AnchorShieldzk access layer
Stellar testnet Launch console

two gates, one primitive

Eligibility gates

One circuit and one credential root drive every gate. A gate is just a policy plus an on-chain action — add a new one without re-issuing a single credential. Two are live on testnet today.

shared primitive

Same circuit, different policy

Both gates use the same circuit and credential root. Each action produces its own proof, nullifier and action binding.

Bind a policy

Each gate pins a policy id and the attributes it requires: KYC, committed sanctions and revocation roots, age, investor type, jurisdiction, and corridor limits.

Verify the proof

The gate calls the shared verifier with the proof and public signals; the contract checks the frozen VK metadata, the credential root, root bindings, and the nullifier.

Release the action

Only on a valid, unused proof does the gate move value: a SAC transfer for payments, or a one-time action-bound SEP-57 mint authorization for assets.

gate 01

payment Travel-rule payment gate

Enforces travel-rule eligibility before value moves over a Stellar SAC — the sender proves they pass policy without revealing who they are.

What it proves

  • KYC verified by a trusted issuerproven
  • Sanctions and revocation roots matchproven
  • Within corridor & transaction limitproven
  • Bound to this exact action idproven
  • Sender identity & attributeshidden

Bound public signals

policy
202
action type
0
asset
9001
amount
250
recipient
7000001
action id
424242

Mechanism: prove in-browser → gate_payment.verify_and_pay verifies the Groth16 proof on-chain → the nullifier registry rejects replays → a real SAC transfer of 250 settles and emits PaymentApproved.

gate 02

RWA Regulated asset gate

Authorizes a regulated OpenZeppelin SEP-57 mint only after the holder proves an issuer-asserted accredited-investor tier and jurisdiction. The amount, recipient, token and terms hash are bound into the one-time mint authorization.

What it proves

  • Accredited investor tier (issuer-asserted)proven
  • Allowed jurisdictionproven
  • Meets minimum ageproven
  • Bound to this exact action idproven
  • Birthdate & document identityhidden

Bound public signals

policy
303
action type
1
asset
9101
amount
100
recipient
8000001
action id
515151

Mechanism: prove in-browser → identity_verifier.attest_for_mint verifies the proof on-chain and records a one-time authorization → the compliance adapter consumes it during the OpenZeppelin SEP-57 mint → 100 units mint and emit indexed approval events.

prove it yourself

Generate a proof against either gate

Run the in-browser prover and watch the same public signals settle on-chain.