Frequently asked questions

Bitcoin ZKA Lab is an open-source research lab that ships Apache 2.0 libraries implementing zero-knowledge architecture (ZKA) for Bitcoin applications. ZKA means the SaaS operator cannot read user data — amounts, contacts, memos, or identifiers — even under subpoena, breach, or insider threat.

Zero-knowledge architecture is a software design pattern where data is encrypted client-side before it reaches the server. The operator stores opaque ciphertext and runs queries through blind proxies. Unlike a privacy policy, ZKA is a structural guarantee — the operator cannot read user data because they never had the keys.

E2EE typically protects messages between two endpoints (user to user). ZKA extends the same principle to single-user applications and SaaS multi-tenancy: the user is one endpoint, and the application logic running in their browser is the other. The server is untrusted infrastructure in both cases.

Four libraries: zk-bitcoin-accounting (zero-knowledge double-entry bookkeeping), zk-personal-finance (client-side personal finance), bitcoin-connector (Plaid-style data aggregation with encrypted credentials), and zk-support (end-to-end encrypted support ticketing). All are Apache 2.0.

Apache License 2.0 in perpetuity. There is no commercial restriction, no equity, no patent grab, and no contributor IP assignment beyond the standard Apache CLA terms. Content on the website is CC BY 4.0.

Most libraries are alpha as of 2026. zk-bitcoin-accounting has an external cryptographic audit scoped with Cure53. zk-support is in planning. Production deployment requires reading the per-library threat model and consulting the audit status.

Fiscal sponsorship is provided by Flourish Fund, a US 501(c)(3). Funding comes in part from the Human Rights Foundation Bitcoin Development Fund. All output remains Apache 2.0 with no commercial restrictions.

SaaS operators serving high-risk users: journalists, NGOs, human-rights defenders, dissidents, and privacy-conscious businesses. Also relevant for Bitcoin-native applications (accounting, personal finance, aggregation, support) that want privacy by architecture rather than by policy.

QuickBooks and Xero store amounts, contacts, and memos in plaintext on their servers — they can read everything and must respond to subpoenas. zk-bitcoin-accounting encrypts all business data client-side before it reaches the server. The operator stores ciphertext and cannot read amounts, contacts, memos, or account names.

Plaid is the industry standard for fiat aggregation but reads every credential and transaction in plaintext. bitcoin-connector is a Bitcoin-native equivalent (Lightning, on-chain, exchanges) where credentials are encrypted client-side. The operator stores opaque ciphertext and proxies API calls without learning their contents.

Yes. Apache 2.0 permits commercial use, modification, and redistribution without royalties. There are no usage caps, no per-seat fees, and no copyleft obligations on downstream applications.

Bitcoin ZKA Lab aligns with Bitcoin-native and freedom-tech communication norms — primarily Nostr, GitHub, email, and RSS. No Twitter/X account is maintained by design.

Email security@bitcoin-zka.org. PGP key is published at bitcoin-zka.org/pgp.txt. The lab acknowledges disclosures within 48 hours and publishes post-mortems.

No. The site runs no analytics, no cookies, and no third-party trackers. Fonts are served from a privacy-respecting host (Bunny Fonts). Server logs are rotated every 30 days.

All libraries are hosted on GitHub at github.com/bitcoin-zka. Issues, pull requests, and security disclosures are public.