Confidential · Compliant · For regulated institutions only

Prove everything. Reveal nothing.

PROVA is a confidential, compliant treasury-vault for regulated institutions — built on a first-rank zero-knowledge stack: STARK-secured Starknet, settled to Ethereum, UltraHonk proofs verified on-chain. Your treasury stays sealed from the market and cryptographically provable clean to a regulator. Asset-agnostic by design — tokenized treasuries, yield-bearing wrappers, near any count-preserving token. Custody never leaves your keys.

Your book is sealed from —
front-running bots competitors' trading desks chain-analysis & flow-data vendors MEV searchers counterparties pricing against you never from the law — compliance is proven to it, on-chain ✓
Every claim on this page settles to a public transaction. The vault is live on Starknet Sepolia — open the contracts, read the getters, re-run the adversarial checks yourself.
310 contract tests
23 circuit tests
111 E2E cycles settled

Deposit → hold → withdraw, live

Two views of one vault. Only one of them can read it.

Below is a working model of the PROVA vault, computed right now in your browser. Deposit seals an amount into a note — only its commitment reaches the chain. Withdraw proves the note and releases funds without ever linking exit to entry. Switch to the chain observer to see exactly what a competitor sees.

Merkle root computing…
— notes held
Your desk sees amounts, dates, status — and can act.
Compliance gate · contract-enforced
idle — every deposit and withdrawal below runs the same gates the contract enforces on-chain
Public nullifier feed — what exits look like on-chain
No withdrawals yet. When one settles, only a nullifier hash appears here — unlinkable to any commitment above.
SHA-256 in your browser, for illustration — the production vault commits with Poseidon-BN254 and verifies UltraHonk proofs inside the transaction. Verify the live vault → root consistent

The problem

A public chain shows your competitors everything. The usual fixes make it worse.

What is PROVA

Seven deliberate choices — each removes a problem instead of adding a feature.

A regulated institution holds its on-chain treasury inside its own isolated vault — confidential from the market, provable to a regulator, never handed to a custodian. The design is defined by what it refuses as much as by what it does.

CHOICE 01

Confidential, not private

PROVA protects what and how much — balances, counterparties, flows — from external observers. It does not chase a large anonymity set hiding who participates. The threat model is the competitor and the front-running bot, not the state. That is the confidentiality a treasury needs — and the axis on which anonymity-set size is simply not the game.

CHOICE 02

Compliant

Every value-bearing path carries a zero-knowledge compliance check — OFAC non-membership and source-of-funds provenance — verified on-chain, inside the transaction. This is not a mixer.

CHOICE 03

Treasury-vault

Hold custody, not a trading account. The product is a vault assets rest in, not a venue they are actively traded through.

CHOICE 04

Yield-bearing assets

Yield accrues inside the asset — accruing-in-price wrappers, tokenized treasuries whose value rises in the token's own rate — so capital is not idle while held. No external contract call, no DeFi integration, no composability required.

CHOICE 05

Held-only

Deposit → hold → withdraw. No internal transfer graph, no swaps. The smallest sufficient surface — which is also the smallest surface to leak, and to audit.

CHOICE 06

No composability — by design

Wiring the held asset into external DeFi costs the confidentiality of amounts: swap sizes hit public AMM state — precisely the property the institution is paying to protect. PROVA declines that trade, because its client holds rather than trades.

CHOICE 07 — THE ONE THAT ADDS

With zkSoF — an affirmative proof of source of funds

Provenance from an approved association set, bound to a specific note. Six choices subtract risk; this one adds a property no blacklist can give: the proof attests where funds came from, not merely that an address is absent from a list — the question AML actually asks.

The protocol

Deposit. Hold. Withdraw.

STEP 01 — ENTRY, GATED

Deposit

Before any token moves, the contract enforces three checks: membership in your own whitelist, an OFAC non-membership proof bound to the caller's address, and a proof that the note's commitment opens to exactly the deposited amount. A deposit claiming a different amount is structurally impossible.

