Brevis_ZK
Verified Creator
Brevis is the infinite compute layer for Web3. ZK-powered verifiable computing with hundreds of millions of proofs across 40 protocols.
1 Following
50 Followers
35 Liked
1 Shared
Brevis, Primus, and Trendle: Building Verifiable Attention Markets on Monad
TL;DR: Brevis ($BREV ) is partnering with Primus and Trendle to bring zero-knowledge verification to attention-based prediction markets on Monad. Trendle lets traders go long or short on social media mindshare. Primus provides zkTLS attestations proving data genuinely originates from X, Reddit, and YouTube. Brevis’s Pico zkVM verifiably calculates Trendle’s attention index on the attested data. Together, the three teams are building a prediction market for attention where every index calculation is cryptographically verified end-to-end.
Prediction Markets Meet AttentionFi
Attention has become a tradable asset. Platforms like Kaito have shown that social mindshare can be quantified and financialized. Prediction markets have proven that crowds can price information more accurately than experts. Trendle offers a combination of both: a perpetual-style prediction market on Monad where traders speculate on attention itself.
Traders take positions on whether attention toward a topic will rise or fall, measured through an “Attention Index” that aggregates engagement signals across X, Reddit, and YouTube. The index tracks metrics like retweet counts, Reddit post scores, YouTube views, and comment velocity. It applies normalization, time-decay weighting, and quantile clipping to produce a single “Dollar of Attention” (DoA) value for each topic, with calculations running every minute over a rolling context window.
Traders can go long if they believe a topic is gaining mindshare, or short if they think attention has peaked. Leverage up to 5x is available, with funding rates that penalize positions that lead to deviation from the index, creating incentives for contrarian views when narratives become overextended.
The mechanics work, but the question is whether traders can trust the index.
The Trust Problem in Attention Markets
When real money rides on an attention index, users need confidence that the underlying data is authentic and the calculations are correct. Traditional approaches rely on centralized oracles or trusted operators, but the data that drives Trendle’s index comes from Web2 platforms that aren’t natively verifiable on-chain.
How do you know the social metrics are real? How do you know the calculations weren’t manipulated?
Trendle’s multi-source approach already makes manipulation on the source data harder. Gaming engagement across X, Reddit, and YouTube simultaneously is expensive and difficult to sustain. But data sources are not the only vector susceptible to manipulation. We must also ensure legitimacy of the entire pipeline that moves these data points on-chain as an aggregated index.
This is where zero-knowledge proofs change the equation.
The Technical Vision: zkTLS + Pico zkVM
Brevis, Primus, and Trendle are collaborating on an architecture that makes the entire attention index pipeline verifiable, from data collection to on-chain settlement.
The first challenge is proving that social data genuinely comes from the claimed sources. Primus, a long-time Brevis partner specializing in zkTLS technology, provides the solution. zkTLS extends standard TLS encryption with zero-knowledge proofs. When Trendle pulls engagement data from X, Reddit, or YouTube, Primus attestors witness the encrypted connection and generate cryptographic proof that the data originated from the authentic source. No tampering and no fabrication. The attestation travels with the data into the next stage.
With verified input data, Brevis’s Pico zkVM handles the computation, allowing Trendle’s attention index algorithm to run inside the zkVM. The entire calculation produces a ZK proof alongside the result. This proof is compact and cheap to verify on-chain. It confirms that the output index value was correctly computed from the attested input data according to the published algorithm.
Anyone can verify it, no one needs to trust the operator.
The final index value and its proof are submitted to Trendle’s smart contracts on Monad. The contract verifies the proof and uses the index to settle positions.
From data collection to market settlement, the entire pipeline carries cryptographic guarantees.
What This Means for Attention Markets
Verifiable attention indexes unlock capabilities that weren’t previously possible.
Traders no longer need to trust Trendle, Primus, Brevis, or any third party, the math proves itself. Disputes about index accuracy become cryptographically resolvable rather than dependent on reputation or arbitration. A verified attention index also becomes a building block for other protocols. DeFi applications, governance systems, or content platforms could consume Trendle’s index as a trust-minimized signal for attention-based mechanics.
