Compliance
Creating a Secure Crypto Environment
Hinkal’s infrastructure is engineered to provide the highest degree of confidentiality without compromising the regulatory or audit obligations of institutional users.
1. Protocol-Level Integrity (KYT)
To maintain a "clean" environment for institutional flows, Hinkal employs proactive compliance mechanisms:
Smart-Contract KYT: Real-time integration with Chainalysis screens all interacting addresses. High-risk or illicit addresses are blocked from the shielded pool at the protocol level.
Isolated Compliance Sets: This ensures that legitimate institutional assets are never commingled with tainted funds, preserving the integrity of the privacy set.
Post-Deposit Enforcement: If an address is flagged after a deposit, its private execution rights are revoked; the only permitted action is a public withdrawal back to the original source.
2. Selective Disclosure & Auditability
Privacy in Hinkal is controllable, not absolute. Institutions retain full transparency for internal or regulatory purposes:
Viewing Keys: Each user/institution controls a private viewing key that can be shared with auditors, counterparties, or regulators to reveal specific transaction histories.
Granular Reveals: Hinkal supports partial disclosure, allowing users to verify specific transactions or business relationships without exposing their entire on-chain balance sheet.
3. Verified Privacy (zkTLS & Proof of Ownership)
For high-value operations—those exceeding $1,000—Hinkal utilizes zkTLS to verify the origin of funds:
CEX Account Verification: Users can prove ownership of a Centralized Exchange (CEX) account to validate the legitimacy of their capital.
Zero Data Retention: The verification is performed entirely in private; no user credentials, personal data, or session information is ever stored by Hinkal or recorded on-chain.
Hinkal does not require KYC. Deposits up to $1k do not require any verification, and deposits above are verified via zkTLS. zkTKS is not KYC.
Users with >$1k in assets should verify the ownership of CEX accounts without revealing any data to Hinkal. This is enabled by Reclaim protocol via zero-knowledge proofs. Users prove ownership by logging in to the CEX account and generating a zk-proof, and then Hinkal accepts this proof as evidence that the user is not part of any sanction lists. Accepted attestations from exchanges are Binance, Coinbase, OKX, Gate, KuCoin, HTX, and MEXC.
Additionally, users can vefity compliance via various partner protocols, such as zkMe, Binance (Binance Account Bound token), Coinbase (Coinbase EAS), Galxe Passport, AiPrise, or Authento.
Hinkal also uses Hexagate to run checks on interacting wallets. Every time a user attempts to enter the Hinkal Shielded Pool, Hexagate runs an instantaneous background check. It scans the source wallet against global sanctions lists, known exploit databases, and high-risk behavior patterns.
All these solutions keep the user's personal information private.
Using Reclaim (zk-TLS)
Reclaim protocol enables users to verify the ownership of CEX accounts without revealing any data to Hinkal.
Select Reclaim from the Integrity Check providers and select the desired CEX.
Scan the QR code with your mobile phone's camera
Proceed with the instructions in the pop-up on your mobile phone (download Reclaim app if you don't already have it)
Log in to your CEX account via Reclaim's app
Wait for verification to process. This can take a few minutes.
Once the ZK-proof verifies your CEX ownership, you're all set!
Last updated