AUDITABILITY
Private by default. Auditable by choice.
Disclosure is a capability the asset holder grants — scoped, purpose-bound, and strictly read-only. This page states what can be disclosed, and what a disclosure can never do.
Research prototype · no testnet · no mainnet · unaudited · not production-private · not safe for funds
What can be disclosed
Each scope carries its real implementation status — design intent is never presented as shipped capability.
A single transaction
Prove one chosen transaction to one chosen party (TDC), with sender and recipient roles separated.
Prototype · clientA funds threshold
Prove a lower bound of holdings without exposing history (ADC, lower-bound tier).
Partial prototypeA defined time range
Scoped disclosure across a period — under research, not implemented.
ResearchA specific asset
Asset-scoped visibility — under research, not implemented.
ResearchA specific counterparty
Counterparty-scoped visibility — under research, not implemented.
ResearchWhat a disclosure can never do
These are design invariants of the disclosure model, continuously tested — not yet audited guarantees.
- Cannot spend funds
- Cannot modify records
- Cannot seize assets
- Cannot grant new permissions
Viewing authority and spending authority are separate by construction. A disclosure is a window, never a hand.