Panther Protocol Documentation
WebsiteBlogTwitterGovernance ForumVoting
  • šŸ“˜Start Here
    • Get Started
    • What is Panther?
    • Who is Panther for?
    • Realized vision and use cases
  • šŸ”©Panther Core
    • Testnet dApp
    • Mainnet Beta (Canary)
    • Panther Transactions
      • Shielded Pool
      • zAssets
      • zAccount
      • zTrade (OTC Trading)
    • Panther Compliance
      • User Reveals
        • History CSV Export
      • Forensic Reveals
  • 🌌Ecosystem
    • Ecosystem roles
      • Compliance Providers
      • Relayer
      • zMiner
        • Get Started
      • Zone Manager
        • Get Started
    • Fees & Rewards
  • āš™ļøInteroperability
    • DeFi Adaptors
      • zSwap
        • Economic optimization of swaps
    • Multi-chain
  • šŸ“šLEARN
    • Glossary
    • UTXOs
      • UTXO Model
      • UTXO Cryptography
      • Merkle Trees
    • āš—ļøCryptographic Primitives
      • ZK proofs
      • ZK SNARKs
        • Groth16
      • Homomorphic encryption
      • Hash functions
      • Poseidon
      • Other Privacy Enhancing Technologies (PETs) used by Panther
      • Elliptic curves
      • Pairings
    • šŸ”“Security Audits
    • šŸ¤Community
    • šŸ“šResources
  • Panther DAO
    • DAO and Decentralization
      • Governance Framework
    • Road to decentralization
      • Decentralization Tool
  • Changelog
    • Product versions
    • Oshiya
    • Panther Testnet
      • Stage 0
      • Stage 1
      • Stage 2
      • Stage 3
      • Stage 4
      • Stage 5
      • Stage 6
      • Stage 7
      • Stage 8
      • Mainnet Beta (Canary)
Powered by GitBook
On this page
  • TL;DR
  • Introduction
  • Stakeholders
Export as PDF
  1. Panther Core
  2. Panther Compliance

Forensic Reveals

Zone Manager led reveals

PreviousHistory CSV ExportNextEcosystem roles

Last updated 11 months ago

Status
Entrypoint

Concept

TL;DR

  • Each transaction results in an encrypted ā€œmessage to data escrowā€

  • The message is secured with an "ephemeral key", i.e. a unique key is created for every transaction

  • Only with the alignment of the stakeholders who hold cryptographic keys can the message be unpacked and the data revealed

Introduction

The Forensic Data Escrow (FDE) mechanism supports one-off/ad-hoc inquiries. This is in contrast to the data a Zone Manager may extract for ongoing/routine compliance procedures that are part of every transaction — the latter are supported by different mechanisms implemented in the protocol.

The routine Protocols are wip.

The FDE retains an encrypted record containing private data of a particular transaction in a . This mechanism does not require any spending keys, i.e., it can be used to deanonymize data but not to spend funds.

The Protocol prepares, verifies, and publishes a transaction record for every transaction. Decrypted FDE records provide transaction data such as:

  • Which zAccounts received funds

  • Which Zones the funds originate from and and were spent in

  • Whether the UTXO/s created by the investigated transaction have already been spent

  • Which transaction(s) initially created the queried UTXOs

Stakeholders

The FDE Operator’s key must be used to access FDE records. Either the Network FDE Assistant or the Zone FDE Assistant must comply to use this key.

Network FDE assistant

The Network FDE assistant (or the Zone FDE Assistant) role controls the FDE record key. This key is required to decrypt the FDE record; for a transaction in a specified Zone on a specified network and share this key with the FDE Operator.

FDE Operator

FDE Operator adds a layer of control over the Zone FDE Assistant’s key. The FDE Operator must comply and use their key to allow the Network FDE Assistant to decrypt a particular transaction on the designated network for the designated Zone.

The FDE Operator can’t open an FDE record with their Key alone (as they don’t control the FDE record key). Either the Network FDE Assistant or the Zone FDE Assistant should participate in the decryption process (providing the FDE record key).

On the other hand, neither the Network FDE Assistant nor the Zone FDE Assistant can decrypt any FDR without the FDE Operator (as they don't control the FDE Operator’s key).

šŸ”©
Shielded Pool
zAccount