The combination of multi-source data, zkTLS attestation, and verifiable computation creates layered defenses against manipulation. Attackers would need to simultaneously game multiple platforms, compromise cryptographic attestation, and find flaws in ZK circuits. The cost of manipulation scales dramatically compared to traditional oracle-based approaches.
Brevis Expands to Monad
This partnership marks Brevis’s expansion to Monad, adding another high-performance chain to our supported networks. Monad’s parallel execution architecture makes it well-suited for applications like Trendle that require frequent on-chain updates and fast settlement.
Brevis’s full ZK infrastructure, including Pico zkVM and zkTLS integrations, will be a great addition to Monad developers building data-intensive applications.
What’s Next
The Brevis, Primus, and Trendle teams are actively working toward integration. As AttentionFi matures, verifiability will separate sustainable platforms from those vulnerable to manipulation and disputes. This partnership establishes the technical direction: attention markets backed by cryptographic proof rather than trust assumptions.
About Brevis
Brevis is a verifiable computing platform powered by zero-knowledge proofs, serving as the infinite compute layer for Web3. Applications can offload expensive computations off-chain while proving every result on-chain. The Brevis stack includes Pico zkVM for general-purpose computation, the ZK Data Coprocessor for trustless access to historical blockchain data, Pico Prism for real-time Ethereum block proving (99.6% coverage, 6.9s average), and ProverNet, a decentralized marketplace for ZK proof generation. To date, Brevis has generated hundreds of millions of proofs across 40+ protocols on 6 blockchains.
Prediction Markets Meet AttentionFi
Attention has become a tradable asset. Platforms like Kaito have shown that social mindshare can be quantified and financialized. Prediction markets have proven that crowds can price information more accurately than experts. Trendle offers a combination of both: a perpetual-style prediction market on Monad where traders speculate on attention itself.
Traders take positions on whether attention toward a topic will rise or fall, measured through an “Attention Index” that aggregates engagement signals across X, Reddit, and YouTube. The index tracks metrics like retweet counts, Reddit post scores, YouTube views, and comment velocity. It applies normalization, time-decay weighting, and quantile clipping to produce a single “Dollar of Attention” (DoA) value for each topic, with calculations running every minute over a rolling context window.
Traders can go long if they believe a topic is gaining mindshare, or short if they think attention has peaked. Leverage up to 5x is available, with funding rates that penalize positions that lead to deviation from the index, creating incentives for contrarian views when narratives become overextended.
The mechanics work, but the question is whether traders can trust the index.
The Trust Problem in Attention Markets
When real money rides on an attention index, users need confidence that the underlying data is authentic and the calculations are correct. Traditional approaches rely on centralized oracles or trusted operators, but the data that drives Trendle’s index comes from Web2 platforms that aren’t natively verifiable on-chain.
How do you know the social metrics are real? How do you know the calculations weren’t manipulated?
Trendle’s multi-source approach already makes manipulation on the source data harder. Gaming engagement across X, Reddit, and YouTube simultaneously is expensive and difficult to sustain. But data sources are not the only vector susceptible to manipulation. We must also ensure legitimacy of the entire pipeline that moves these data points on-chain as an aggregated index.
This is where zero-knowledge proofs change the equation.
The Technical Vision: zkTLS + Pico zkVM
Brevis, Primus, and Trendle are collaborating on an architecture that makes the entire attention index pipeline verifiable, from data collection to on-chain settlement.
The first challenge is proving that social data genuinely comes from the claimed sources. Primus, a long-time Brevis partner specializing in zkTLS technology, provides the solution. zkTLS extends standard TLS encryption with zero-knowledge proofs. When Trendle pulls engagement data from X, Reddit, or YouTube, Primus attestors witness the encrypted connection and generate cryptographic proof that the data originated from the authentic source. No tampering and no fabrication. The attestation travels with the data into the next stage.
