GeroWallet - ZkFIat: The Future of Confidential Compliance

[GENERAL] Name and surname of main applicant

Adam Cazes

[GENERAL] Are you delivering this project as an individual or as an entity (whether formally incorporated or not)

Entity (Incorporated)

[GENERAL] Please specify how many months you expect your project to last (from 2-12 months)

12

[GENERAL] Please indicate if your proposal has been auto-translated into English from another language

No

[GENERAL] Summarize your solution to the problem (200-character limit including spaces)

zkFiat is a system using ZKP that enables users to comply with regulations without revealing personal data, preserving privacy and fostering blockchain adoption.

[GENERAL] Does your project have any dependencies on other organizations, technical or otherwise?

No

[GENERAL] If YES, please describe what the dependency is and why you believe it is essential for your project’s delivery. If NO, please write “No dependencies.”

No dependencies.

[GENERAL] Will your project’s output/s be fully open source?

No

[GENERAL] Please provide here more information on the open source status of your project outputs

Our project's outputs will not be fully open source. The primary reason is the nature of our integration with a European bank, which involves handling sensitive financial data, proprietary APIs, and strict compliance with the bank's DevSecOps and security policies. Releasing the code publicly could potentially expose vulnerabilities or sensitive information related to user authentication and financial transactions.

We are obligated to maintain confidentiality to protect user data and adhere to regulatory requirements imposed by the banking industry. These regulations necessitate that certain aspects of the codebase, especially those dealing with security protocols and proprietary bank integrations, remain closed source to ensure the safety and integrity of the financial systems involved.

While we support the open-source community and the benefits it brings, in this case, prioritizing user security and compliance with legal obligations takes precedence. We are committed to transparency where possible and will consider open-sourcing non-sensitive components of the project in the future if it does not compromise security or violate any agreements with our banking partner.

[METADATA] Horizons

Financial Services

[SOLUTION] Please describe your proposed solution

zkFiat is unique because it harmonizes regulatory compliance with user privacy without centralizing user data. By ensuring that only users hold all their personal information, we eliminate single points of failure and reduce the risk of data breaches. We are already working with a European bank, which demonstrates the practical applicability and effectiveness of our solution in real-world financial systems. Our solution leverages zero-knowledge proofs within the Cardano blockchain, making it a pioneering approach in privacy-preserving compliance.

Described Solution

zkFiat introduces a decentralized mechanism where only the user holds all necessary information for compliance. No single entity has complete access to user data, preserving privacy while ensuring compliance.

• User:
• Receives a KYC proof from the bank.
• Obtains a unique User ID from the bank.
• Receives a Bank ID from Gero.
• Holds all the information securely.
• Wallet:
• Does not have access to KYC information and cannot verify the proof.
• Receives the User ID from the bank.
• Generates a Bank ID corresponding to the User ID.
• Bank:
• Holds KYC information securely.
• Cannot verify the proof independently.
• Does not know that the User ID and Bank ID are related.

If the user is verified, the transaction is created and can then be signed by the user. This decentralized knowledge approach keeps information secure and private, enabling seamless, compliant transactions without revealing personal data to the bank.

This architecture ensures:

• Enhanced Privacy: Users comply with regulations without disclosing personal information.

• Regulatory Compliance: Financial institutions process transactions confidently, meeting compliance standards without handling sensitive data.

• Decentralization: Eliminates single points of failure or data breaches.

[IMPACT] Please define the positive impact your project will have on the wider Cardano community

Prototype Development and Testing: Creating a functional prototype that showcases the effectiveness of zkFiat in real-world scenarios.

User Adoption Metrics: Tracking the number of users and transactions processed using zkFiat.

Partnerships with Financial Institutions: Establishing collaborations to validate the practicality and compliance of our solution.

Community Feedback: Engaging with the Cardano community for continuous improvement based on user experiences and suggestions.

Who Will Benefit and Why This Is Important to Cardano

Users: Gain the ability to transact securely and privately, complying with regulations without sacrificing confidentiality.

Financial Institutions: Can process compliant transactions confidently without the burden of handling sensitive personal data.

Cardano Ecosystem: Enhances its value proposition by offering advanced privacy solutions, attracting more users and institutions, and fostering innovation.

[CAPABILITY & FEASIBILITY] What is your capability to deliver your project with high levels of trust and accountability? How do you intend to validate if your approach is feasible?

Gerowallet recently won Cardano's first Hackathon hosted by NMKR in Berlin with zkFiat demonstrating a proof of concept of this idea.

