# Panther Compliance

### TL;DR

* [Zone Managers](https://docs.pantherprotocol.io/docs/ecosystem/ecosystem-operators/zone-manager) determine what compliance looks like for their Zone/s
* The Protocol is agnostic as to which third-party [compliance provider/s](https://docs.pantherprotocol.io/docs/ecosystem/ecosystem-operators/compliance-providers) integrates
* The Protocol does not process user data; compliance providers do
* Transactional data can only be accessed by stakeholders with the correct keys

### Introduction

Considering the difficulties in developing a decentralized solution that preserves privacy and enables compliance, Panther designed an approach that utilizes three essential components: third-party [compliance provider](https://docs.pantherprotocol.io/docs/ecosystem/ecosystem-operators/compliance-providers) integrations, Panther [zAccounts](https://docs.pantherprotocol.io/docs/panther-core/panther-core/zaccount), and [Zones](https://docs.pantherprotocol.io/docs/panther-core/shielded-pool#shielded-pool-zones).

By leveraging the Protocol’s Zero-Knowledge characteristics, these elements collectively form a pathway to achieve compliance.

{% hint style="info" %}
Read about the [regulatory rationale](https://blog.pantherprotocol.io/enabling-compliance-while-preserving-privacy-panthers-compliance-integrations-explained/) for Panther integrating compliance tools.
{% endhint %}

Panther has built a system that retains neutrality by integrating compliance providers that accept multiple types of verification. These systems are called “multi-compliance vendors,” as they allow users to choose from a variety of compliance providers while retaining a decentralized approach.

<figure><img src="https://lh5.googleusercontent.com/q1lzVSQuKP3icSq1lPleSGHeSq6kH6a9FIe4mCLQHLqtiYjoZ0Sv_bBfZ5kXDNiLrRQX5-Sy62--1xWHf7AENvrVzFLm2tTCj0jVUh9V_P3QfP9yZHuPH7EwIVqDFNuo-0L9XG7TKC3WwBoPZrNyVNM" alt=""><figcaption><p>At mainnet beta, there will be just one verification level available for all users.</p></figcaption></figure>

For testnet, the Panther DAO was commissioned to select a [multi-compliance vendor](https://blog.pantherprotocol.io/panther-protocol-joins-forces-with-purefi-to-enable-compliance-in-prifi/) that aligns with its interests.

> Discussed in Panther’s [forum](https://forum.pantherprotocol.io/).

When integrating these providers, the following requirements are taken into consideration:

* Ability to blocklist Politically Exposed Persons (PEPs) or newly-flagged individuals based on unverified identities
* Blocklists for Externally Owned Accounts (EOAs), i.e. wallets
* Ability to create an “allowlist” to control entry to a Zone
* Preferably, the ability to have an on-chain verification list maintained through oracles/smart contracts
* Performing validations at deposit and withdrawal
* Optionally, allowing users to register multiple addresses. This is suggested so that users can break the on-chain link between their transactions by withdrawing and depositing from different addresses.
* Optionally, using a Zero-Knowledge proof to allow users to create new accounts once they have passed verification.

Panther Protocol allows compliance providers to process user data without the Protocol learning it: by proving a user’s ownership of their wallet and giving them a Zero-Knowledge proof that attests to the validity of their KYC statements. This allows users to access Panther but maintains the Protocol’s neutrality. The diagram below exemplifies this process:

<figure><img src="https://lh6.googleusercontent.com/y9VJ8dwL7xo2YnYNz5D8kBnl8ljSg7Eacd4_w7UbqCWcSO28PrdILH5z5W4dzOE6LWxl4FKd9TLsdCQjlDB7MUkiykSbQqyDLhoowoaK3HFD9xjOUv84VEIbsVjmJiuAP6Va3COJtFPNpY-KcEy_BW0" alt=""><figcaption><p>Panther’s flow for user verifications.</p></figcaption></figure>

### What next?

Not only do the compliance providers enable Zone Managers and users to demonstrate their transactional activity to regulators, but they also give the individual zAccount holder, the user, a high degree of control over what data they reveal to whom. Learn more about user reveals.


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://docs.pantherprotocol.io/docs/panther-core/compliance.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.