Confidential · Compliant · For regulated institutions only

Prove everything. Reveal nothing.

PROVA is a confidential, compliant treasury-vault for regulated institutions — built on a first-rank zero-knowledge stack: STARK-secured Starknet, settled to Ethereum, UltraHonk proofs verified on-chain. Your treasury stays sealed from the market and cryptographically provable clean to a regulator. Asset-agnostic by design — tokenized treasuries, yield-bearing wrappers, near any count-preserving token. Custody never leaves your keys.

Your book is sealed from —
front-running bots competitors' trading desks chain-analysis & flow-data vendors MEV searchers counterparties pricing against you never from the law — compliance is proven to it, on-chain ✓
Every claim on this page settles to a public transaction. The vault is live on Starknet Sepolia — open the contracts, read the getters, re-run the adversarial checks yourself.
310 contract tests
23 circuit tests
111 E2E cycles settled

Deposit → hold → withdraw, live

Two views of one vault. Only one of them can read it.

Below is a working model of the PROVA vault, computed right now in your browser. Deposit seals an amount into a note — only its commitment reaches the chain. Withdraw proves the note and releases funds without ever linking exit to entry. Switch to the chain observer to see exactly what a competitor sees.

Merkle root computing…
— notes held
Your desk sees amounts, dates, status — and can act.
Compliance gate · contract-enforced
idle — every deposit and withdrawal below runs the same gates the contract enforces on-chain
Public nullifier feed — what exits look like on-chain
No withdrawals yet. When one settles, only a nullifier hash appears here — unlinkable to any commitment above.
SHA-256 in your browser, for illustration — the production vault commits with Poseidon-BN254 and verifies UltraHonk proofs inside the transaction. Verify the live vault → root consistent

The problem

A public chain shows your competitors everything. The usual fixes make it worse.

Why now · the cost of the status quo

Transparency is not neutral. On a public chain it is a standing tax on every position you hold.

The question is not whether confidentiality is nice to have. It is what a transparent, retrospective-compliance treasury already costs you — today, on every deposit, every exit, every audit cycle. Three costs, each of which compounds.

Cost 01 · information leakage

Your book is priced against you

A transparent ledger publishes size, timing and counterparties to anyone with a block explorer. Every large position becomes a signal — front-run by bots, faded by counterparties, mapped by chain-analysis desks. This is not a breach; it is the default behaviour of the chain. It shows up as worse fills and eroded edge on every move, and it scales with the size of your book.

Cost 02 · strict-liability sanctions risk

Detection cannot un-accept a dirty deposit

Sanctions liability is strict — intent is not a defence. Viewing keys and monitoring answer who may look at what already happened; they cannot stop tainted value from entering or leaving in the first place. Once a bad deposit settles, the exposure is booked. Detection is not prevention — and supervisors increasingly expect the latter, at the gate, not in the quarterly report.

Cost 03 · the window

Regulated capital is arriving on-chain — unsolved

Tokenized treasuries, money-market wrappers and institutional stablecoins are moving on-chain now. The piece still missing is a way to hold them that is confidential to the market and provable to the regulator at once. The desks that solve this first hold their positions without publishing them — while the rest are still choosing between disclosure and compliance.

Every day on a transparent vault is a day your strategy is public and your compliance is retrospective. PROVA closes both — at the gate, inside the same transaction.

What is PROVA

Seven deliberate choices — each removes a problem instead of adding a feature.

A regulated institution holds its on-chain treasury inside its own isolated vault — confidential from the market, provable to a regulator, never handed to a custodian. The design is defined by what it refuses as much as by what it does.

CHOICE 01

Confidential, not private

PROVA protects what and how much — balances, counterparties, flows — from external observers. It does not chase a large anonymity set hiding who participates. The threat model is the competitor and the front-running bot, not the state. That is the confidentiality a treasury needs — and the axis on which anonymity-set size is simply not the game.

CHOICE 02

Compliant

Every value-bearing path carries a zero-knowledge compliance check — OFAC non-membership and source-of-funds provenance — verified on-chain, inside the transaction. This is not a mixer.

