Why Selective Disclosure is the Non-Negotiable Feature for RWA DIDs

Global data privacy laws make full on-chain identity a legal liability. Selective disclosure is the only architecture that enables compliance without sacrificing blockchain's core benefits.

• Data Minimization: Prove specific claims (e.g., accredited investor status) without exposing full KYC documents.
• Right to Erasure: Zero-knowledge proofs allow data to be verified, not stored, sidestepping the 'immutable ledger vs. right to be forgotten' paradox.

TradFi institutions require compartmentalization. A DID that leaks all credentials is a non-starter for managing multi-billion dollar portfolios.

• Compartmentalized Risk: A credential for a bond trade is separate from one for a real estate deal, limiting blast radius.
• Competitive Secrecy: Proving solvency to a counterparty without revealing total AUM to the entire market is a basic business requirement.

Monolithic identity silos every application. Selective disclosure enables credential reuse across chains and protocols, turning identity into a composable primitive.

• Portable Reputation: A credit score from Goldfinch can be used to underwrite a loan on Maple without exposing the underlying data.
• Cross-Chain Legos: A verified entity on Polygon can interact with Avalanche and Arbitrum via shared, minimal proof standards like W3C VCs.

Current on-chain identity (e.g., full KYC soulbound tokens) forces you to expose your entire legal identity to every counterparty, violating compliance and creating liability. This is a deal-breaker for regulated assets.

• Compliance Nightmare: Sharing full KYC with a DEX violates data minimization laws like GDPR.
• Counterparty Risk: Exposing your full legal entity to every potential trader is a massive security liability.
• Friction: Manual, off-chain verification for every new interaction kills composability.

Uses Iden3 protocol and Circom ZK circuits to allow users to prove claims (e.g., 'I am accredited', 'I am >18') without revealing the underlying document. The verifier only gets a cryptographic proof.

• Regulatory Alignment: Enables data minimization by design, aligning with GDPR and other privacy frameworks.
• Chain-Agnostic Proofs: Verifiable Credentials (VCs) can be used across any EVM chain, not just Polygon.
• Developer SDKs: Provides tooling for issuers (governments, banks) and verifiers (DeFi protocols) to integrate.

Selective disclosure combines W3C Verifiable Credentials (tamper-proof, issuer-signed data) with Zero-Knowledge Proofs (ZKPs) to prove specific attributes. This creates a portable, private identity layer.

• Minimal Disclosure: Prove you are 'accredited in jurisdiction X' without revealing name or net worth.
• Interoperability: Standards-based approach allows credentials from TradFi (e.g., a bank) to be used in DeFi.
• Audit Trail: All disclosures are cryptographically logged, creating a perfect compliance record.

A public good attestation registry built on Linea, allowing any protocol to issue, store, and query verifiable credentials. Solves the fragmented attestation landscape.

• Shared Truth: Prevents siloed, incompatible KYC systems across RWA platforms.
• Cost Efficiency: ~90% cheaper attestation storage versus each protocol building its own system.
• Composability: An attestation issued for a treasury bond can be reused for a private credit pool, unlocking network effects.

Uses ZK proofs of membership to allow users to aggregate credentials from multiple sources (e.g., GitHub, ENS, PoAP) into a single, provable 'badge' without linking their accounts.

• Reputation Aggregation: Prove you're a 'top 100 DeFi user' by combining on-chain history from 10 wallets.
• Sybil Resistance: Enables privacy-preserving governance and airdrops by proving group membership.
• User-Centric: Users hold their ZK Badges in a non-custodial vault, controlling all disclosures.

Selective disclosure transforms DIDs from a privacy feature into the core business enabler for tokenized assets. It rebuilds TradFi's granular access controls on-chain.

• Institutional Onboarding: Banks can participate in DeFi while meeting strict KYC/AML audit requirements.
• Programmable Compliance: Rules like 'US-only investors' or 'accredited only' become automated, trustless smart contract conditions.
• Market Expansion: Enables private credit, real estate, and private equity funds to tokenize, targeting a $10T+ addressable market.

Publishing a full DID document for an RWA (e.g., a bond or property deed) creates an immutable, public record of all associated legal entities and attributes. This is a compliance nightmare.

