Skip to main content

Compliance Overview

Privacy and compliance are not at odds — Bermuda is built on the principle that both can coexist. The protocol includes a modular compliance framework that allows operators, regulators, and institutions to enforce rules without compromising user privacy.

Modular Compliance Layer

Bermuda's compliance system is designed as a pluggable module. Integrators can configure compliance policies to match their regulatory requirements, jurisdiction, and risk appetite — without modifying the core protocol.

This means different deployments can operate under different compliance regimes while sharing the same privacy infrastructure.

How It Works

Bermuda applies compliance across three connected stages, each serving a different role in the lifecycle of shielded funds:

  1. Deposit authorization — Before public assets enter the pool, the depositing address is screened and the deposit is authorized through Predicate-backed attestations together with deposit-time compliance data. At this stage, the deposit is also associated with a randomly assigned deposit_id, which becomes the lineage handle used later in the compliance flow.
  2. Retroactive flagging — After deposit, the compliance engine can re-screen depositor addresses, map newly flagged addresses to their associated deposit_id values, and update the blacklist root used by withdrawals.
  3. Withdrawal enforcement — At exit, Bermuda checks the withdrawal against the current blacklist state. Compliant funds retain the private withdrawal path through a Proof of Innocence (POI), while blacklisted lineage is forced onto the public path.

This is what makes Bermuda retroactively compliant. A deposit may be admitted under one compliance state, while withdrawal is evaluated under a later one. If a depositor address is later flagged as blacklisted, the affected funds can be handled without rolling back the pool or forcing unrelated users to reveal their activity.

The Three Pillars

Bermuda's compliance framework operates across three stages:

  1. Pre-Shield Check — Screen and authorize deposits before they enter shielded state.
  2. Retroactive Flagging — Re-screen deposited addresses and update blacklist state when previously accepted depositors are later flagged.
  3. Withdrawal Checks — Prove at withdrawal that funds exclude blacklisted deposit_id lineage, preserving privacy for compliant funds.

Each stage is covered in detail on its dedicated page.

For Integrators

If you are building on Bermuda and need to meet regulatory requirements, the compliance module gives you the tools to do so — without forcing your users to give up privacy. The framework supports KYC/AML workflows, jurisdiction-specific rules, and custom policies out of the box.