CHOICE 03

Treasury-vault

Hold custody, not a trading account. The product is a vault assets rest in, not a venue they are actively traded through.

CHOICE 04

Yield-bearing assets

Yield accrues inside the asset — accruing-in-price wrappers, tokenized treasuries whose value rises in the token's own rate — so capital is not idle while held. No external contract call, no DeFi integration, no composability required.

CHOICE 05

Held-only

Deposit → hold → withdraw. No internal transfer graph, no swaps. The smallest sufficient surface — which is also the smallest surface to leak, and to audit.

CHOICE 06

No composability — by design

Wiring the held asset into external DeFi costs the confidentiality of amounts: swap sizes hit public AMM state — precisely the property the institution is paying to protect. PROVA declines that trade, because its client holds rather than trades.

CHOICE 07 — THE ONE THAT ADDS

With zkSoF — an affirmative proof of source of funds

Provenance from an approved association set, bound to a specific note. Six choices subtract risk; this one adds a property no blacklist can give: the proof attests where funds came from, not merely that an address is absent from a list — the question AML actually asks.

The protocol

Deposit. Hold. Withdraw.

STEP 01 — ENTRY, GATED

Deposit

Before any token moves, the contract enforces three checks: membership in your own whitelist, an OFAC non-membership proof bound to the caller's address, and a proof that the note's commitment opens to exactly the deposited amount. A deposit claiming a different amount is structurally impossible.

STEP 02 — SEALED, EARNING

Hold

The note rests in your own vault. Yield accrues inside the asset itself — no DeFi calls, no rebalancing, no oracle. Balances, counterparties and flows are invisible to observers; only commitments touch the chain.

STEP 03 — EXIT, SOVEREIGN

Withdraw

A zero-knowledge proof — verified by the contract inside the transaction — authorizes exit. The nullifier prevents replay; the recipient is sanctions-screened in the same atomic transaction. Exit never waits on any third-party compliance service.

What defines the design

Three properties you can check in the contracts — not a brochure.

zkSoF · outside the money path

Affirmative source of funds

AML asks "prove the source of these funds." A blacklist answers only "not on this list." PROVA's zkSoF is a positive proof that a note derives from an approved association set — and it runs as a parallel attestation, never as a withdrawal gate. Your money path never waits on a compliance operator.

Per-transaction disclosure

No standing audit key required

Prove a specific fact about a specific transaction when lawfully requested — liability assessed by knowledge at the time of the transaction, as in ordinary law. And where a client's supervisory relationship calls for viewing-key disclosure, it layers cleanly on top: disclosure is policy; prevention stays at the gate.

Sovereign by construction

Physical single-tenant isolation

Each client deploys and owns its own vault — a separate sovereign audit domain, not a logical partition in a commingled pool. No neighbour-reputation risk. The vendor holds no privileged key over a deployed instance: read owner on-chain and confirm it is yours.

Positioning in the Starknet stack

Prevention at the gate. Disclosure on request. Two layers of one compliance stack.

Starknet's ecosystem is building a viewing-key standard for confidential assets — and it answers a real need. PROVA does not compete with it: the two answer different questions, and a regulated institution needs both answered.

"Who may look at what happened?"
Disclosure — the viewing-key layer

An auditor or supervisor granted a key can read flows after the fact. This is the right tool for audit and supervisory relationships — accountability for what has already settled. PROVA composes with it: a client that adopts the ecosystem's viewing-key standard simply layers it on top of its vault, as policy.

"What may pass at all?"
Prevention — PROVA's gate layer

Before value moves, the contract itself enforces an OFAC non-membership proof on the depositor at entry and on the recipient at exit, plus an affirmative zkSoF provenance proof per note. This is what makes an institution certain that sanctioned value neither enters nor exits — a guarantee no amount of after-the-fact viewing can provide, because visibility cannot un-accept a dirty deposit.

Disclosure is a policy an institution chooses. Prevention is a property the contract enforces. PROVA adds the layer the stack was missing — and composes with the one it has.

