Blind Policy Enterprise Readiness
Enterprise readiness packet for Blind Policy Verification covering the live Groth16 proof package, SDK path, benchmark boundary, tamper verification, and the remaining gates for Solana on-chain verification, additional circuits, HSM/KMS, external audit, and Rust/Python SDKs.
Document context
Enterprise readiness packet only; it claims live Groth16 proof generation and verification, while explicitly marking Solana on-chain verification, PLONK/STARK/recursive proofs, HSM/KMS, external audit, and Rust/Python SDKs as required next gates rather than completed production claims.
Audience: Enterprise buyers, CTOs, auditors, security reviewers, protocol engineers, investors
Open raw fileBlind Policy Verification Enterprise Readiness
PrivateDAO Blind Policy Verification is a product line for proving that a private policy was satisfied without exposing the policy inputs, internal thresholds, formulas, or sensitive customer records.
What Is Live Now
| Capability | Status | Evidence |
|---|---|---|
| Groth16 proof generation | Live | The backend generates a witness, runs snarkjs groth16 prove, then verifies before issuing a receipt. |
| Groth16 verification | Live | /api/v1/proof-workflows/blind-policy/verify verifies the proof package and fails on tampering. |
| Public proof package | Live | Includes proof, public signals, verification key, verification key hash, policy commitment, and input commitment. |
| Tamper detection | Live | Any changed public proof package produces mismatch with original and recomputed hashes. |
| TypeScript SDK | Pilot-ready | packages/blind-policy-sdk provides a typed client for status, sample, prove, and verify. |
| Browser API console | Live | /developers/blind-policy-api lets a buyer test the flow from the browser. |
| Benchmarks | Local evidence | npm run benchmark:blind-policy measures package creation, hash recomputation, receipt verification, and Groth16 verification over the checked-in fixture. |
Truth Boundary
The current production claim is Groth16 Blind Policy Verification.
REFHE, Ika / Encrypt, and MagicBlock are currently commitment and provider-readiness lanes inside this product unless a separate provider receipt is attached. They must not be described as final funded Ika dWallet DKG, final 2PC-MPC signing, final REFHE execution, or final MagicBlock settlement inside Blind Policy Verification without separate evidence.
PLONK, STARK, recursive proofs, and Solana on-chain verification are not claimed as live in this product yet.
Enterprise Gaps To Close
| Enterprise requirement | Current status | Required next step |
|---|---|---|
| Solana on-chain verification | Not live | Build a Solana verifier program or verification-record program that stores proof commitments and verification result references. |
| Blind Compliance circuit | Not live | Add circuit template for compliance checks with private documents and public compliance claim. |
| Blind KYC circuit | Not live | Add circuit template for KYC provider result commitments without exposing identity attributes. |
| Treasury Limits circuit | Not live | Add circuit template proving spend limits were respected without exposing private treasury policy. |
| DAO Voting Rules circuit | Not live | Add circuit template proving voting eligibility/rule satisfaction without exposing voter intent. |
| Multi-policy proofs | Not live | Add aggregation layer that binds multiple policy commitments into one public proof package. |
| HSM/KMS key management | Not live | Add AWS KMS/HSM-backed signing/encryption boundaries for enterprise deployments. |
| External security audit | Not complete | Commission circuit and backend audit; publish scope, report, and remediation log. |
| Rust SDK | Not live | Implement typed Rust client for prove/verify and proof package parsing. |
| Python SDK | Not live | Implement typed Python client for prove/verify and audit workflow integration. |
| Public npm release | Not live | Publish @privatedao/blind-policy only after registry, versioning, and support policy are ready. |
Customer Integration Path
- Call
GET /api/v1/proof-workflows/blind-policy/statusto confirm live proof status. - Call
GET /api/v1/proof-workflows/blind-policy/samplefor a safe payload. - Call
POST /api/v1/proof-workflows/blind-policy/provewith private inputs. - Store the returned public proof package.
- Call
POST /api/v1/proof-workflows/blind-policy/verifywith the public package. - If any public package field changes, verification returns mismatch with original and recomputed hashes.
Architecture
Client
|
Private Data
|
Blind Policy
|
Groth16 Circuit
|
Proof Package
|
Public VerificationBenchmarks
Run:
npm run benchmark:blind-policyThe current benchmark measures package creation, hash recomputation, receipt verification, and Groth16 verification over the checked-in proof fixture. It does not measure full witness generation.
Related next docs
Operational brief for DAO-controlled micropayment batches, showing how approved policy becomes batched stablecoin settlement with judge-visible runtime proof and telemetry continuity.
Shortest reviewer path across live proof, V3 hardening, trust links, and launch boundary surfaces.
Generated reviewer-visible route into telemetry, hosted reads, runtime evidence, indexed governance, and the infrastructure value layer behind PrivateDAO.