Treasury Urged to Endorse ‘Privacy-Preserving’ Tech for Digital-Asset Sanctions Compliance

To comply with sanctions, consulting firm Stablecoin Solutions said, financial institutions should be allowed to use “negative zero-knowledge proofs,” a cryptographic protocol that allows one party to convince another party that something is true without conveying more information. In the digital-asset sector, this would allow financial intermediaries to prove that a wallet holder isn’t on a sanctions list maintained by the Office of Foreign Assets Control or other government agencies, the firm said.

These negative zero-knowledge proofs also would show that the holder has passed know-your-customer (KYC) checks, and they do so “without revealing underlying identity attributes to the counterparty or blockchain,” said Stablecoin Solutions, a strategy firm for companies needing to comply with the Genius Act, in its public comments to Treasury that were due this month.

The company was responding to Treasury’s public comment notice in August on the Genius Act, which became law in July and is partly meant to prevent criminals, terror groups and others from using stablecoins to launder money, evade sanctions or finance terrorism (see 2508200026). Treasury especially sought feedback on “innovative” methods that banks and other financial institutions are using to detect illegal financial activity involving digital assets and to comply with sanctions.

Stablecoin Solutions said digital-assets companies face a “tension” in trying to comply with U.S. sanctions while also protecting the privacy of their customers and shielding against the “cybersecurity risks of exposing personal data unnecessarily.” The negative zero-knowledge proofs “provide a practical compromise and balance, enabling regulators to enforce sanctions and compliance requirements while allowing individuals to maintain strong privacy protections.”

The proofs work by allowing a regulated financial intermediary to issue a “verifiable credential” that's “cryptographically bound” to the user’s wallet key, which shows that the user has passed sanctions and KYC screening. “When initiating a transaction, the user generates a [zero-knowledge] proof that” shows “their credential is valid and unrevoked” and that “their identifiers are not members of the sanctions list,” Stablecoin Solutions said. “The proof is submitted alongside the transaction," where "it can be verified in milliseconds, without exposing the user’s identity or personally identifiable information.”

This method “directly” addresses Treasury’s “request for privacy-preserving compliance infrastructure,” the company said. The proofs “enable regulators and intermediaries to enforce sanctions and eligibility rules with mathematical guarantees, while reducing exposure of sensitive personal data and supporting responsible innovation under the GENIUS Act.”

The firm urged Treasury to “explicitly recognize zero-knowledge negativity proofs as a recommended design pattern for digital asset compliance in forthcoming guidance.”

Other public commenters working in the digital-asset industry also endorsed the use of zero-knowledge negativity proofs, including Wilcat Associates, a consulting firm; Sundial Mirage, a financial compliance technology firm; and Moneta Digital, a money-services business. Wilcast Associates said zero-knowledge proofs “enable compliance without revealing excess data,” and Sundial Mirage said the protocol, along with additional procedures, “satisfies the requirements of the GENIUS Act” and other U.S. regulations “while protecting user privacy.”

Moneta Digital said zero-knowledge proofs “allow issuers to prove assets are not linked to sanctioned addresses without exposing unnecessary personal information. This enhances auditability, since every unit of stablecoin can be tracked back to its issuance, providing a tamper-evident trail for forensic investigations.”