The trust boundary

What PROVA proves — and what it does not.

Stated plainly · no asterisks
Proven, on a public network
That the vault verifies both money-path proofs on-chain — deposit amount-binding and withdrawal. That a borrowed-address proof, a fabricated sanctions root, and a replayed nullifier each revert. That the full deposit→withdraw cycle has settled 111 automated runs with deterministic, bit-identical gas. Every claim maps to a transaction you can open.
Not claimed — yet
Mainnet operation and live yield-bearing assets are go-to-market scope, not a current claim: today's vault runs on Sepolia against a mock ERC-20 standing in for the production asset. PROVA is a pre-market MVP, and this page will never say otherwise.

The difference between PROVA and a pitch deck is that PROVA's claims come with transaction hashes.

Trust transferred from a name to a proof.

The vault is non-custodial and trust-minimized: PROVA never holds the asset and holds no privileged key over a deployed instance. Confidentiality rests on a zero-knowledge proof verified on-chain — not on trust in a hardware enclave, and not on trust in the vendor. A reviewer does not have to trust the founder's reputation: they read the source-verified contracts and re-run the adversarial checks themselves.

The capital here is verifiability, not a custodian's brand — don't trust, verify, applied to the business model, not only to the code.

Pure infrastructure: no token, no protocol fees, no custody. Each licensed institution deploys and owns its own vault, verifier, and compliance policy — B2B annual licensing.

Diligence · for the buying committee

The questions a compliance officer, a GC and a CIO each ask first.

Circulate this to your committee. Every answer below maps to a contract you can read or a property you can verify on-chain — not a promise, and not a claim this page can't back with a transaction hash.

Compliance & Legal
"Isn't this a mixer? What about the Tornado Cash precedent?"
No — and the distinction is structural, not cosmetic. A mixer pools strangers' funds into a shared anonymity set and removes compliance to buy privacy. PROVA is the inverse on every axis: each client holds a single-tenant vault of its own funds — there is no anonymity set of strangers to join — and sanctions screening is enforced by the contract as a precondition of every entry and exit. PROVA does not strip compliance to add privacy; it makes compliance the gate that privacy passes through. Confidential from the market, with the sanctions boundary proven to the regulator on-chain.
CIO & Procurement
"You're an early vendor. What happens to our vault if you're gone?"
It keeps running, untouched — because you own it, not us. Each vault is deployed under your owner key; read owner on-chain and confirm it is yours. The vendor holds no privileged key, and cannot pause it, rotate your roots, or move your funds — not by policy, by construction. Contracts are source-verified and MIT-licensed, so your engineers and auditors hold everything needed to operate and review the instance independently of whether the vendor exists. Vendor-continuity risk — the usual blocker for infrastructure from a young company — is engineered out, not underwritten.
Compliance & Legal
"What's the regulatory basis? Has a regulator blessed this?"
PROVA is infrastructure, not a legal opinion, and this page makes no claim of regulatory endorsement. What it does is align the technical control with the obligation you already carry: screen sanctioned counterparties, evidence source of funds, and disclose specific facts when lawfully compelled. Prevention sits at the gate; disclosure is per-transaction and composes with any supervisory viewing-key relationship your regulator expects. You bring the compliance policy and the jurisdiction; the contract enforces it cryptographically.
CISO & Auditors
"Has the code been audited? Why should we trust the cryptography?"
Trust is placed in verification, not in our word. The stack ships with 310 contract tests and 23 circuit tests, plus an adversarial attacker-model exercised on a public network — a borrowed-address proof, a fabricated sanctions root and a replayed nullifier each revert, with transaction hashes to open. Stated plainly: PROVA is a pre-market MVP, and a full external audit by a specialist firm is a declared gate before mainnet and live assets — not something claimed as already done. During a pilot your own team is invited to run the adversarial checks and review the circuits directly.

The right next step is not a signature — it is a pilot where your own engineers verify every claim on this page against your own instance.

On-chain, today

Don't trust the vendor. Read the chain.

