LogoLogo
  • Introduction
    • Whitepaper (Preface)
    • Investors
  • Community Pre-Sale
    • Overview
  • How to create a wallet
  • How to buy $HINK
  • HINKAL WALLET
    • Features
    • Hinkal Points
    • Points Eligibility
    • Compliance
  • Developers
    • Hinkal SDK
    • SDK Integration
    • Smart Contract Addresses
  • ECOSYSTEM
    • Supported Chains
    • Media Kit
  • TECHNICAL DESCRIPTION
    • Overview
    • Setup
      • Keys and Shielded Addresses
      • Nullifiers & Commitments
    • Smart Contracts
      • Unexpected Relay Costs Accounting - Stealth Addresses
      • Extensibility with Hooks
    • Compliance & Security
      • Access Tokens and User Authentication
    • Transactions
      • Deposits & Withdrawals
      • Swaps
      • Transfers
    • Risks
  • Anonymity Staking
  • FAQ
Powered by GitBook
On this page
  1. TECHNICAL DESCRIPTION

Compliance & Security

PreviousExtensibility with HooksNextAccess Tokens and User Authentication

Last updated 3 months ago

To mitigate smart contract risks, Hinkal has integrated three pillars of security:

1) Audits: , , and

2) Real-Time Protection and wallet screening:

3) Bug Bounties:

Verification

Only users with >$1k in assets must verify their complience through the following flow:

  1. Hinkal checks if the user has a (BABt), , or soulbound tokens from in the connected wallet. (If one of the above tokens is detected, the user is automatically verified)

  2. If the user does not have one of the above tokens, they must verify the ownership of a CEX account without revealing any data to Hinkal. This is enabled by protocol via zero-knowledge proofs. Users prove ownership by logging in to the CEX account and generating zk-proof, and then Hinkal accepts this proof as evidence that the user is not part of any sanction lists. Accepted attestations from exchanges are Binance, Coinbase, OKX, Gate, Kucoin, HTX, and MEXC.

  3. Alternatively, Hinkal supports reusable attestations from . Users can also obtain attestations through partner protocols (, , and ) and get verified. The verification process takes <1 minute.

Once the user's PII has been verified, they mint a non-transferable token with their first deposit (the ‘Access Token’) that confirms user's attestation.

zkSecurity
Zokyo
Quantstamp
Secure3
Hexagate
Immunefi
Binance Account Bound Token
Galxe Passport
zkMe
Reclaim
Authento
zkMe
Galxe
AiPrise