With verified input data, Brevis’s Pico zkVM handles the computation, allowing Trendle’s attention index algorithm to run inside the zkVM. The entire calculation produces a ZK proof alongside the result. This proof is compact and cheap to verify on-chain. It confirms that the output index value was correctly computed from the attested input data according to the published algorithm.
Anyone can verify it, no one needs to trust the operator.
The final index value and its proof are submitted to Trendle’s smart contracts on Monad. The contract verifies the proof and uses the index to settle positions.
From data collection to market settlement, the entire pipeline carries cryptographic guarantees.
What This Means for Attention Markets
Verifiable attention indexes unlock capabilities that weren’t previously possible.
Traders no longer need to trust Trendle, Primus, Brevis, or any third party, the math proves itself. Disputes about index accuracy become cryptographically resolvable rather than dependent on reputation or arbitration. A verified attention index also becomes a building block for other protocols. DeFi applications, governance systems, or content platforms could consume Trendle’s index as a trust-minimized signal for attention-based mechanics.
The combination of multi-source data, zkTLS attestation, and verifiable computation creates layered defenses against manipulation. Attackers would need to simultaneously game multiple platforms, compromise cryptographic attestation, and find flaws in ZK circuits. The cost of manipulation scales dramatically compared to traditional oracle-based approaches.
Brevis Expands to Monad
This partnership marks Brevis’s expansion to Monad, adding another high-performance chain to our supported networks. Monad’s parallel execution architecture makes it well-suited for applications like Trendle that require frequent on-chain updates and fast settlement.
Brevis’s full ZK infrastructure, including Pico zkVM and zkTLS integrations, will be a great addition to Monad developers building data-intensive applications.
What’s Next
The Brevis, Primus, and Trendle teams are actively working toward integration. As AttentionFi matures, verifiability will separate sustainable platforms from those vulnerable to manipulation and disputes. This partnership establishes the technical direction: attention markets backed by cryptographic proof rather than trust assumptions.
About Brevis
Brevis is a verifiable computing platform powered by zero-knowledge proofs, serving as the infinite compute layer for Web3. Applications can offload expensive computations off-chain while proving every result on-chain. The Brevis stack includes Pico zkVM for general-purpose computation, the ZK Data Coprocessor for trustless access to historical blockchain data, Pico Prism for real-time Ethereum block proving (99.6% coverage, 6.9s average), and ProverNet, a decentralized marketplace for ZK proof generation. To date, Brevis has generated hundreds of millions of proofs across 40+ protocols on 6 blockchains.
Brevis and USD8: Trustless Insurance for DeFi
TL;DR: Brevis ($BREV ) is partnering with USD8, a stablecoin protocol with built-in DeFi insurance. USD8 users build “Cover Scores” based on their holding history, which determine payout eligibility when covered protocols experience losses. Brevis will compute these time-weighted average holdings using zero-knowledge proofs, making insurance payouts fully trustless and removing reliance on centralized infrastructure.
DeFi Insurance That Works Like Usage History
USD8 is a stablecoin designed around a simple premise: the more you use it, the more protection you get.
Users who hold USD8 or deposit into USD8-supported vaults accumulate a “Cover Score” based on their time-weighted average holdings. If a covered DeFi protocol suffers a hack or depeg event, users can claim from USD8’s Cover Pool proportional to their score. Payouts can reach up to 80% of covered positions.
The protocol operates through two tranches:
The Cover Pool offers higher yields generated through protocol-managed strategies over USD8 and its collateral, but assets may be deployed to cover losses. The Protected Savings vault offers lower yields with positions insured by the Cover Pool.
Users choose their risk tolerance; the protocol handles the rest.
USD8 plans to launch coverage for major protocols including Aave, Curve, Lido, Sky, and others, with a beta targeted for Q2.
Why Insurance Payouts Need ZK Verification
The Cover Score is central to USD8’s design. It determines who gets paid and how much.
