Domains · IPTF

Credentialed petitions, ballots, grievance filing, whistleblowing, repository-governance signals, and emergency broadcast where signer identity must stay private but the outcome must remain checkable.
Eligibility verifiability and outcome verifiability without exposing participant identity or creating retaliation surfaces; long-term unlinkability across petitions and over time.
Same credential-layer primitives as resilience identity, applied to civic action: the credential issuer can disappear or turn adversarial, and verification cannot depend on any operator staying cooperative.

Wallet ops/KMS/HSM, freeze/blacklist controls, segregation, recovery, post-trade hooks.
Governed regulator access (view keys / proofs) and evidence logging.

Price feeds, ISO/SWIFT messages, disclosure anchors, proofs of reserves, compliance attestations, and oracle trust models.
Resilience uses: trusted facts during crisis, local attestations, property and identity evidence, public verification without exposing the underlying source data.
Bind settlement to signed facts; anchor commitments/roots for audit.

Asset lifecycle: issuance, transfers, registry linkages, portfolio moves for private funds, bonds, RWAs, collateral, treasury assets, and asset servicing.
Public-sector and NGO claims: entitlements, vouchers, permits, beneficiary rights, post-crisis records that need verifiable audit without exposing the holder.
Hide amounts/positions; preserve DvP finality; bridge legal records via attestations.
Derivatives: daily deltas/margins hidden; regulator replayable audit.
Pick cheapest viable privacy that meets audit needs; measure costs under 4844.

Institutional credentials: KYC/AML, accreditation, allow/deny, attestations, revocation, scoped regulator disclosure.
Public-sector eligibility and issuer-independent verification: digital ID wallets, residency, age, citizenship, and benefit-eligibility claims that verify without contacting the issuer.
Resilience identity: prove attributes after the issuer goes offline, refuses re-issuance, mass-revokes, or turns adversarial; social or web-of-trust recovery without re-exposing PII.
Across all three: public verification without publishing PII; unlinkable proofs across contexts; scoped disclosure for legitimate oversight.

Institutional cash movement: payouts, PvP, DvP cash legs, treasury flows, workflow/memo privacy with stakeholder-only visibility and ISO/SWIFT linkage when needed.
Public-sector and NGO disbursement: benefits, aid, grants, vouchers, emergency cash, donor-to-recipient flows with private eligibility and recipient unlinkability.
Resilience payments: offline or low-connectivity transfer, hostile-authority settings, off-ramp unlinkability, recipient devices without client-side proving capability.
Measure latency, finality, and costs on the target L2 or app-chain; avoid HTLC brittleness.

A Cryptographically Relevant Quantum Computer (CRQC) breaks ECDSA, BLS, ECDH, Groth16, PLONK/KZG — Ethereum consensus, execution, and application privacy layers all affected.
Harvest Now, Decrypt Later (HNDL) means confidentiality-critical applications face urgency now, even though CRQC is years away.
Hash-based and lattice-based primitives provide migration paths; STARKs are already PQ-safe.

Execution privacy: RFQ intent/size/price, pre-trade leakage control across private trading, derivatives, and OTC settlement.
Public-sector and NGO procurement and settlement where counterparties, prices, or allocations are sensitive.
Cross-domain atomicity (DvP/PvP) without HTLCs; optional zk-SPV for strong atomicity.