Skip to main content

What it is

Proofs lets you share that a payment was screened and compliant — and that the payer’s risk score cleared your threshold — without revealing who the payer is or what they scored. A partner, counterparty, or regulator verifies the proof independently and learns the compliance decision, and nothing else. Most compliance tooling produces a signed claim that still carries the underlying data — which is both a disclosure problem and a liability. Proofs does the opposite: the payer reference is a content-addressed hash (never the cleartext), and the score sits behind a zero-knowledge range proof. The verifier confirms the decision was real; the data never leaves your side. It is self-contained and post-quantum signed: the compliance binding and proof envelope are bundled, the issuer signs with Falcon-1024, and you inject a range-proof service URL and your signing key. Verification needs only the proof and the issuer’s public key — no database, no shared infrastructure, no callback.

Zero-knowledge score proof

A Bulletproofs range proof attests that the payer’s score is above your threshold while keeping the score itself hidden. Prove the bar was cleared, reveal nothing more.

No PII, ever

The payer reference is a sha256 of the network and address — never the cleartext. A proof carries the compliance decision and the payment facts, and no personal data.

Composite binding

One post-quantum-signed envelope binds both the screen verdict and the score-threshold proof, so a single artifact attests the whole compliance decision.

Offline verification

Verify with only the proof and the issuer public key. Hand a partner the public key and they self-serve — no service to call, no data to exchange.

What you get

  • Compliance you can share without exposing data. Show a regulator or partner that a payer cleared screening and scored above your bar — not who they are or what they scored. The right primitive for the “prove it, but don’t hand over the customer’s data” problem.
  • Zero-knowledge depth. A real range proof over a hidden score, not a signed claim that still leaks the number. The score never appears in the proof.
  • Quantum-resistant attestations. Every proof is Falcon-1024 signed, so the auditable evidence stays verifiable past the migration to post-quantum cryptography.
  • Zero infrastructure for verifiers. Verification is a pure function of the proof and the issuer public key. A counterparty integrates it without standing up a service or holding any of your data.
  • Never fails open. If the proving service is unreachable, issuance returns an error rather than a hollow proof; an un-rechecked range proof is reported as unverified, never as a pass.
  • Optionally Substrate 2-bound. Pair a verified proof with a Substrate 2 receipt to fold it into a signed, audit-ready evidence chain alongside zero-knowledge reputation and cross-issuer federation.

How it works

StepWhat happens
IssueBuild a no-PII compliance receipt, obtain a zero-knowledge range proof that the score cleared the threshold, and bind both into one Falcon-1024-signed proof envelope.
VerifyCheck the issuer signature and structure from the public key; optionally re-check the range proof and confirm the compliance binding. No PII is ever present.
ShareHand the proof to a partner or regulator. They verify the decision independently — and learn nothing about the customer.

Cryptography

We’re precise about what “post-quantum” covers here:
  • The attestation is post-quantum signed. The issuer signs each proof envelope with Falcon-1024 (NIST Level 5), offline-verifiable — so a quantum computer cannot forge an attestation or prove a false result.
  • The zero-knowledge range proof is classical. The score is hidden with a Bulletproofs range proof on Ristretto255 (discrete-log based), which is not post-quantum. A future quantum computer could, in principle, recover a committed score from a captured proof — but not forge one (the envelope’s Falcon signature is post-quantum), and attestations are short-lived, so the exposure window is bounded.
  • Range-proof verification runs against the prover/verifier you inject, and the result is surfaced explicitly — never silently treated as valid when it can’t be checked.
  • Roadmap. A post-quantum zero-knowledge proof system will be adopted when one is standardised.

Why commercial

The issuer and verifier layer was never published as open source — there is no free tier to fall back on. It is offered as a commercial product because the value is in a maintained, privacy-preserving compliance capability:
  • Embed without attribution overhead. A commercial OEM licence lets you ship it inside your own product with no open-source notice obligations to carry through distribution.
  • Enterprise terms. Support, warranty, and a defined relationship — the terms procurement and risk teams expect for a compliance-critical dependency.
  • Maintained crypto suite. The zero-knowledge proving service and post-quantum primitives are ongoing work, bundled into the licence rather than inherited.

Who it’s for

  • Regulated PSPs and fintechs that must evidence compliance to a regulator or partner without exposing customer PII.
  • Privacy-sensitive marketplaces and B2B platforms that need to prove a counterparty cleared screening without sharing the underlying data.
  • Cross-border and inter-institution settlement that needs a portable, no-PII compliance proof across jurisdictions.
  • Anyone who needs to prove a compliance decision without disclosing the data behind it.

Get Proofs

Proofs is an additional, separately-licensed package — an add-on that binds to Substrate 2, not part of Substrate 2 itself. It is available self-serve as a Starter licence (see below) and as a commercial OEM SDK and is included in the AlgoVoi Enterprise and On-premise plans. It is not distributed on public package registries.

Buy Starter — $6,000

Starter licence — perpetual, self-hosted, paid in USDC on mainnet. The store issues your licence key + install command on settlement; install from the private index and set ALGOVOI_LICENSE_KEY to run. Enterprise / OEM (warranty, indemnity, SLA, multi-deployment, Substrate 2 binding): email us.