Without ZK verification, computing Cover Scores would require a centralized server with access to trigger payouts on-chain. The pipeline would look like:
user requests claim → centralized server calculates eligibility → server triggers on-chain distribution
Even users who interact directly with contracts would depend on that server to process their claims. This creates a single point of failure. If the server goes offline or the team disappears, users lose access to the insurance they’ve been building toward.
Vitalik Buterin calls this the “walk-away test”: can a protocol continue functioning if its creators vanish? For insurance, passing this test is essential. Users need confidence that their coverage will be honored regardless of what happens to the team behind it.
How Brevis Enables Trustless Payouts
Brevis ProverNet replaces the centralized server entirely.
When a user requests a claim, ProverNet computes their eligible time-weighted average holdings of USD8 and relevant derivative assets, generating a zero-knowledge proof that the Cover Score was calculated correctly from actual on-chain data. The result is submitted directly to USD8’s payout contract for verification and distribution.
No centralized server required, no trusted party determining eligibility, the proof itself guarantees correctness, and anyone can verify it independently. The entire payout pipeline becomes automated and trustless.
This approach also eliminates manipulation vectors. Cover Scores determine real money payouts, which creates incentive for gaming. ZK verification ensures that every score reflects genuine holding history rather than fabricated data.
Building Trustless Insurance Infrastructure
USD8 represents a new category for Brevis: protocols where trustless computation directly protects user funds. The same ZK verification that powers trading fee discounts and reward distributions can secure insurance payouts worth potentially millions.
As USD8 expands coverage to more protocols and the Cover Pool grows, the importance of trustless computation scales with it. Brevis and USD8 are collaborating on this infrastructure layer, with integration details to follow as the protocol approaches its beta launch in Q2 2026.
About Brevis
Brevis is a verifiable computing platform powered by zero-knowledge proofs, serving as the infinite compute layer for Web3. Applications can offload expensive computations off-chain while proving every result on-chain. The Brevis stack includes Pico zkVM for general-purpose computation, the ZK Data Coprocessor for trustless access to historical blockchain data, Pico Prism for real-time Ethereum block proving (99.6% coverage, 6.9s average), and ProverNet, a decentralized marketplace for ZK proof generation. To date, Brevis has generated hundreds of millions of proofs across 40+ protocols on 6 blockchains.
DeFi Insurance That Works Like Usage History
USD8 is a stablecoin designed around a simple premise: the more you use it, the more protection you get.
Users who hold USD8 or deposit into USD8-supported vaults accumulate a “Cover Score” based on their time-weighted average holdings. If a covered DeFi protocol suffers a hack or depeg event, users can claim from USD8’s Cover Pool proportional to their score. Payouts can reach up to 80% of covered positions.
The protocol operates through two tranches:
The Cover Pool offers higher yields generated through protocol-managed strategies over USD8 and its collateral, but assets may be deployed to cover losses. The Protected Savings vault offers lower yields with positions insured by the Cover Pool.
Users choose their risk tolerance; the protocol handles the rest.
USD8 plans to launch coverage for major protocols including Aave, Curve, Lido, Sky, and others, with a beta targeted for Q2.
Why Insurance Payouts Need ZK Verification
The Cover Score is central to USD8’s design. It determines who gets paid and how much.
Without ZK verification, computing Cover Scores would require a centralized server with access to trigger payouts on-chain. The pipeline would look like:
user requests claim → centralized server calculates eligibility → server triggers on-chain distribution
Even users who interact directly with contracts would depend on that server to process their claims. This creates a single point of failure. If the server goes offline or the team disappears, users lose access to the insurance they’ve been building toward.
Vitalik Buterin calls this the “walk-away test”: can a protocol continue functioning if its creators vanish? For insurance, passing this test is essential. Users need confidence that their coverage will be honored regardless of what happens to the team behind it.
How Brevis Enables Trustless Payouts
Brevis ProverNet replaces the centralized server entirely.
When a user requests a claim, ProverNet computes their eligible time-weighted average holdings of USD8 and relevant derivative assets, generating a zero-knowledge proof that the Cover Score was calculated correctly from actual on-chain data. The result is submitted directly to USD8’s payout contract for verification and distribution.
