zkDB designs and delivers zero-knowledge database systems for the regulated enterprise. We compute on private data and cryptographically prove the answer — without exposing a single record.
A decade of peer-reviewed research on verifiable databases
Zero-knowledge SQL · PLONKish · Halo2 · KZG & IPA
Regulated sectors the practice is built for
Finance · Healthcare · Government · Cloud
Compliance regimes our architectures are designed against
Basel III · MiFID II · HIPAA · GDPR · EU AI Act · CSRD
Every system architected to a single institution
By introduction · under NDA
The diagram alongside traces a single guarantee: a query is agreed in the open, the prover computes the answer over data only it can see, and a verifier accepts the result from the proof alone — without ever touching the underlying rows.
SELECT AVG(salary) FROM payroll WHERE dept = 'risk';
Illustrative queries · The mechanism, not a benchmark
A central bank asks a commercial bank to prove its capital ratio. A regulator asks a pharma sponsor to confirm a trial endpoint. An auditor asks a multinational to reconcile a Scope 3 emissions number.
In every case, one institution holds private data — and another needs to verify a single fact about it. Today there are only two ways to answer. Both are unacceptable.
Send the raw records, the loan tape, the patient cohort, the supplier ledger. The receiving institution gains the ability to verify — and the obligation to safeguard.
Keep the records and send only the claim. The receiving institution must take the firm at its word. Audits become sampled, attestation becomes paperwork, trust becomes belief.
Compute the answer on the private data. Ship the answer with a cryptographic proof that it was correctly computed on the committed dataset. The receiving institution verifies the proof in 47 milliseconds — without ever seeing a single row.
Your engine runs the agreed query — SQL, aggregation, multi-table join — on your committed dataset. The data never leaves your custody.
A short cryptographic artifact (typically 38–64 kB) is generated alongside the answer, attesting that the computation was performed honestly on the committed inputs.
The receiving institution holds only the verification key, the answer, and the proof. Verification is mathematical, transferable, and resolves in tens of milliseconds — indefinitely re-checkable.
Three steps. The prover sees the data. The verifier sees the proof. Nobody sees both.
A regulator, partner, or auditor submits a SQL query against your committed dataset.
SELECT SUM(exposure) FROM positions WHERE cpty = 'A';
Our engine compiles the query into a PLONK-ish circuit and produces a non-interactive zero-knowledge proof.
circuit::compile(plan) prove(witness, key) → proof.zkp
The querier verifies the proof against the committed dataset in milliseconds — without ever seeing a row.
verify(vkey, proof) → ✓ accepted answer: $11.2 B
PLONKish arithmetization on Halo2 · polynomial commitments (KZG & IPA) · recursive composition · authenticated data structures.
Four verticals where regulatory weight and cryptographic depth meet. Every engagement is bespoke. We do not productize.
Cryptographic proofs for capital adequacy, stress testing, AML screening, and inter-bank settlement — without disclosing position-level data.
Verifiable endpoints, multi-site clinical trial aggregation, and insurance claims adjudication — with patient records never leaving custody.
Verifiable public statistics, census aggregates, and audit-grade tally proofs — preserving statistical secrecy while restoring public trust.
Verifiable outsourced computation across Snowflake, BigQuery, Databricks, and bespoke clouds — proof that policy was enforced, not just claimed.
Every engagement is bespoke. The shape of the work is not. Four stages, with clear deliverables, clear exit points, and clear governance at every transition.
That is the discipline of the firm. If zkDB is the wrong tool for your problem, you will hear us say so.
A senior conversation, under NDA, with our principals. You frame the regulatory question or architectural problem; we sketch feasibility and a candidate cryptographic shape.
A fixed-scope, written deliverable. Proof-system selection, commitment cadence, integration surface with your existing warehouse, key-custody design, sequenced engineering plan, risk register.
A single end-to-end workflow built and verified, typically against a synthetic regulatory submission. We deliver a working prover, verifier, and the governance instrumentation around them.
Full rollout under your CTO's programme governance. Sustained advisory, regular cryptographic reviews, evolution of the architecture as the literature and your regulatory perimeter move.
Research, capital, and regulation have converged over the last two years — moving zero-knowledge databases from academic interest toward enterprise necessity.
Peer-reviewed work at venues such as VLDB and SIGMOD has shown that arbitrary SQL — joins, aggregates, range filters — can be proven correct without a trusted setup. The cryptography is no longer the bottleneck.
Investment has started flowing into verifiable data for regulated finance — on the crypto-native side first. The enterprise side is still open. That is the window.
Verifiable training-set membership and verifiable inference shift from research interest to compliance requirement for systems classified as high-risk.
Auto, electronics, and pharma must report Scope 3 emissions from thousands of suppliers who will not share commercial cost data. A verifiable, transferable accounting proof — without exposing the underlying data — is the natural resolution.
The institutions that move first will set the standards everyone else inherits.
Every engagement is cryptographic research, solved specifically for one institution’s data, regulator, and risk perimeter. We build on a decade of peer-reviewed work — and push it where regulated data demands.
Inside our research →Relational operators — joins, aggregates, range filters — expressed as efficient PLONKish custom gates and lookup arguments, tuned to an institution’s data.
Recursive composition and hardware acceleration to bring proving for realistic query workloads from minutes toward seconds.
Commitment models for datasets that change continuously — so a new write does not mean re-committing the world.
Zero-knowledge proofs combined with differential privacy and MPC, so a result protects both the data and the people inside it.
The frameworks below are not a marketing list. They are the legal and supervisory contexts of engagements we have scoped, and the texts we read when sequencing a verifiable workflow.
Privacy and verifiability are not opposites. With zero-knowledge proofs, they become the same guarantee.
zkDB exists because the next era of regulated data infrastructure cannot be built on the binary choice between disclosure and silence. It will be built on cryptographic verifiability — and the firms that understand this first will define the standards.
Briefings are confidential, deeply technical conversations with our principals. We work with regulated enterprises, central institutions, and serious research programs.
