Search papers, labs, and topics across Lattice.
The paper introduces a Selective Disclosure Framework called ZK-Compliance that uses zero-knowledge proofs to allow users to prove specific attributes for regulatory compliance without revealing underlying identity data. This framework implements a Grant, Verify, Revoke lifecycle, shifting the compliance model from permanent data disclosure to dynamic authorization. Evaluation demonstrates that client-side proof generation is efficient (under 200ms), suggesting a practical path to privacy-preserving compliance.
Regulatory compliance doesn't have to mean sacrificing user privacy: ZK-Compliance lets users prove eligibility on-chain without revealing their identity.
In decentralized web applications, users face an inherent conflict between public verifiability and personal privacy. To participate in regulated on-chain services, users must currently disclose sensitive identity documents to centralized intermediaries, permanently linking real-world identities to public transaction histories. This binary choice between total privacy loss or total exclusion strips users of agency and exposes them to persistent surveillance. In this work, we introduce a Selective Disclosure Framework designed to restore user sovereignty by decoupling eligibility verification from identity revelation. We present ZK-Compliance, a prototype that leverages browser-based zero-knowledge proofs to shift the interaction model, enabling users to prove specific attributes (e.g.,"I am over 18") locally without revealing the underlying data. We implement a user-governed Grant, Verify, Revoke lifecycle that transforms the user's mental model of compliance from a permanent data handover into a dynamic, revocable authorization session. Our evaluation shows that client-side proof generation takes under 200ms, enabling a seamless interactive experience on commodity hardware. This work provides early evidence that regulatory compliance need not come at the cost of user privacy or autonomy.