No centralized server required, no trusted party determining eligibility, the proof itself guarantees correctness, and anyone can verify it independently. The entire payout pipeline becomes automated and trustless.
This approach also eliminates manipulation vectors. Cover Scores determine real money payouts, which creates incentive for gaming. ZK verification ensures that every score reflects genuine holding history rather than fabricated data.
Building Trustless Insurance Infrastructure
USD8 represents a new category for Brevis: protocols where trustless computation directly protects user funds. The same ZK verification that powers trading fee discounts and reward distributions can secure insurance payouts worth potentially millions.
As USD8 expands coverage to more protocols and the Cover Pool grows, the importance of trustless computation scales with it. Brevis and USD8 are collaborating on this infrastructure layer, with integration details to follow as the protocol approaches its beta launch in Q2 2026.
About Brevis
Brevis is a verifiable computing platform powered by zero-knowledge proofs, serving as the infinite compute layer for Web3. Applications can offload expensive computations off-chain while proving every result on-chain. The Brevis stack includes Pico zkVM for general-purpose computation, the ZK Data Coprocessor for trustless access to historical blockchain data, Pico Prism for real-time Ethereum block proving (99.6% coverage, 6.9s average), and ProverNet, a decentralized marketplace for ZK proof generation. To date, Brevis has generated hundreds of millions of proofs across 40+ protocols on 6 blockchains.
Brevis x BNB Chain: Redefining Privacy Infrastructure for Web3
TL;DR: Brevis ($BREV ) and BNB Chain are expanding their collaboration into privacy infrastructure, building toward a generalized framework that goes far beyond first-generation transaction privacy. The three-dimensional design space we’re developing covers what gets protected, how it can be revealed, and who gets access. First concrete implementation: an Intelligent Privacy Pool built in collaboration with 0xbow where users prove compliance through ZK-verified on-chain behavior or exchange account status before transacting privately. The pool will launch on BNB Chain in Q1 2026.
Rethinking Privacy in Crypto
When most people hear “crypto privacy,” their minds go to a specific set of tools like Zcash, Tornado Cash, Railgun. These are systems designed to hide who sent what to whom.
These tools work and serve an important purpose, but they were built with first-generation zero-knowledge technology, which was computationally limited and could only handle simple operations. That meant payment privacy was about hiding transactions and not much else.
You couldn’t easily control who uses the system, you couldn’t verify anything about a user’s history or status without breaking their privacy, and you couldn’t build in compliance pathways or configurable access rules. The technology simply wasn’t there yet.
Today it is.
Modern zero-knowledge technology has expanded what’s actually possible, and the design space is now dramatically larger than “hide all token transfers.” Payment privacy can now evolve into something far more intelligent and configurable than before. And entirely new categories of privacy applications are also emerging. Understanding this expanded design space requires a new mental model.
Three Dimensions of Privacy
A better way to understand privacy systems is to think in three dimensions, and most interesting applications involve choices along all three.
Privacy target: what exactly is being protected?
Transaction counterparties and amounts are the traditional focus, but the target could also be:
User attributes: wallet history, exchange activity, reputation signalsSensitive data: AI model weights, trading intent, preference profilesComputation processes: algorithm logic, inference steps, scoring mechanisms
For example, a system might shield your wallet address while still proving properties about your on-chain history (such as that you’ve held a token for six months without revealing which wallet is yours). Another might hide the logic of a matching algorithm while making its outputs publicly verifiable, so traders can trust the results without seeing how they were computed.
Unmasking protocol: how can protected information be revealed?
This is where things get interesting from a security and trust-level perspective, because different systems make very different choices about who can access what’s hidden and under what conditions. Some designs ensure only the user can ever reveal the protected information, while others allow a centralized operator or a committee to unmask under defined governance conditions. Some build in pathways for regulatory authorities to compel disclosure, or use hardware attestation that reveals under specific technical constraints.