STEP 02 — SEALED, EARNING

Hold

The note rests in your own vault. Yield accrues inside the asset itself — no DeFi calls, no rebalancing, no oracle. Balances, counterparties and flows are invisible to observers; only commitments touch the chain.

STEP 03 — EXIT, SOVEREIGN

Withdraw

A zero-knowledge proof — verified by the contract inside the transaction — authorizes exit. The nullifier prevents replay; the recipient is sanctions-screened in the same atomic transaction. Exit never waits on any third-party compliance service.

What defines the design

Three properties you can check in the contracts — not a brochure.

zkSoF · outside the money path

Affirmative source of funds

AML asks "prove the source of these funds." A blacklist answers only "not on this list." PROVA's zkSoF is a positive proof that a note derives from an approved association set — and it runs as a parallel attestation, never as a withdrawal gate. Your money path never waits on a compliance operator.

Per-transaction disclosure

No standing audit key required

Prove a specific fact about a specific transaction when lawfully requested — liability assessed by knowledge at the time of the transaction, as in ordinary law. And where a client's supervisory relationship calls for viewing-key disclosure, it layers cleanly on top: disclosure is policy; prevention stays at the gate.

Sovereign by construction

Physical single-tenant isolation

Each client deploys and owns its own vault — a separate sovereign audit domain, not a logical partition in a commingled pool. No neighbour-reputation risk. The vendor holds no privileged key over a deployed instance: read owner on-chain and confirm it is yours.

Positioning in the Starknet stack

Prevention at the gate. Disclosure on request. Two layers of one compliance stack.

Starknet's ecosystem is building a viewing-key standard for confidential assets — and it answers a real need. PROVA does not compete with it: the two answer different questions, and a regulated institution needs both answered.

"Who may look at what happened?"
Disclosure — the viewing-key layer

An auditor or supervisor granted a key can read flows after the fact. This is the right tool for audit and supervisory relationships — accountability for what has already settled. PROVA composes with it: a client that adopts the ecosystem's viewing-key standard simply layers it on top of its vault, as policy.

"What may pass at all?"
Prevention — PROVA's gate layer

Before value moves, the contract itself enforces an OFAC non-membership proof on the depositor at entry and on the recipient at exit, plus an affirmative zkSoF provenance proof per note. This is what makes an institution certain that sanctioned value neither enters nor exits — a guarantee no amount of after-the-fact viewing can provide, because visibility cannot un-accept a dirty deposit.

Disclosure is a policy an institution chooses. Prevention is a property the contract enforces. PROVA adds the layer the stack was missing — and composes with the one it has.

The trust boundary

What PROVA proves — and what it does not.

Stated plainly · no asterisks
Proven, on a public network
That the vault verifies both money-path proofs on-chain — deposit amount-binding and withdrawal. That a borrowed-address proof, a fabricated sanctions root, and a replayed nullifier each revert. That the full deposit→withdraw cycle has settled 111 automated runs with deterministic, bit-identical gas. Every claim maps to a transaction you can open.
Not claimed — yet
Mainnet operation and live yield-bearing assets are go-to-market scope, not a current claim: today's vault runs on Sepolia against a mock ERC-20 standing in for the production asset. PROVA is a pre-market MVP, and this page will never say otherwise.

The difference between PROVA and a pitch deck is that PROVA's claims come with transaction hashes.

Trust transferred from a name to a proof.

The vault is non-custodial and trust-minimized: PROVA never holds the asset and holds no privileged key over a deployed instance. Confidentiality rests on a zero-knowledge proof verified on-chain — not on trust in a hardware enclave, and not on trust in the vendor. A reviewer does not have to trust the founder's reputation: they read the source-verified contracts and re-run the adversarial checks themselves.

The capital here is verifiability, not a custodian's brand — don't trust, verify, applied to the business model, not only to the code.

Pure infrastructure: no token, no protocol fees, no custody. Each licensed institution deploys and owns its own vault, verifier, and compliance policy — B2B annual licensing.

On-chain, today

Don't trust the vendor. Read the chain.