Our team comprises experienced professionals with a proven track record in blockchain development, financial integrations, and security compliance.

We are in the final milestone of Cardano Shield, a fund10 project which is a wallet security addon.

We successfully led multiple blockchain projects from inception to deployment, ensuring they meet deadlines and compliance requirements. Our UX is known to be user-friendly interfaces for fintech applications, enhancing user adoption and satisfaction.

Satchel, founded in 2018, is one of Europe's fastest-growing digital banking providers offering fast, reliable, and cost-effective payment processing solutions. With 8 Billion EUR turnover in 2023, regulated by the National Bank of Lithuania (LB000448) and authorized to operate across the EU. Satchel operates its own cryptocurrency exchange & OTC desk Kaiserex.

Committed to personalized service, it offers European IBAN accounts, SEPA and SWIFT payment processing, Mastercard-powered payment cards.

[PROJECT MILESTONES] What are the key milestones you need to achieve in order to complete your project successfully?

Team Assembly and Landscape Analysis (Required)

Timeframe: Month 1

Milestone Outputs

• Team Assembly:

• Recruit and onboard key team members with expertise in blockchain technology, zero-knowledge proofs, regulatory compliance, and financial services.

• Landscape Analysis:

• Conduct a comprehensive analysis of existing ZKP financial solutions.

• Identify best practices, challenges, and opportunities in the current market.

• Research Report:

• Compile findings into a detailed report to inform the design and development of zkFiat.

Acceptance Criteria

• All critical team roles are filled with qualified professionals.

• Identification of unique value propositions and differentiators for zkFiat based on the analysis.

• Development of a refined project plan incorporating insights from the research.

Evidence of Milestone Completion

• Team Profiles: Documentation of team members’ qualifications, roles, and responsibilities.

• Research Report: A detailed document summarizing the landscape analysis and its implications for zkFiat.

• Updated Project Plan: Revised roadmap and development plan reflecting research findings.

Technical Design and Prototype Planning (Required)

Timeframe: Months 2-4

Milestone Outputs

• Technical Architecture Design:

• Develop the technical specifications and architecture for zkFiat.

• Design the zero-knowledge proof protocols to be used.

• Compliance Framework:

• Define regulatory compliance requirements based on the landscape analysis.

• Establish protocols for KYC integration with banking partners.

• Prototype Planning:

• Create a detailed plan for prototype development, including timelines and resource allocation.

Acceptance Criteria

• Completion of technical design documents outlining the system architecture.

• Defined zero-knowledge proof methodologies suitable for zkFiat.

• Compliance framework established in consultation with legal experts.

• Prototype development plan finalized and ready for execution.

Evidence of Milestone Completion

• Technical Design Documents: Detailed specifications and architectural diagrams.

• Compliance Framework Documentation: Reports outlining regulatory requirements and compliance strategies.

• Prototype Development Plan: A comprehensive plan with timelines, milestones, and resource needs.

Prototype Development with Banking Partner

Timeframe: Months 5-8

Milestone Outputs

• Prototype Development:

• Develop a functional prototype integrating zero-knowledge proofs with Cardano wallets and the European banking partner.

• Integration Testing:

• Test the prototype for functionality, security, and compliance.

• User Interface Design:

• Create a user-friendly interface for the wallet and transaction processes.

Acceptance Criteria

• Prototype allows users to complete KYC with the bank, receive IDs, and initiate verified transactions without revealing personal data.

• Successful integration with the banking partner’s systems.

• Prototype passes initial functionality and security tests.

Evidence of Milestone Completion

• Demonstration Video: Showcasing the prototype’s functionality.

• Technical Documentation: Including code repositories.

Security Audits and Compliance Verification

Timeframe: Months 9-10

Milestone Outputs

• External Security Audits:

• Engage reputable cybersecurity firms to conduct comprehensive security assessments.

• Compliance Verification:

• Validate that the prototype meets all relevant regulatory standards.

• Issue Resolution:

• Address any vulnerabilities or compliance gaps identified during audits.

Acceptance Criteria

• All critical and high-severity security issues identified and resolved.

• Compliance certifications obtained or pending approval.

• Updated prototype reflecting security and compliance enhancements.

Evidence of Milestone Completion

• Security Audit Reports: Official documents from cybersecurity firms.

• Compliance Certificates: Proof of regulatory compliance.

• Issue Resolution Logs: Documentation of how identified issues were addressed.

Beta Testing and Community Engagement

Timeframe: Months 11-12

Milestone Outputs

• Beta Release:

• Launch a beta version of zkFiat for selected users and community members.

