Skip to main content

The opportunity

The stablecoin market holds $150B+ in circulating supply (USDC, USDT, and newer entrants). Every existing dollar-pegged instrument is fully transparent: merchants can surveil your spending history, counterparties can observe your balance, and on-chain analytics firms build profiles from your transaction graph. A stablecoin issuer with existing MSB licensing can deploy shyware as a “private mode” with no new regulatory obligations:
  • Merchants see a payment — not your balance or history
  • Issuer retains the account registry for FinCEN subpoena response
  • TotalSupply is publicly auditable — no fractional reserve risk
  • The two-list invariant is enforced by canonical consensus and the shared managed signing boundary
This is a product differentiator, not a regulatory workaround.

Architecture

Issuer (operator)              canonical shyware runtime      User wallet
    │                               │                               │
    ├── RegisterAsset("usdc") ──────►                               │
    │                               │                               │
    │    User onboards:             │                               │
    │                               │◄── RegisterAccount ──────────┤
    │                               │    (H(wallet), wallet_proof)  │
    │                               │                               │
    │    User funded:               │                               │
    ├── Mint(to: H(wallet)) ────────►                               │
    │                               │                               │
    │    User transfers:            │                               │
    │                               │◄── Transfer ─────────────────┤
    │                               │    (anon; 2-list invariant)   │
    │                               │                               │
    │    Subpoena arrives:          │                               │
    │◄── Operator admin API ────────┤                               │
    │    (account registry, full    │                               │
    │     tx history for target)    │                               │

FinCEN compliance mapping

Regulatory requirementshyware mechanism
Customer identification (KYC/AML)Account registration requires wallet ECDSA proof; issuer holds off-chain KYC record linked to account_commitment
Transaction monitoringIssuer queries admin API for account history on demand (reactive, not proactive)
SAR filingIssuer’s compliance team accesses full records via admin SDK under standard MSB obligations
Travel Rule (31 CFR § 103.33)Transfer metadata (amount, timestamp, asset) stored in List 1; sender/recipient linkage available to issuer under legal process
Supply auditabilityGET /supply/{asset_id} is public; total_supply == total_minted - total_burned enforced by BFT consensus
The issuer’s compliance obligations are identical to a bank account — hold records, respond to subpoenas, file SARs. shyware does not change what is legally required; it changes who can see what by default.

Deployment steps

1

Stand up the node

Deploy the canonical validators on your current sensitive/core hosting tier. The current long-term posture is Verne Global for sensitive/core hosting, Cloudflare at the front door, and the shared AWS KMS + Azure Managed HSM boundary for managed signing.
2

Register your asset

curl -X POST https://your-node/api/v1/assets \
  -H "Authorization: Bearer $OPERATOR_TOKEN" \
  -d '{"asset_id": "usdp", "name": "USD Private", "decimals": 6}'
3

Integrate account registration into your onboarding flow

When a user completes KYC, your backend:
  1. Receives account_commitment = H(wallet_address) from the user’s wallet SDK
  2. Posts TxTypeRegisterAccount to the node
  3. Stores (account_commitment, kyc_record_id) in your compliance database
4

Mint on deposit

When a user deposits fiat or bridged USDC:
curl -X POST https://your-node/api/v1/mint \
  -H "Authorization: Bearer $OPERATOR_TOKEN" \
  -d '{"asset_id":"usdp","account_commitment":"...","amount":1000000}'
5

Burn on redemption

When a user redeems for fiat:
curl -X POST https://your-node/api/v1/burn \
  -H "Authorization: Bearer $OPERATOR_TOKEN" \
  -d '{"asset_id":"usdp","account_commitment":"...","amount":500000}'

Licensing

Commercial deployment requires a license. Contact hello@sayists.com. Patent application in preparation is pending. The value conservation circuit is part of the described transfer-embodiment claim surface.