The compliance fight in crypto is usually framed as privacy versus regulation, as if you can only have one. A paper posted to arXiv on June 8 — Proof of Source of Funds: Efficient On-chain Provenance of Cryptoassets, by Alireza Kavousi, István András Seres, and Zhipeng Wang — argues that framing is a false choice, and proposes a cryptographic construction that aims to give a regulator what it wants and a user what they deserve at the same time.

The authors are sharp about what is wrong with the status quo. Today's compliance relies on binary inclusion/exclusion lists or retroactive graph analysis by centralized blockchain intelligence firms. That approach strips honest users of their financial privacy, produces false positives and negatives, and forces decentralized platforms to bear the burden of on-chain transaction monitoring. In other words, the current model is invasive, error-prone, and offloads a surveillance job onto protocols that never wanted it. Their proposed inversion is the heart of the paper.

"Rather than the platform tracing funds, the user locally generates a zero-knowledge proof demonstrating that their deposit originates exclusively from a set of compliant sources."— arXiv:2606.10172, source

This is a genuine paradigm shift in who does the work and who holds the data. Instead of the platform tracing a user's funds — which requires the platform to see and analyze everyone's transaction history — the user proves, in zero knowledge, that their deposit came only from compliant sources. The burden, and the data, move to the user side. They call the framework Proof of Source of Funds (PoSoF), and the elegance is that the platform learns one bit — compliant or not — rather than a full transaction graph.

A general model of ledger history

The technical foundation is a unifying abstraction. The authors formulate a temporal Directed Acyclic Graph (DAG) that captures both UTXO and account-based ledger histories within a generalized value-flow model. That matters because Bitcoin-style UTXO chains and Ethereum-style account chains track value-flow very differently, and a compliance primitive that only works on one is half a solution. Modeling both as a temporal DAG lets a user extract a compliant sub-DAG of their transaction history and prove properties about it regardless of the underlying ledger model.

The proving technique is the other notable choice: Incrementally Verifiable Computation (IVC) to prove rigorous state-transition predicates that protect against various attack vectors. IVC is the right tool because provenance is inherently incremental — funds move one transaction at a time, and you want to extend a proof as new transactions arrive rather than re-prove the entire history from scratch each time. The privacy guarantee is stated precisely: PoSoF guarantees the legitimacy of the funds without leaking the intermediate transaction topology, intermediary addresses, or the specific origins utilized. The platform verifies that the money is clean without learning the route it took.

The numbers that make it practical

A privacy-preserving compliance scheme is only interesting if it is cheap enough to use, and the benchmarks are the part that elevates this from a nice idea to a deployable one. On an Ethereum-compatible prototype, the authors report that incrementally updating a user's proof per new transaction takes about 1.8 seconds, and final on-chain EVM verification is constant-time at roughly 1.5 milliseconds and about 800k gas. The verification cost is the figure a protocol cares about: O(1) verification means the platform's cost does not grow with the length or complexity of the user's history, which is what relieves it of the chain-analysis burden entirely.

There is a sharper way to see why the inversion matters: it changes the default of who is presumed guilty. Under retroactive graph analysis, every user is surveilled continuously and flagged when an algorithm draws a line to a tainted address, often with no recourse and no transparency into the model. Under Proof of Source of Funds, the default flips to the user asserting, with cryptographic proof, that their funds are clean — surveillance becomes opt-in proof rather than ambient monitoring. That is not merely more private; it is a different allocation of the burden of proof, closer to how compliance works in regulated traditional finance, where an institution attests rather than a third party covertly scores everyone. Whether regulators accept a user-generated proof in place of a firm's surveillance is the open question, but the construction at least makes the privacy-preserving option technically and economically real.

Read with a skeptic's eye, the construction's strength is also where its real-world friction will live. The proof certifies that funds originate from a set of compliant sources — which means someone must define and maintain that set, and a user whose funds touch a source later deemed non-compliant faces the same definitional problems that plague today's lists, just relocated. The cryptography does not resolve the policy question of what 'compliant' means; it makes the proof of compliance private and cheap to check once that set is agreed. That is still a large advance: it removes the structural incentive for platforms to surveil everyone, and it removes the centralized intelligence firm from the critical path. For the privacy-versus-regulation debate, PoSoF is a concrete demonstration that the two are not inherently opposed — you can prove your money is clean without showing anyone where it has been, and you can verify that proof in 1.5 milliseconds. The remaining hard problem is governance of the compliant set, which is exactly where it should be: in policy, not in the protocol.