• Exposes Beneficial Ownership to competitors and adversaries.
• Creates Permanent GDPR Violations for embedded PII.
• Forces manual, off-chain verification for every transaction, negating automation benefits.

DIDs for RWAs rely on oracles (e.g., Chainlink, Pyth) to attest to off-chain facts. A monolithic DID reveals all attestation sources, creating a single point of failure and manipulation.

• Attacker knows all verifiers to compromise.
• Data correlation across attributes deanonymizes the asset.
• Undermines trust models like EigenLayer AVS, which rely on specific, verifiable claims.

Protocols like LayerZero and Wormhole enable cross-chain messaging, but a full DID document broadcast across chains amplifies privacy leaks and creates jurisdictional arbitrage issues.

• Privacy laws differ by chain/region (EU vs. non-EU chains).
• Full-state bridges become data leakage vectors.
• Fragments the legal standing of the asset across incompatible regulatory views.

DeFi protocols (Aave, Compound) and intent-based systems (UniswapX) require specific proofs, not full identity. A monolithic DID forces them to parse and trust unnecessary data, increasing gas and complexity.

• ~$50+ gas overhead for parsing irrelevant credential fields.
• Smart contract logic bloats to handle unused data structures.
• Creates friction for automated RWA pools and lending markets.

On-chain data is permanent. If a sensitive attribute (e.g., a serial number, auditor's identity) in a full DID is compromised, it cannot be revoked or amended without creating a new, fractured identity for the asset.

• Zero recourse for leaked commercial secrets.
• Breaks provenance trails by forcing new DID issuance.
• Contradicts real-world legal processes for document amendment.

Investors need to verify specific claims (lien status, insurance). A full DID either hides everything (useless) or reveals everything (dangerous). Selective disclosure is the only way to provide auditable, minimal proofs.

• Due diligence becomes all-or-nothing.
• Impossible to prove a negative (e.g., no encumbrances) without revealing full state.
• Hinders adoption by traditional finance entities requiring precise audit trails.

Full KYC data dumps create massive liability silos and user friction, blocking composability across protocols like Centrifuge, Ondo Finance, and Maple.\n- Single-point-of-failure risk for sensitive PII\n- No granularity for tiered access (e.g., accredited investor proof vs. full identity)\n- Manual re-verification kills UX for cross-protocol DeFi actions

ZK proofs allow a user to prove a claim (e.g., "I am accredited", "I am >18") without revealing the underlying document. This aligns with frameworks like W3C Verifiable Credentials and Polygon ID.\n- Minimal disclosure: Prove only what's required\n- Portable & reusable: Credential issued once, used across any compliant dApp\n- On-chain verifiable: Enables smart contract gating (e.g., Aave Arc)

Selective disclosure is the gateway for institutional capital. Funds and custodians like Goldman Sachs and Fidelity require compliant, auditable access controls that pure anonymity cannot provide.\n- Enables permissioned pools alongside public DeFi liquidity\n- Audit trails for regulators without exposing individual data\n- Critical for securities, loans, and funds tokenization

Implement ZK proofs for specific, high-value permissions first. Look at zkPass for private KYC or Sismo for ZK badges. The stack is: Issuer -> ZK Proof -> Verifier (Smart Contract).\n- MVP: Gate a liquidity pool with an "accredited US investor" proof\n- Composability: Proof can be reused for a lending vault on Maple\n- Tech Stack: Circom/Halo2 for circuits, IPFS/Ceramic for credential storage

Evaluate RWA projects by their identity architecture. The winning stack will separate the credential issuer (regulated entity) from the verifier (permissionless protocol).\n- Red Flag: Projects storing raw KYC on-chain or in a central DB\n- Green Flag: Using zkSNARKs/STARKs for proofs, open verifier contracts\n- Key Metric: Time-to-verify for a new financial attribute

Selective disclosure evolves RWA DIDs from a compliance checkbox to a user-centric primitive. This mirrors the intent-centric shift seen in UniswapX and Across Protocol.\n- User owns & curates their financial identity across chains\n- Dynamic credentials for real-world events (e.g., salary paid, credit score updated)\n- Foundation for decentralized credit markets and underwriting