The problem with sharing compliance documents
A counterparty asks your organisation to confirm that a transaction meets regulatory requirements. You have a compliance report that contains that confirmation. You also have 40 other fields in that report: customer names, account numbers, internal risk ratings, and sensitive commercial terms.
Sending the full report satisfies the counterparty's request but exposes data they have no legitimate interest in receiving. Redacting the report takes time, introduces human error, and still transfers the underlying document across the border.
Selective disclosure solves this by separating the proof from the data. The counterparty receives a verifiable proof that the compliance fact is true. The underlying report stays with your organisation.
The three components of ZeroH Disclosure
UK Patent Application GB2604344.8, filed 27 February 2026 by Blade Labs Holdings (Singapore), covers three components that work together. The inventor is Sami Aftab Mian.
- 01
Selective disclosure
The compliance officer selects which claims to share from the document. The selection is explicit: a list of specific fields or facts, not a category or a range. Only the selected claims are included in the Proof Pack.
- 02
Boundary detection
Before disclosure options are presented, ZeroH Disclosure automatically identifies which fields in the document are subject to regulatory restrictions under the applicable framework (PDPPL, PDPL, PDPA, or GDPR). Fields that cannot be disclosed are removed from the selection interface.
- 03
Cryptographic disclosure provenance
When the disclosure is generated, the platform creates a cryptographically signed record: what was disclosed, when, to whom, and from which document. This record cannot be altered after the fact by either party. It forms the audit trail.
What a Proof Pack contains
A Proof Pack is a structured artifact. It is not a redacted document. It is not a summary. It is a verifiable data structure with three parts.
Selected claims
The specific facts the organisation chose to share, expressed as structured data fields
Cryptographic proof
A signature linking the disclosed claims to the authenticated source document, verifiable without the source document
Audit trail
A signed record of when the disclosure was generated, by whom, and for which recipient
The source document is not included. The recipient can verify each claim in the Proof Pack without it.
Why deterministic matters for audit trails
Deterministic means the same inputs always produce the same output. For ZeroH Disclosure, this means: given the same document and the same selected claims, the generated Proof Pack is always identical.
This property is necessary for regulatory audit trails. If a regulator asks for a record of what was disclosed on a specific date, the organisation can reproduce the Proof Pack exactly and demonstrate that the record matches. Probabilistic approaches, which generate different outputs on each run, cannot provide this guarantee.
The disclosure workflow
- 01
Ingest
Document enters ZeroH Disclosure from Google Drive, SharePoint, or Outlook. PII is detected and fields are classified.
- 02
Boundary check
Boundary detection identifies which fields are restricted under the applicable regulation. Restricted fields are excluded from the disclosure selection.
- 03
Select
The compliance officer selects the claims to disclose. The selection is recorded as part of the provenance trail.
- 04
Generate
ZeroH Disclosure generates the Proof Pack: selected claims, cryptographic proof, and audit trail. The same inputs always produce the same output.
- 05
Share
The Proof Pack is transmitted to the recipient. The source document remains with the originating organisation.
Deployment context
ZeroH Disclosure was deployed at the QFC Digital Asset Lab with Al Rayan Bank in September 2025. It is currently in alpha. The platform supports four regulatory frameworks: PDPPL (Qatar), PDPL (Saudi Arabia), PDPA (Malaysia), and GDPR (EU).
Integration requires no data migration. ZeroH Disclosure connects to existing document sources via Google Drive, SharePoint, and Outlook integrations. Documents are processed in place.
Frequently asked questions
Selective disclosure is a technique for sharing a specific fact from a document without sharing the document itself. The recipient receives a cryptographic proof that the fact is accurate and derived from an authenticated source. The source document stays with the originating organisation.
A Proof Pack is the output of the selective disclosure process. It contains: the specific claims the organisation chose to disclose, a cryptographic proof linking those claims to the authenticated source document, and an audit trail recording when the disclosure was generated and by whom. A Proof Pack does not contain the source document.
Boundary detection is the automated step that identifies which fields in a document are subject to disclosure restrictions under the applicable regulations. For example, a document processed under PDPPL may have different boundary rules than the same document processed under GDPR. ZeroH Disclosure applies boundary detection before presenting disclosure options to the compliance officer.
Deterministic selective disclosure produces the same output every time for the same input. A given set of claims from a given document always generates the same proof. This is necessary for audit trails: if a regulator asks for a record of what was disclosed, the organisation can reproduce the proof exactly. Probabilistic approaches generate different outputs on each run, which makes audit trail reproduction unreliable.
Yes. The cryptographic structure of a Proof Pack allows the recipient to verify that the disclosed claims are accurate and were derived from an authenticated document, without needing access to that document. This is the core utility of the approach: verifiability without data transfer.
ZeroH Disclosure integrates with Google Drive, SharePoint, and Outlook. Documents processed through these integrations can be ingested for PII detection, schema classification, and selective disclosure. Documents do not need to be moved to a separate system.
Cryptographic disclosure provenance is the verifiable record generated when a disclosure is made. It records what was disclosed, when, to whom, and from which document. The record is cryptographically signed so that neither the disclosing party nor the recipient can alter it after the fact. This record forms part of the audit trail for regulatory purposes.
See how ZeroH Disclosure generates Proof Packs from your existing documents.
Learn about ZeroH Disclosure