This dimension determines trust boundaries and shapes compliance posture in ways that matter enormously for real-world adoption.
Target users: who can use the privacy mechanism?
Some systems offer permissionless access to everyone, while others restrict based on criteria like KYC status, on-chain history, attestations, or membership in verified sets. You might need to prove something about yourself to gain access, which sounds paradoxical but makes sense when you think about it. You can prove you belong to a group of verified users without revealing which specific member you are.
Together, these three dimensions define a design space far richer than “transactions are either visible or hidden.“
What This Unlocks
Once you start thinking about privacy in terms of these new dimensions, a much wider range of applications comes into view. While the first generation of privacy tools asked the single question of whether a transaction could be hidden, the expanded design space looks at what needs protecting, who should be able to reveal what information, and who should have access in the first place.
This shift in framing opens up use cases that would have seemed impossible under the old model. Here are a few examples we think represent where things are headed.
Private credential verification for social platforms. You might want to prove you’re a long-term holder or active DeFi user to boost your reputation on a platform, but linking your wallet publicly exposes your entire portfolio and history. With the right privacy design, you can verify credentials while keeping your wallet private.
Compliant private transactions gated by verified association. Traditional mixers have a reputation problem because anyone can enter, including bad actors. A better model uses ZK to gate access: users prove they belong to a trusted set before entering, for instance by demonstrating they’re long-term exchange users with strong trading history and clean behavioral profile.
Prediction markets on private algorithms. When a platform publishes sentiment or mindshare scores that determine market outcomes, how do traders know those calculations weren’t manipulated? ZK verification lets platforms prove every algorithm run was executed faithfully while keeping the methodology private.
Privacy-preserving data for AI training. AI is at the limits of public-domain data. ZK solves this by letting users compute summaries over their private data and publish only the results with a proof that verifies both the origin and correctness.
The common thread across all of these is that they combine choices along all three dimensions. What’s being protected varies. Who can unmask varies. Who gets access varies. But they’re all drawing from the same expanded design space that first-generation privacy tools couldn’t touch.
Toward a Generalized Privacy Framework
Look across those applications and a clear pattern emerges. They’re solving different problems for different users, but they’re drawing from the same underlying toolkit: attestations about user attributes, verifiable computation over private inputs, selective disclosure mechanisms. The primitives are shared even when the configurations differ.
This points toward shared infrastructure rather than bespoke systems: attestation registries where proofs get generated once and reused across applications, computational privacy frameworks for verifiable off-chain execution, and transactional privacy toolkits that make deploying compliant privacy pools more like configuration than research.
The three-dimensional framework maps directly onto what this infrastructure needs to provide. Targets, unmasking protocols, and access controls become the core primitives for a new infrastructure layer.
First Step: Intelligent Privacy Pool on BNB Chain
To demonstrate what this looks like in practice, Brevis and BNB Chain are collaborating with 0xbow to build an Intelligent Privacy Pool as the first concrete application.
The basic function builds on 0xbow’s Privacy Pools core functionalities: deposit assets, withdraw to a new address without an on-chain link between them. The pool is able to maintain an Association Set of deposits that meet compliance criteria. Only deposits in this set can be withdrawn privately. What makes it different is how this Association Set is defined and implemented.
Users prove eligibility of their deposits through one of two paths: on-chain provenance (proving funds originated from compliant sources via the Brevis ZK Data Coprocessor) or off-chain KYC binding (proving control of a verified exchange account, such as Binance, via zkTLS without revealing identity). Both paths use ZK proofs to verify eligibility without exposing sensitive data and relying on third-party trusts.
If a deposit is later flagged by sanctions or associated with malicious activity, it can be removed from the Association Set, blocking further withdrawals. This provides controlled unmasking for legitimate enforcement needs.
This is payment privacy, but implemented across all three dimensions: information privacy through proving attributes without revealing identity, transactional privacy through unlinkable deposits and withdrawals, and configurable access controls with removal pathways for edge cases. It shows what becomes possible when you apply the full design space to even the most familiar use case.
