# Compliance

Hinkal’s infrastructure is engineered to provide the highest degree of confidentiality without compromising the regulatory or audit obligations of institutional users.

#### 1. Protocol-Level Integrity (KYT)

To maintain a "clean" environment for institutional flows, Hinkal employs proactive compliance mechanisms:

* **Smart-Contract KYT**: Real-time integration with **Chainalysis** screens all interacting addresses. High-risk or illicit addresses are blocked from the shielded pool at the protocol level.
* **Isolated Compliance Sets**: This ensures that legitimate institutional assets are never commingled with tainted funds, preserving the integrity of the privacy set.
* **Post-Deposit Enforcement**: If an address is flagged after a deposit, its private execution rights are revoked; the only permitted action is a public withdrawal back to the original source.

#### 2. Selective Disclosure & Auditability

Privacy in Hinkal is **controllable**, not absolute. Institutions retain full transparency for internal or regulatory purposes:

* **Viewing Keys**: Each user/institution controls a private viewing key that can be shared with auditors, counterparties, or regulators to reveal specific transaction histories.
* **Granular Reveals**: Hinkal supports partial disclosure, allowing users to verify specific transactions or business relationships without exposing their entire on-chain balance sheet.

#### 3. Verified Privacy (zkTLS & Proof of Ownership)

For high-value operations—those exceeding **$10,000**—Hinkal utilizes **zkTLS** to verify the origin of funds:

* **CEX Account Verification**: Users can prove ownership of a Centralized Exchange (CEX) account to validate the legitimacy of their capital.
* **Zero Data Retention**: The verification is performed entirely in private; no user credentials, personal data, or session information is ever stored by Hinkal or recorded on-chain.

**Hinkal does not require KYC.** ***Deposits up to $10k do not require any verification, and deposits above are verified via zkTLS. zkTKS is not KYC.***  

Users with >$10k in assets should verify the ownership of CEX accounts without revealing any data to Hinkal. This is enabled by [Reclaim](https://www.reclaimprotocol.org/) protocol via zero-knowledge proofs. Users prove ownership by logging in to the CEX account and generating a zk-proof, and then Hinkal accepts this proof as evidence that the user is not part of any sanction lists.  Accepted attestations from exchanges are Binance, Coinbase, OKX, Gate, KuCoin, HTX, and MEXC.

Additionally, users can vefity compliance via various partner protocols, such as [zkMe](https://zk.me/) and [AiPrise](https://www.aiprise.com/).\
All these solutions keep the user's personal information private. 

<figure><img src="https://400260740-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2FUoGzqKrjqkoPsx76Zeb7%2Fuploads%2FJFeg5HrODDxs6a3DZkgf%2Fimage.png?alt=media&#x26;token=9d452f1e-f8c3-4cf0-ad5a-89bbc5e1ebfe" alt="" width="375"><figcaption></figcaption></figure>

### Using Reclaim (zk-TLS)

[Reclaim](https://www.reclaimprotocol.org/) protocol enables users to verify the ownership of CEX accounts without revealing any data to Hinkal.&#x20;

{% tabs %}
{% tab title="Step 1" %}
Select Reclaim from the Integrity Check providers and select the desired CEX.

<figure><img src="https://400260740-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2FUoGzqKrjqkoPsx76Zeb7%2Fuploads%2FmiKdHapw4g9zIPqeYTem%2Fimage.png?alt=media&#x26;token=12410889-a1e1-4bdb-b3a7-843825694016" alt="" width="375"><figcaption></figcaption></figure>
{% endtab %}

{% tab title="Step 2" %}
Scan the QR code with your mobile phone's camera

<figure><img src="https://400260740-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2FUoGzqKrjqkoPsx76Zeb7%2Fuploads%2FiYlwznBKXLArkK3eQvQP%2Fimage.png?alt=media&#x26;token=3b6e3736-a89f-49ed-b420-be167d4af66c" alt="" width="375"><figcaption></figcaption></figure>
{% endtab %}

{% tab title="Step 3" %}
Proceed with the instructions in the pop-up on your mobile phone (download Reclaim app if you don't already have it)

<figure><img src="https://400260740-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2FUoGzqKrjqkoPsx76Zeb7%2Fuploads%2FZcoPNhlrhDyErvsfqJd4%2Fimage.png?alt=media&#x26;token=dc59dbb0-6635-401a-acac-d2f7acb712df" alt="" width="375"><figcaption></figcaption></figure>
{% endtab %}

{% tab title="Step 4" %}
Log in to your CEX account via Reclaim's app

<figure><img src="https://400260740-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2FUoGzqKrjqkoPsx76Zeb7%2Fuploads%2FGXfaLb7k2QfzSJTy4PBV%2Fimage.png?alt=media&#x26;token=1c21d14c-a6f5-432b-a0db-8f5d5315898e" alt="" width="375"><figcaption></figcaption></figure>
{% endtab %}

{% tab title="Step 5" %}
Wait for verification to process. This can take a few minutes.

<figure><img src="https://400260740-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2FUoGzqKrjqkoPsx76Zeb7%2Fuploads%2F8b3ihVsCEh52aOGeIHJq%2Fimage.png?alt=media&#x26;token=09658c66-57eb-496f-8cea-a177bea2aef2" alt="" width="375"><figcaption></figcaption></figure>
{% endtab %}

{% tab title="Step 6" %}
Once the ZK-proof verifies your CEX ownership, you're all set!

<figure><img src="https://400260740-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2FUoGzqKrjqkoPsx76Zeb7%2Fuploads%2FOqqUZkNjSTlka2WH7rec%2Fimage.png?alt=media&#x26;token=6df959a2-1be8-40ae-8dec-5cb43aa58287" alt="" width="375"><figcaption></figcaption></figure>

<figure><img src="https://400260740-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2FUoGzqKrjqkoPsx76Zeb7%2Fuploads%2F8QYMUUqxBoaU0wlnWNiP%2Fimage.png?alt=media&#x26;token=4f314bc9-af55-47ae-a7e6-0c48fe02db52" alt="" width="375"><figcaption></figcaption></figure>
{% endtab %}
{% endtabs %}