• Feedback Collection:

• Gather user feedback on functionality, usability, and performance.

• Community Engagement:

• Host webinars and forums to engage with users and developers.

Acceptance Criteria

• Beta version released and accessible to a defined group of users.

• Implementation plan developed for incorporating feedback into the final product.

Evidence of Milestone Completion

• Beta Access Links: Proof of beta release availability.

• Feedback Reports: Summaries of user feedback and suggested improvements.

Project Close-out Report and Video (Required)

Timeframe: Month 12

Milestone Outputs

Project Close-out Report:

• A comprehensive document summarizing the project’s achievements, challenges, and impact.
• Final Project Video:
• A professional video showcasing zkFiat’s capabilities, user benefits, and project journey.

Acceptance Criteria

• Report and video effectively communicate the project’s outcomes and are suitable for public dissemination.
• All project objectives and milestones are met or exceeded.

Evidence of Milestone Completion

• Submission of Report and Video: Provided to the Catalyst platform and shared with stakeholders.
• Public Announcements: Updates on official channels announcing project completion.

[RESOURCES] Who is in the project team and what are their roles?

Our project team consists of:

Lead Developer & Blockchain Developer

David Edri - https://www.linkedin.com/in/edridudi/

Over a decade of experience in full stack development

Project Manager & UX Designer

Adam Cazes - https://www.linkedin.com/in/adam-cazes-25241939/

Over a decade of experience in Customer Success, Solution Architect, Product & Project management

Bank Side to develop API endpoints

Recruit: ZKP Advisor, Fintech Advisor

[BUDGET & COSTS] Please provide a cost breakdown of the proposed work and resources

Development Costs – 70,000 ADA

Purpose: Salaries for developers, technical infrastructure, and user interface design.

Includes:

1. Lead Developer Salary: 25,000 ADA
2. Oversees all development activities, implements zero-knowledge proofs, and integrates with Cardano.
3. Supporting Developers: 30,000 ADA
4. Assists with coding, testing, and implementation of zkFiat features.
5. Development Tools and Infrastructure: 15,000 ADA
6. Covers servers, software licenses, development tools, and other technical resources.

Project Management – 15,000 ADA

Purpose: Oversee project timelines and team coordination.

Includes:

1. Project Manager Salary: 15,000 ADA
2. Manages project schedules, coordinates team efforts, and ensures milestone adherence.

Security Audits – 35,000 ADA

Purpose: Ensure system robustness and data protection.

Includes:

1. External Cybersecurity Firms: 30,000 ADA
2. Engages reputable firms to conduct comprehensive security assessments and penetration testing.
3. Compliance Verification: 5,000 ADA
4. Ensures adherence to data protection regulations and industry standards.

Legal and Compliance – 12,000 ADA

Purpose: Navigate financial regulations and ensure compliance.

Includes:

1. Legal Consultation Fees: 7,000 ADA
2. Hiring legal experts to navigate financial regulations and ensure the project complies with all relevant laws.
3. Documentation and Policy Development: 5,000 ADA
4. Creating terms of service, privacy policies, and user agreements.

Miscellaneous Expenses – 18,000 ADA

Purpose: Cover operational costs and unforeseen expenses.

Includes:

1. Operational Tools and Subscriptions: 8,000 ADA
2. Covers hosting services, communication tools, and other essential operational expenses.
3. Contingency Fund: 10,000 ADA
4. Reserved for unexpected costs or emergencies to ensure project continuity.

[VALUE FOR MONEY] How does the cost of the project represent value for money for the Cardano ecosystem?

zkFiat offers value for the Cardano ecosystem by resolving a crucial issue: aligning user privacy with regulatory compliance to boost blockchain adoption.

Our partnership with a European bank validates our approach and accelerates integration into traditional finance.

High Impact Solution: Addresses a critical barrier to blockchain adoption by harmonizing privacy with regulatory compliance, attracting both users and financial institutions.

Enhanced Security and Trust: Comprehensive security audits and collaboration with external cybersecurity firms ensure zkFiat is secure and trustworthy.

Accelerated Innovation and Adoption: Effective project management and partnership development drive rapid innovation and seamless integration into traditional finance, boosting Cardano’s utility.

Alignment with Cardano’s Principles: Promotes decentralization, transparency, and community engagement, reinforcing Cardano’s core values.

Efficient Resource Allocation: Focused budget ensures that funds are used effectively to achieve key milestones, with a contingency fund safeguarding against unforeseen expenses.