What Comes Next
The Intelligent Privacy Pool shows that the generalized framework works and that compliant privacy applications can be built using shared primitives.
The old framing of crypto privacy was limited by the technology available at the time. Now that limitation is gone. Privacy is a design space where what gets protected, how it can be revealed, and who gets access combine to enable entirely new categories of applications, and to make existing categories far more powerful.
Brevis, 0xbow, and BNB Chain are building toward that future together.
About Brevis
Brevis is a verifiable computing platform powered by zero-knowledge proofs, serving as the infinite compute layer for Web3. Applications can offload expensive computations off-chain while proving every result on-chain. The Brevis stack includes Pico zkVM for general-purpose computation, the ZK Data Coprocessor for trustless access to historical blockchain data, Pico Prism for real-time Ethereum block proving (99.6% coverage, 6.9s average), and ProverNet, a decentralized marketplace for ZK proof generation. To date, Brevis has generated hundreds of millions of proofs across 40+ protocols on 6 blockchains.
Rethinking Privacy in Crypto
When most people hear “crypto privacy,” their minds go to a specific set of tools like Zcash, Tornado Cash, Railgun. These are systems designed to hide who sent what to whom.
These tools work and serve an important purpose, but they were built with first-generation zero-knowledge technology, which was computationally limited and could only handle simple operations. That meant payment privacy was about hiding transactions and not much else.
You couldn’t easily control who uses the system, you couldn’t verify anything about a user’s history or status without breaking their privacy, and you couldn’t build in compliance pathways or configurable access rules. The technology simply wasn’t there yet.
Today it is.
Modern zero-knowledge technology has expanded what’s actually possible, and the design space is now dramatically larger than “hide all token transfers.” Payment privacy can now evolve into something far more intelligent and configurable than before. And entirely new categories of privacy applications are also emerging. Understanding this expanded design space requires a new mental model.
Three Dimensions of Privacy
A better way to understand privacy systems is to think in three dimensions, and most interesting applications involve choices along all three.
Privacy target: what exactly is being protected?
Transaction counterparties and amounts are the traditional focus, but the target could also be:
User attributes: wallet history, exchange activity, reputation signalsSensitive data: AI model weights, trading intent, preference profilesComputation processes: algorithm logic, inference steps, scoring mechanisms
For example, a system might shield your wallet address while still proving properties about your on-chain history (such as that you’ve held a token for six months without revealing which wallet is yours). Another might hide the logic of a matching algorithm while making its outputs publicly verifiable, so traders can trust the results without seeing how they were computed.
Unmasking protocol: how can protected information be revealed?
This is where things get interesting from a security and trust-level perspective, because different systems make very different choices about who can access what’s hidden and under what conditions. Some designs ensure only the user can ever reveal the protected information, while others allow a centralized operator or a committee to unmask under defined governance conditions. Some build in pathways for regulatory authorities to compel disclosure, or use hardware attestation that reveals under specific technical constraints.
This dimension determines trust boundaries and shapes compliance posture in ways that matter enormously for real-world adoption.
Target users: who can use the privacy mechanism?
Some systems offer permissionless access to everyone, while others restrict based on criteria like KYC status, on-chain history, attestations, or membership in verified sets. You might need to prove something about yourself to gain access, which sounds paradoxical but makes sense when you think about it. You can prove you belong to a group of verified users without revealing which specific member you are.
Together, these three dimensions define a design space far richer than “transactions are either visible or hidden.“
What This Unlocks
Once you start thinking about privacy in terms of these new dimensions, a much wider range of applications comes into view. While the first generation of privacy tools asked the single question of whether a transaction could be hidden, the expanded design space looks at what needs protecting, who should be able to reveal what information, and who should have access in the first place.
This shift in framing opens up use cases that would have seemed impossible under the old model. Here are a few examples we think represent where things are headed.
Private credential verification for social platforms. You might want to prove you’re a long-term holder or active DeFi user to boost your reputation on a platform, but linking your wallet publicly exposes your entire portfolio and history. With the right privacy design, you can verify credentials while keeping your wallet private.
