policy

compliance

KIRITE is a non-custodial privacy protocol. Privacy is a legitimate civil need, but it is not a cover for sanctioned actors or the proceeds of crime. The operators of the KIRITE miniapp and relayer maintain an active screening program to keep the protocol unattractive to bad actors. This page is the description of that program.

1. sanctions screening

Both the Telegram miniapp and the relayer apply on-chain address checks against the U.S. Treasury OFAC Specially Designated Nationals (SDN) list, restricted to addresses tagged as Digital Currency Address - SOL. The list is refreshed weekly from the public OFAC source. Any deposit, withdraw, or stealth recipient that matches an SDN entry is rejected at submission time.

The screening is best-effort. It is not a substitute for a paid commercial oracle such as Chainalysis or TRM. We commit to upgrading the screening to such a feed before the protocol's monthly volume exceeds 1,000 SOL or the Solana ecosystem makes a free equivalent available, whichever comes first.

2. proceeds of theft

The operators maintain a supplementary block list of addresses publicly identified as the proceeds of major hacks, drainers, exploit egress, or sanctions-evasion clusters. When such a cluster is announced by a credible source (the affected protocol, ZachXBT, blockworks, or a reputable security firm), the addresses are added to the block list within 24 hours.

The block list is open. Anyone may propose additions by opening an issue at the project's public repository or by emailing report@kirite.dev. Each submission is reviewed for source quality before being merged.

3. emergency response

The on-chain program exposes a freeze_pool instruction. The pool authority can pause deposits and withdrawals from any pool while a serious investigation is underway. The freeze cannot move user funds, only halt new activity. This is a circuit breaker, not a backdoor.

The operators commit to triggering the freeze within 24 hours if a credible report identifies KIRITE as the active path of an ongoing exploit, sanctions-evasion attempt, or large-scale theft of user funds. A public notice will be posted on @KiriteDev with the rationale and the affected pool addresses.

4. reporting channel

To report suspected misuse of the protocol, send a message to report@kirite.dev. Useful information:

The Solana address you suspect is involved.
The deposit or withdraw transaction signature.
A link to the public source identifying the address (a hack announcement, a sanctions list, an exchange notice).

Reports are reviewed within 72 hours during normal operating weeks. Reports that include a verifiable public source are prioritized for the block list.

5. selective disclosure

Each KIRITE shielded note is bound to a stealth meta-address built from a public spend key and a public view key. A recipient may voluntarily share their view key with a counterparty (an auditor, a tax authority, an investigator under legal order) to prove the recipient balance and the originating notes without exposing future activity. The protocol does not require this disclosure, and the operators cannot perform it on a user's behalf.

6. what the operators do not do

The operators do not custody user funds. Smart-contract PDAs hold pool balances; the pool authority cannot move them.
The operators do not log IP addresses, browser fingerprints, or other off-chain identifiers tied to individual deposits.
The operators do not retain user notes. Note material (nullifier secret and blinding factor) is generated and stored entirely on the user's device.

7. updates to this policy

This compliance program is a living document. Material changes will be announced on @KiriteDev and reflected here.

contact

Misuse reports and policy questions: report@kirite.dev.