ZK-KYC infrastructure
for regulated AI & crypto.
Verify that users meet compliance requirements without exposing or storing their personal data. Treza runs KYC checks inside hardware-isolated enclaves and emits cryptographic proofs your auditors can verify.
- User is verified
- Personal data stays private
- Cryptographic proof emitted
Verify the claim. Never see the data.
ZK-KYC verifies cryptographic claims about a user without collecting or storing the underlying PII.
Claims you can verify
Instead of collecting passports, addresses, and biometric data, ZK-KYC proves only what your application actually needs.
- The user passed KYC
- The user is over a required age
- The user is not on a sanctions list
- The user belongs to a specific jurisdiction
How a verification flows
Three steps from raw identity input to a yes/no decision your app can act on — without persisting any of the inputs.
- 01User submits data
Identity data is processed locally on the user's device.
- 02ZK proof generated
A cryptographic proof is created without exposing PII.
- 03Verification complete
Your application receives a yes/no compliance decision.
Why traditional KYC breaks down
Centralized PII databases create existential risk. As regulation tightens globally, the old model gets harder to justify.
Data exposure
PII is vulnerable during processing and storage.
Regulatory risk
Storing user data increases your compliance burden.
User trust
End users have no visibility into how their data is handled.
Operational risk
Breaches and leaks become existential events.
ZK-KYC inside a sealed enclave
Treza pairs zero-knowledge cryptography with confidential computing so KYC checks run in hardware your operators cannot see into.
Trusted Execution Environment
KYC logic runs inside an AWS Nitro Enclave. The host, the hypervisor, and the cloud operator are all outside the trust boundary.
- Encrypted memorySensitive inputs stay encrypted in memory throughout processing.
- Isolated executionCode runs in a hardware-isolated VM with no persistent storage.
- Zero provider accessEven cloud providers cannot read data inside the enclave.
Confidential execution
KYC logic runs inside the enclave; PII never leaves the protected environment.
Verifiable outcomes
Hardware attestations and ZK proofs let auditors and regulators verify the check ran correctly — without seeing the inputs.
For teams that can’t afford to be a data honeypot
Treza ZK-KYC is designed for products operating in regulated or high-trust environments — where holding PII is a liability.
Crypto launchpads & token issuers
Verify participants without collecting sensitive documents.
DeFi protocols
Add compliance requirements without compromising user privacy.
Fintech applications
Meet regulatory requirements with minimal data collection.
GDPR-compliant enterprises
Minimize data storage while maintaining compliance.
Regulatory-grade privacy infrastructure
We build infrastructure compliance teams, auditors, and institutions are willing to deploy — not experimental privacy tooling.
Our approach prioritizes
- Clear trust boundaries
- Minimal attack surface
- Audit-ready verification
- Infrastructure institutions are willing to deploy
We start with controlled, production-ready environments and expand from there — rather than decentralizing prematurely.
Built for institutional deployment
Verifiable privacy guarantees that compliance, legal, and security review will sign off on.
Bring your agent. We’ll design the runtime.
Tell us what your agent does (or should do). In 20 minutes we’ll sketch the runtime, the keys it needs, and what production looks like. No pitch deck.