Cryptographic Privacy

Hybrid privacy architecture enabling homomorphic netting on encrypted values. Pedersen commitments, AES-256-SIV metadata encryption, Bulletproofs range proofs, and participant-sovereign data delegation with tiered view keys.

Privacy Architecture

The Settlement Computer implements a hybrid privacy architecture. Amounts are protected by Pedersen commitments (BN254) enabling homomorphic netting on encrypted values — the netting engine compresses obligations without ever seeing plaintext amounts. Metadata is encrypted with AES-256-SIV. Key distribution uses Shamir's Secret Sharing with a 3/4 threshold.

Amount Privacy
Pedersen commitments (BN254) — homomorphic, netting-compatible
Metadata Privacy
AES-256-SIV — deterministic authenticated encryption
Range Proofs
Bulletproofs — 70ms proving, no trusted setup
Key Distribution
Shamir's Secret Sharing (3/4 threshold active)
Key Derivation
HKDF for per-window and per-corridor key material
Corridor Privacy Levels
Level 0 (plaintext), Level 1 (AES-SIV), Level 2 (Pedersen + AES-SIV + proofs)

Tiered View Key Model

Five tiers of data access, from full visibility to aggregate-only. Each tier uses distinct cryptographic key material. Corridor privacy levels are configurable per corridor, enabling jurisdictions to set appropriate transparency requirements.

Governance
Master key — full visibility
Admin
Corridor key — all obligations
Participant
Own obligations + net positions
Delegate
Scoped, time-limited, revocable
Observer
Aggregate statistics only

Participant-Sovereign Delegation

Participants control who sees their data. Delegation is granular, time-limited, revocable, and produces an immutable on-chain audit trail.

Delegation Model

  • grantViewAccess — granular scope, expiry, revocable
  • revokeViewAccess — instant, on-chain
  • Scopes: ALL, CORRIDOR, COUNTERPARTY, TIME_RANGE
  • On-chain audit trail (DelegateDataAccessed event)
  • canGenerateProofs flag for proof delegation

Designed For

  • Regulators and central bank supervisors
  • External auditors and compliance officers
  • Correspondent banking partners
  • Insurers and credit assessors
  • Legal and dispute resolution

Post-Quantum Authentication

ML-DSA (FIPS 204) deployed via cloudflare/circl — real post-quantum signatures, not simulated. This provides harvest-now-decrypt-later protection for all settlement transactions.

Algorithm
ML-DSA (CRYSTALS-Dilithium, FIPS 204)
Modes
ML-DSA-44, ML-DSA-65, ML-DSA-87
Implementation
cloudflare/circl — production library
Hybrid Mode
Dilithium + ECDSA available for transition

Patent Coverage

The privacy and post-quantum architecture is covered by PROV-005 (49 claims) — the most defensible patent in the portfolio with very high Alice defence and no prior art in any netting system.

PROV-005 · 64/032,665
Privacy + PQ Crypto (49 claims)
Alice Defence
Very high — technical architecture leads, not financial concepts

Privacy specifications under NDA

Detailed cryptographic specifications, key management protocols, and integration guides are available for qualified institutional participants and regulators.

Request Access