Compliance & Security

To mitigate smart contract risks, Hinkal has integrated three pillars of security:

1) Audits: zkSecurity, Zokyo, Quantstamp, Secure3, and Hexens

2) Real-Time Protection and wallet screening: Hexagate

3) Bug Bounties: Immunefi

Verification

Only users with >$1k in assets must verify their compliance through the following flow:

  1. Uses don't need to provide KYC, and if they have CEX account, they can just verify the ownership without sharing any data with Hinkal via zkTLS. This is enabled by Reclaim protocol via zero-knowledge proofs. Users prove ownership by logging in to the CEX account and generating zk-proof, and then Hinkal accepts this proof as evidence that the user is not part of any sanction lists. Accepted attestations from exchanges are Binance, Coinbase, OKX, Gate, Kucoin, HTX, and MEXC.

  2. Alternatively, Hinkal supports reusable attestations from zkMe, Galxe, AiPrise, Binance Account Bound Token (BABt), Galxe Passport, and Authento.

Once the user's PII has been verified, they mint a non-transferable token with their first deposit (the ‘Access Token’) that confirms user's attestation.

Last updated