Compliant private transactions gated by verified association. Traditional mixers have a reputation problem because anyone can enter, including bad actors. A better model uses ZK to gate access: users prove they belong to a trusted set before entering, for instance by demonstrating they’re long-term exchange users with strong trading history and clean behavioral profile.
Prediction markets on private algorithms. When a platform publishes sentiment or mindshare scores that determine market outcomes, how do traders know those calculations weren’t manipulated? ZK verification lets platforms prove every algorithm run was executed faithfully while keeping the methodology private.
Privacy-preserving data for AI training. AI is at the limits of public-domain data. ZK solves this by letting users compute summaries over their private data and publish only the results with a proof that verifies both the origin and correctness.
The common thread across all of these is that they combine choices along all three dimensions. What’s being protected varies. Who can unmask varies. Who gets access varies. But they’re all drawing from the same expanded design space that first-generation privacy tools couldn’t touch.
Toward a Generalized Privacy Framework
Look across those applications and a clear pattern emerges. They’re solving different problems for different users, but they’re drawing from the same underlying toolkit: attestations about user attributes, verifiable computation over private inputs, selective disclosure mechanisms. The primitives are shared even when the configurations differ.
This points toward shared infrastructure rather than bespoke systems: attestation registries where proofs get generated once and reused across applications, computational privacy frameworks for verifiable off-chain execution, and transactional privacy toolkits that make deploying compliant privacy pools more like configuration than research.
The three-dimensional framework maps directly onto what this infrastructure needs to provide. Targets, unmasking protocols, and access controls become the core primitives for a new infrastructure layer.
First Step: Intelligent Privacy Pool on BNB Chain
To demonstrate what this looks like in practice, Brevis and BNB Chain are collaborating with 0xbow to build an Intelligent Privacy Pool as the first concrete application.
The basic function builds on 0xbow’s Privacy Pools core functionalities: deposit assets, withdraw to a new address without an on-chain link between them. The pool is able to maintain an Association Set of deposits that meet compliance criteria. Only deposits in this set can be withdrawn privately. What makes it different is how this Association Set is defined and implemented.
Users prove eligibility of their deposits through one of two paths: on-chain provenance (proving funds originated from compliant sources via the Brevis ZK Data Coprocessor) or off-chain KYC binding (proving control of a verified exchange account, such as Binance, via zkTLS without revealing identity). Both paths use ZK proofs to verify eligibility without exposing sensitive data and relying on third-party trusts.
If a deposit is later flagged by sanctions or associated with malicious activity, it can be removed from the Association Set, blocking further withdrawals. This provides controlled unmasking for legitimate enforcement needs.
This is payment privacy, but implemented across all three dimensions: information privacy through proving attributes without revealing identity, transactional privacy through unlinkable deposits and withdrawals, and configurable access controls with removal pathways for edge cases. It shows what becomes possible when you apply the full design space to even the most familiar use case.
What Comes Next
The Intelligent Privacy Pool shows that the generalized framework works and that compliant privacy applications can be built using shared primitives.
The old framing of crypto privacy was limited by the technology available at the time. Now that limitation is gone. Privacy is a design space where what gets protected, how it can be revealed, and who gets access combine to enable entirely new categories of applications, and to make existing categories far more powerful.
Brevis, 0xbow, and BNB Chain are building toward that future together.
About Brevis
Brevis is a verifiable computing platform powered by zero-knowledge proofs, serving as the infinite compute layer for Web3. Applications can offload expensive computations off-chain while proving every result on-chain. The Brevis stack includes Pico zkVM for general-purpose computation, the ZK Data Coprocessor for trustless access to historical blockchain data, Pico Prism for real-time Ethereum block proving (99.6% coverage, 6.9s average), and ProverNet, a decentralized marketplace for ZK proof generation. To date, Brevis has generated hundreds of millions of proofs across 40+ protocols on 6 blockchains.
Login to explore more contents