Why "Know Your Customer" Must Evolve to "Prove Your Claim"

Centralized KYC databases are honeypots for hackers, creating billions in liability and eroding trust. Users have no control over their leaked PII.

• ~$4.35M average cost of a data breach
• Zero recourse for users post-leak
• Compliance becomes a security liability

Protocols like Sismo and zkPass enable users to prove claims (e.g., citizenship, accredited status) without revealing underlying data.

• Selective disclosure via ZK proofs
• Portable identity across chains & apps
• Shifts liability from custodians to cryptographic truth

Manual document uploads, 3-day waits, and geographic blocks exclude ~1.7B unbanked adults and cripple DeFi composability.

• >90% drop-off in traditional KYC flows
• No interoperability between siloed compliance systems
• Blocks permissioned DeFi and RWAs

Frameworks like Ethereum Attestation Service (EAS) and Verax allow trusted issuers (e.g., governments, DAOs) to stamp verifiable claims on-chain.

• Composable credentials for any dApp
• Sybil-resistance for governance and airdrops
• Enables programmable compliance via smart contracts

A one-time KYC check is useless against real-time financial crime. Tornado Cash sanctions proved that static lists fail against evolving threats.

• Reactive, not proactive monitoring
• False positives block legitimate users
• Cannot track fund flows across protocols

Modular compliance layers like Chainalysis Oracle and TRM Labs APIs allow dApps to enforce dynamic rules based on real-time risk scores and graph analysis.

• Real-time sanction screening for transactions
• Risk-based tiers (e.g., limits for anonymous users)
• Enables compliant DeFi without sacrificing decentralization

Replaces national ID with a global, privacy-preserving biometric proof. It's the foundational claim of 'unique humanness' for sybil resistance.

• Key Benefit: Enables fair airdrops and governance with ~5M+ verified humans.
• Key Benefit: Decouples identity from location, enabling global permissionless access.

A public good for making any claim on-chain. It's the infrastructure layer for PYC, letting protocols define custom attestation schemas.

• Key Benefit: Schema Flexibility for credentials from credit scores to employment history.
• Key Benefit: Composable Data that apps like Optimism's Citizens' House and Gitcoin Passport can build on.

Traditional KYC creates walled gardens. Your verified identity at Exchange A is useless for a loan on Protocol B, forcing re-submission of sensitive data.

• Result: Fragmented User Experience and repeated privacy risk.
• Result: High Compliance Cost passed to users, blocking micro-transactions.

Solves attestation fragmentation by providing a shared registry across EVM L2s. Makes PYC credentials portable from Base to Arbitrum.

• Key Benefit: Network Effects - a claim made once is usable everywhere.
• Key Benefit: Auditability with on-chain provenance for every attestation.

The cryptographic engine for PYC. Lets you prove you're over 18 or accredited without revealing your birthdate or income.

• Key Benefit: Maximal Privacy - only the necessary claim is verified.
• Key Benefit: Selective Disclosure - share a credential with one party without making it public.

A practical PYC aggregator that scores your web3 footprint. Combines stamps from ENS, BrightID, and PoH into a single, scorable identity.

• Key Benefit: Sybil Resistance for quadratic funding, protecting $50M+ in grants.
• Key Benefit: Progressive Decentralization - users own and curate their credential portfolio.

Centralized KYC databases are honeypots for hackers and create siloed, non-transferable identities. This kills composability and user experience across protocols.\n- Data Breach Risk: Centralized storage of PII is a systemic liability.\n- Fragmented Identity: Passporting credentials between apps is impossible.

ZKPs allow users to prove claims (e.g., 'I am over 18', 'I am accredited') without revealing underlying data. This is the core primitive for privacy-preserving compliance.\n- Privacy-First: Prove eligibility without exposing your passport or SSN.\n- Composable Proofs: A single ZK credential can be reused across DeFi, gaming, and governance.

On-chain attestation protocols like Ethereum Attestation Service and Verax create a public, portable graph of verifiable claims. Builders can query this graph for permissioning.\n- Sovereign Data: Users own and control their attestations.\n- Developer Primitive: A universal API for trust and reputation, enabling novel use cases like undercollateralized lending.

The future is unbundled: specialized protocols for verification (e.g., Worldcoin for uniqueness), attestation (EAS), and revocation. Builders assemble these like Lego bricks.\n- Best-of-Breed: Choose the optimal verifier for each claim type (KYC, AML, accreditation).\n- Rapid Iteration: Swap out components without rebuilding your entire compliance flow.

On-chain proof enables global, standardized compliance. Users from any jurisdiction can prove they meet a protocol's requirements, moving beyond geographic gatekeeping.\n- Global User Base: Access is based on verifiable traits, not location.\n- Regulatory Clarity: Transparent, auditable proof trails satisfy regulators better than opaque KYC forms.

Traditional KYC is a $10B+ industry that adds friction. On-chain proof turns compliance into a competitive advantage through better UX and new financial primitives.\n- Monetizable Trust: Protocols can offer better terms (e.g., lower rates) to users with strong attestations.\n- Frictionless Onboarding: Users bring their verified identity with them, enabling one-click access to complex financial products.