The canonical M5 stack on Starknet Sepolia. Every wiring claim — which verifier the vault calls, which binding the compliance module routes to, which roots are registered — is confirmed by reading the deployed contracts' getters, and the adversarial checks are reproducible by any reviewer. All contracts open-source (MIT).

circuitsNoir · depth 20 · BN254 verifierGaraga UltraHonk Cairoedition 2024_07 contractsOpenZeppelin tests310 snforge · 23 nargo E2E111 automated runs networkStarknet Sepolia on-chain proof verificationlive on Sepolia
PrivacyVault M5 Canonical vault · amount-binding, dup-commitment rejection, two-step ownership
Withdrawal verifier Garaga UltraHonk · called inline by withdraw
Deposit verifier Amount-binding circuit · called by pre_prove_deposit
ComplianceModule Gates deposit caller and withdraw recipient
OFAC root binding Sanctions root from the real Treasury SDN list · 24h timelock
0x0547b836…3b5629e1source-verified
OFAC UltraHonk verifier Recipient-binding VK — a borrowed proof reverts
0x02dd5890…c2dfe77source-verified
SoF root binding Association root = the vault's live Merkle root, bit-identical
SoF UltraHonk verifier Depth-20 source-of-funds circuit
0x005a3732…6e8aa073source-verified
Adversarial verification — attacker model, exercised on-chain
Honest proof, correct recipient — the system must accept
Borrowed-address proof — someone else's clearance, your exit
REVERTED · addr mismatch
Fabricated sanctions root — the empty-list attack
REVERTED · in verifier core
Replayed nullifier — spending the same note twice
REVERTED · already spent
577.6M
l2_gas per deposit — bit-for-bit identical across the automated run series. Deterministic, not estimated.
~785M
l2_gas per withdraw, including full UltraHonk proof verification inside the transaction.
111 / 111
automated deposit→withdraw cycles settled with status SUCCESS — each with a pre-flight root self-check before spending gas.

Who holds what

Treasury & finance desks

Hold on-chain without publishing your book.

Positions, denominations and counterparties stay sealed from competitors and front-running bots while yield accrues inside the asset — no DeFi wiring, no oracle, no rebalancing. Custody never leaves your keys: the vendor cannot pause your vault, rotate your roots, or move your funds. Not "agrees not to" — is technically unable to.

Compliance & legal

Certain at the gate. Accountable on request.

Sanctions screening enforced on both entry and exit — so dirty value can neither come in nor go out — an affirmative source-of-funds attestation for every note, and disclosure measured in single transactions, proven in zero knowledge when lawfully requested. Your compliance policy, your whitelist, your audit domain — with the ecosystem's viewing-key standard available on top where your supervisor expects it.

Noir circuits · BN254 Barretenberg UltraHonk Garaga on-chain verification Cairo · OpenZeppelin Starknet · settled to Ethereum No token. No fee. No custody.

Licensing

Annual licenses. You own the vault — we never can.

PROVA is infrastructure, not a custodian. Each licensee deploys and owns its own vault, verifiers and compliance policy — the owner key is yours, verifiable on-chain. We never hold your assets, your keys, or a privileged key over your deployment.

Pilot

Annual license · pricing on request
  • Single-tenant vault deployment on testnet
  • Full circuit set: withdrawal, OFAC, zkSoF, amount-binding
  • Compliance policy workshop — whitelist & association sets
  • Direct engineering support
Start a pilot

Standard

Annual license · pricing on request
  • Production deployment — owner key handed to you
  • Sanctions-root update service behind your 24h timelock
  • Association-set indexer & attestation tooling
  • Adversarial acceptance run on your own instance
Talk to us

Enterprise

Annual license · pricing on request
  • Multi-vault estates, custom compliance predicates
  • Legal-team integration & SLA
  • Dedicated circuit review with your auditors
  • Jurisdiction-specific disclosure support
Talk to us

Pilots run in weeks, not quarters

The treasury you seal today is the position nobody front-runs tomorrow.

Write to us with your asset, jurisdiction and compliance profile — we answer with a deployment plan and the contracts to verify before you sign anything.

[email protected]