The canonical M5 stack on Starknet Sepolia. Every wiring claim — which verifier the vault calls, which binding the compliance module routes to, which roots are registered — is confirmed by reading the deployed contracts' getters, and the adversarial checks are reproducible by any reviewer. All contracts open-source (MIT).

circuitsNoir · depth 20 · BN254 verifierGaraga UltraHonk Cairoedition 2024_07 contractsOpenZeppelin tests310 snforge · 23 nargo E2E111 automated runs networkStarknet Sepolia on-chain proof verificationlive on Sepolia
PrivacyVault M5 Canonical vault · amount-binding, dup-commitment rejection, two-step ownership
Withdrawal verifier Garaga UltraHonk · called inline by withdraw
Deposit verifier Amount-binding circuit · called by pre_prove_deposit
ComplianceModule Gates deposit caller and withdraw recipient
OFAC root binding Sanctions root from the real Treasury SDN list · 24h timelock
0x0547b836…3b5629e1source-verified
OFAC UltraHonk verifier Recipient-binding VK — a borrowed proof reverts
0x02dd5890…c2dfe77source-verified
SoF root binding Association root = the vault's live Merkle root, bit-identical
SoF UltraHonk verifier Depth-20 source-of-funds circuit
0x005a3732…6e8aa073source-verified
Adversarial verification — attacker model, exercised on-chain
Honest proof, correct recipient — the system must accept
Borrowed-address proof — someone else's clearance, your exit
REVERTED · addr mismatch
Fabricated sanctions root — the empty-list attack
REVERTED · in verifier core
Replayed nullifier — spending the same note twice
REVERTED · already spent
577.6M
l2_gas per deposit — bit-for-bit identical across the automated run series. Deterministic, not estimated.
~785M
l2_gas per withdraw, including full UltraHonk proof verification inside the transaction.
111 / 111
automated deposit→withdraw cycles settled with status SUCCESS — each with a pre-flight root self-check before spending gas.

Who holds what

Treasury & finance desks

Hold on-chain without publishing your book.

Positions, denominations and counterparties stay sealed from competitors and front-running bots while yield accrues inside the asset — no DeFi wiring, no oracle, no rebalancing. Custody never leaves your keys: the vendor cannot pause your vault, rotate your roots, or move your funds. Not "agrees not to" — is technically unable to.

Compliance & legal

Certain at the gate. Accountable on request.

Sanctions screening enforced on both entry and exit — so dirty value can neither come in nor go out — an affirmative source-of-funds attestation for every note, and disclosure measured in single transactions, proven in zero knowledge when lawfully requested. Your compliance policy, your whitelist, your audit domain — with the ecosystem's viewing-key standard available on top where your supervisor expects it.

Noir circuits · BN254 Barretenberg UltraHonk Garaga on-chain verification Cairo · OpenZeppelin Starknet · settled to Ethereum No token. No fee. No custody.

Licensing

Annual licenses. You own the vault — we never can.

PROVA is infrastructure, not a custodian. Each licensee deploys and owns its own vault, verifiers and compliance policy — the owner key is yours, verifiable on-chain. We never hold your assets, your keys, or a privileged key over your deployment.

Pilot

Annual license · pricing on request
  • Single-tenant vault deployment on testnet
  • Full circuit set: withdrawal, OFAC, zkSoF, amount-binding
  • Compliance policy workshop — whitelist & association sets
  • Direct engineering support
Start a pilot

Standard

Annual license · pricing on request
  • Production deployment — owner key handed to you
  • Sanctions-root update service behind your 24h timelock
  • Association-set indexer & attestation tooling
  • Adversarial acceptance run on your own instance
Talk to us

Enterprise

Annual license · pricing on request
  • Multi-vault estates, custom compliance predicates
  • Legal-team integration & SLA
  • Dedicated circuit review with your auditors
  • Jurisdiction-specific disclosure support
Talk to us

Pilots run in weeks, not quarters

The treasury you seal today is the position nobody front-runs tomorrow.

Write to us with your asset, jurisdiction and compliance profile — we answer with a deployment plan and the contracts to verify before you sign anything.

pilot@zkprova.xyz