# Compliance #### Privacy at Hinkal is built on a foundation of integrity to ensure it remains a viable solution for regulated entities #### 1. KYT & Pool Integrity Hinkal enforces real-time screening at the smart contract level through integration with Chainalysis. Transactions involving sanctioned or illicit addresses are blocked before entering the confidential smart contract, preventing contamination and preserving smart contract integrity. *** #### 2. Selective Disclosure Hinkal uses a viewing key model that allows users to selectively disclose transaction history to auditors, regulators, or counterparties when required. This includes: * Full transaction history disclosure * Granular or partial selective disclosure (specific transactions or time ranges) Users remain in control of what is shared and with whom. *** #### 3. Front-End Compliance Controls (Hinkal Interface Only) When users interact through Hinkal-operated interfaces (e.g., pay.hinkal.io, Hinkal Wallet or the Hinkal Pay Enterprise Dashboard), additional access and compliance controls may apply. For high-value flows, Hinkal supports zkTLS-based verification. This enables privacy-preserving verification of exchange ownership without publicly exposing user data. The Hinkal Pay Enterprise Dashboard is a permissioned interface. Access is granted through enterprise credentials. *** #### Compliance Options for SDK Integrators Hinkal provides multiple integration models depending on the regulatory posture of the integrator. #### Option A — Integrator-Verified Compliance The integrator retains full compliance responsibility. * The integrator is added as an approved signer in Hinkal’s access control contract. * For each transaction initiated by their users, the integrator submits a signed attestation confirming compliance approval. * The signed message is included in the transaction calldata. In practice, most integrators already conduct KYC/KYB. This option allows them to reuse existing compliance processes. *** #### Option B — Optional Traceability Configuration For integrators seeking permissionless setup for thier users, Hinkal offers an optional traceability configuration that stores encrypted sender-recipient linkage data off-chain. * Hinkal operates as a permissionless protocol. * The sender-recipient mapping remains private and is never exposed on-chain. * Encrypted traceability records are maintained solely by Hinkal in its internal compliance database. * In the event of a lawful request from a relevant authority, Hinkal is able to provide a full transaction trace to support regulatory obligations. **How it works:** During shield and unshield transactions, the relayer observes the destination address. This allows Hinkal to securely record the sender-recipient link, ensuring traceability is available if needed — while preserving user privacy by default. *** #### Option C — zkTLS / KYC via Approved Partners For higher assurance use cases, Hinkal supports privacy-preserving identity verification flows via approved third-party providers. This enables: * CEX verification via Reclaim - no data is shared with Hinkal * Privacy-preserving KYC/B via zkMe All without exposing sharing user data with Hinkal. *** #### 4. Source of Funds Enforcement & Continuous Screening Hinkal enforces source-of-funds compliance directly at the protocol level through cryptographic guarantees. Every deposit into Hinkal is assigned a unique depositId, permanently linked to the depositor’s wallet address at the time of deposit. When a user initiates a private transfer or withdrawal, they must generate a zero-knowledge proof demonstrating that their funds are not associated with any depositId linked to a blacklisted address. This proof is verified against the current blacklist state, ensuring that compliance checks always reflect the most up-to-date sanctions and risk data.
This creates retroactive protection of the pool: * If a depositor address is flagged after funds have entered Hinkal, those funds immediately become ineligible for private transfers * The depositor can only withdraw publicly, back to the original Ethereum address tied to the depositId * This ensures the resulting transaction flow is fully traceable and auditable For all non-flagged users, privacy remains fully intact. The proof verifies legitimacy of funds without revealing identity, balances, or transaction history. As a result, any funds exiting Hinkal’s shielded pool can be treated as pre-verified against the latest compliance standards, providing strong assurances to centralized exchanges, DeFi protocols, and counterparties. *** #### 5. Continuous Re-Screening via Chainalysis Hinkal integrates directly with [Chainalysis](chatgpt://generic-entity?number=1) for continuous, real-time re-screening of depositor addresses. This means: * Depositor addresses are automatically re-evaluated as new intelligence, sanctions, or risk signals emerge * No reliance on static “point-in-time” checks at deposit * Compliance status of funds evolves in sync with global regulatory datasets