LogoLogo
  • Introduction
    • Whitepaper (Preface)
    • Investors
  • HINKAL WALLET
    • Features
    • Step-by-step Guide
      • Connecting to Hinkal
      • Password-Protected Accounts
      • Minting your Access Token
      • Depositing
        • Receive Tokens to Shielded Address
      • Swapping Assets
      • Providing Liquidity (on Curve Pools)
      • Providing Liquidity (on Pendle)
      • Staking (on Convex)
      • Staking (on Lido)
      • Staking (on Beefy)
      • Yield-Trading (on Pendle)
      • Withdrawing (to a public address)
      • Importing Any Token
      • Viewing your Shielded Address and Balance
      • Viewing your Allocations and Transactions History (Analytics Dashboard)
      • Hinkal Lords Program and Rewards
        • How to Earn Hinkal Points
        • How to Participate in Hinkal's LP Program
        • How to Participate in Hinkal's Referral Program
        • How to View your Rewards History
    • Compliance
    • Costs Breakdown
    • Hinkal Points
      • Rebates
        • LP Program
        • Referral Program
        • Eligibility
      • Eligibility
    • Anonymity Staking
  • Developers
    • Hinkal SDK
    • Smart Contract Addresses
  • ECOSYSTEM
    • Supported Chains
    • Supported Wallets
    • Integrity Check Providers
    • Media Kit
  • TECHNICAL DESCRIPTION
    • Overview
    • Setup
      • Keys and Shielded Addresses
      • Nullifiers & Commitments
    • Smart Contracts
      • Hinkal Pools and External Actions
      • Interest Accruing Tokens and Accounting
      • Unexpected Relay Costs Accounting - Stealth Addresses
      • Extensibility with Hooks
    • Integrity Check & Security
      • Access Tokens and User Authentication
    • Transactions
      • Deposits & Withdrawals
      • Swaps
      • Staking & Yield Farming/Trading
      • Transfers
    • Staking and hTokens
    • Risks
  • FAQ
Powered by GitBook
On this page

Last updated 3 months ago

To mitigate smart contract risks, Hinkal has integrated three pillars of security:

1) Audits: , , and

2) Real-Time Protection and wallet screening:

3) Bug Bounties:

To ensure no illicit parties can access the protocol, Hinkal users are required to pass an integrity check.

Access token

Before using Hinkal’s functions, all users must obtain an "Access Token". Currently, users are required to mint an ‘Access token’ per chain.

When a user connects their wallet, Hinkal checks if they already have the ‘Access Token’ in that same wallet - meaning they have already passed the integrity check.

  • If the user has already completed their verification through one of our verification partners, no additional verification is required - the user can mint their "Access Token" and use Hinkal’s functions as normal.

  • If no token is detected in the user’s wallet, then the only buttons available are for minting one, by going through the verification process provided by our partners. This process is as follows:

Verification flow

  1. Hinkal checks if the user has a (BABt), , or soulbound tokens from in the connected wallet.

  2. If one of the above tokens is detected, the user does not need to pass the integrity check again, they can directly mint the ‘Access Token’.

  3. If the user does not have one of the above tokens, they need to provide an attestation from their preferred verification partners among the supported options. Currently, Hinkal supports reusable attestations (for multiple wallets) from . Alternatively, users can obtain attestations for their wallet through two major CEXs (, ) or partner protocols (, , and ) and get verified. The verification process takes <1 minute and when it is complete, the user can mint their ‘Access Token’. For a full list of Hinkal's verification options check .

Once the user's PII has been verified, all they have to do is very easily mint a non-transferable token (the ‘Access Token’) that confirms they provided a KYC(B) attestation.

Upon minting the ‘Access Token’, users are then eligible to deposit funds into the smart contract.

  • Access token
  • Verification flow
PreviousExtensibility with HooksNextAccess Tokens and User Authentication
  1. TECHNICAL DESCRIPTION

Integrity Check & Security

zkSecurity
Zokyo
Quantstamp
Secure3
Hexagate
Immunefi
Binance Account Bound Token
Galxe Passport
zkMe
Authento
Coinbase
Binance
zkMe
Galxe
AiPrise
here