THREAT MODEL

What Beyul is designed to protect, and what remains outside the current prototype.

Beyul is a research-stage privacy payment chain. This page describes the target security posture and the current prototype boundaries without presenting them as audited guarantees.

Research prototype · no testnet · no mainnet · unaudited · not production-private · not safe for funds

Protected by design

Transaction activity should be private by default rather than visible to the public network.
Disclosure should be controlled by user-held keys, not by the network operator or the Beyul team.
Selective disclosure should reveal only the required fields to the intended reviewer for a defined purpose.
Viewing authority should remain separate from spending authority.

Selective disclosure risks

A shared disclosure can expose sensitive commercial or personal context to the recipient.
Repeated disclosures can create a time series that reveals more than a single proof suggests.
Minimum-balance proofs can expose financial capacity and may create coercion risk.
Disclosure artifacts should be sent through separate channels when both a link and code are required.

Current prototype boundaries

Deposit and withdrawal amounts may still be public in the current prototype boundary.
Server-side disclosure verification is not yet presented as production-ready.
The protocol and implementation have not completed an independent external audit.
No mainnet, testnet, token sale, exchange listing, or institutional adoption is claimed.

Operational assumptions

Users must protect recovery material and local device access.
Validators and infrastructure operators will require documented operational standards before broader participation.
Future public releases should include reproducible build instructions, known limitations, and test coverage summaries.
Security claims should be updated only when implementation and review status change.

Back to homepage