Compliance Overview
Privacy and compliance are not at odds — Bermuda is built on the principle that both can coexist. The protocol includes a modular compliance framework that allows operators, regulators, and institutions to enforce rules without compromising user privacy.
Modular Compliance Layer
Bermuda's compliance system is designed as a pluggable module. Integrators can configure compliance policies to match their regulatory requirements, jurisdiction, and risk appetite — without modifying the core protocol.
This means different deployments can operate under different compliance regimes while sharing the same privacy infrastructure.
How It Works
Every shielded transaction passes through a compliance check before it is executed. All compliance checks are performed without exposing transaction details to third parties. Zero-knowledge proofs allow the system to verify that a transaction satisfies a rule without revealing the underlying data.
The Three Pillars
Bermuda's compliance framework operates across three stages:
- Pre-Shield Check — Screen deposits before they enter the pool, blocking illicit funds at the entry point.
- Retroactive Flagging — Flag transactions after the fact when new intelligence emerges, without requiring upfront surveillance.
- Withdrawal Proof (POI) — Generate cryptographic proof at withdrawal that your funds are not linked to flagged activity.
Each stage is covered in detail on its dedicated page.
For Integrators
If you are building on Bermuda and need to meet regulatory requirements, the compliance module gives you the tools to do so — without forcing your users to give up privacy. The framework supports KYC/AML workflows, jurisdiction-specific rules, and custom policies out of the box.