z". The replay re-derives every intermediate hash and confirms that the compliance checks were performed correctly at the specified time. The regulator does not need the user's identity data. They verify the proofs, not the underlying personal information.
Run the ZK-KYC demo. Review the Solana Privacy deployment. Verify a compliance receipt. Every claim is backed by a system you can test.