Selective Disclosure
Reveal only the attributes you need, paired with a cryptographic proof of authenticity — instead of releasing the whole document or credential. The bridge between privacy and compliance.
Definition
The lineage runs from Camenisch-Lysyanskaya signatures and Anonymous Credentials through modern implementation specs: SD-JWT (Selective Disclosure JWT), BBS+ signatures, AnonCreds.
Structurally: the issuer signs a commitment over all attributes of a document; at disclosure time, the holder reveals specific attributes plus a zero-knowledge proof that those attributes are genuinely part of the signed document. The verifier confirms authenticity and integrity without touching the rest.
This aligns with GDPR data-minimization, KYC/AML identity verification, and medical minimal-disclosure norms. It moves data from a binary all-or-nothing axis to an attribute-level dial.
Lemma Oracle implementation
Lemma builds per-attribute disclosure on commitments and zero-knowledge proofs. A bank can verify "resident of an EU country" without ever seeing name, address, or date of birth.
The same machinery serves the high-risk AI auditing required by EU AI Act, the governance reporting under AI Business Operator Guidelines, and KYC/AML identity checks — every situation where the regulator wants the attribute confirmed and the operator doesn't want to ship the data.
Issuer, holder, and verifier remain logically distinct. No party needs to centralize the underlying data, which structurally reduces breach surface.