The privacy boundary is simple: content hashes and minimal attestation payloads can be public; full merchant records and sensitive operator data stay off chain.
- Attestation templates use closed payload key sets.
- Full records are forbidden in on-chain attestation payloads.
- The PII detector flags strict payment fields, private keys, seed phrase patterns, and sensitive contact details.
- Paid or enriched API responses must pass through a PII filter before leaving the server.
The validator does not make network calls, enrich records, or infer private facts. It evaluates the record it is given.