AnnouncementFebruary 27, 2026

UK Patent Filed: Cryptographic Disclosure Provenance for Self-Governing Data

Blade Labs has filed UK patent application GB2604344.8 covering systems and methods that address the Sovereignty Trilemma: achieving data sovereignty, data utility, and individual privacy at the same time.

By Blade Labs

The Filing

On 27 February 2026, Blade Labs Holdings Private Limited filed UK patent application GB2604344.8 with the UK Intellectual Property Office. The application is titled "Systems and Methods for Cryptographic Disclosure Provenance of Self-Governing Data" and names Sami Aftab Mian as inventor.

The application contains 25 claims covering the architecture at multiple levels: system claims 1 to 20 cover the overall infrastructure and its components, method claims 21 to 23 cover the process steps for creating and disclosing governed data, and computer-readable medium claims 24 to 25 cover software implementations. A search has been requested from the UK IPO.

  • Application number: GB2604344.8
  • Filing date: 27 February 2026
  • Jurisdiction: United Kingdom (UK IPO)
  • Applicant: Blade Labs Holdings Private Limited (Singapore)
  • Inventor: Sami Aftab Mian
  • Claims: 25 total (system 1-20, method 21-23, computer-readable medium 24-25)
  • Status: Filed, search requested

The Sovereignty Trilemma

Modern data systems face three requirements that are difficult to satisfy at the same time. Data sovereignty means that a data owner controls who can access or share their information. Data utility means that authorized parties can read, verify, and act on the data. Individual privacy means that only the minimum necessary information is shared in any given disclosure.

Existing architectures typically resolve this tension by compromising one of the three. Centralized access control systems deliver utility and some sovereignty, but require a trusted intermediary that becomes a privacy risk and a single point of failure. Encrypted data stores protect privacy and sovereignty, but reduce utility by making verification dependent on the holder's cooperation. Public ledgers deliver utility and verifiability, but sacrifice privacy by making records visible to all.

Data Sovereignty

The owner decides who sees what, and when.

Data Utility

Authorized parties can use and verify the data.

Individual Privacy

Only the minimum necessary is disclosed.

The patent claims a system architecture in which all three requirements are met simultaneously. Self-Governing Data Objects carry their own access rules and cryptographic provenance. BBS+ signatures enable selective disclosure of individual attributes. Disclosure Provenance Tokens create an immutable record of every disclosure event without exposing the underlying data.

How It Works

The patented system combines four technical components. Each one addresses a distinct aspect of the Sovereignty Trilemma.

01

Self-Governing Data Objects

Each data record is structured as a Self-Governing Data Object. Rather than relying on an external system to enforce access rules, the object carries its own governance logic: who created it, what disclosures are permitted, and a complete cryptographic record of every disclosure that has occurred. Access logic travels with the data, not with the infrastructure.

02

Boundary Detection

The system applies Boundary Detection to evaluate each disclosure request against the governance rules embedded in the data object. This determines which attributes fall within the permitted boundary for a given requester and purpose, before any disclosure is made. Attributes outside the boundary are never exposed.

03

Disclosure Provenance Tokens

When a disclosure is made, the system generates a Disclosure Provenance Token. This token records what was shared, with whom, at what time, and under which governance rule. The token is anchored to the Hedera Hashgraph distributed ledger, creating an immutable, independently verifiable audit trail of every disclosure event. The underlying data is not stored on-chain.

04

BBS+ Selective Disclosure

BBS+ signatures are applied to the data object at creation time. A holder can later generate a derived proof revealing only selected attributes from the signed record, without exposing the full record and without requiring the original signer to participate. Verifiers can confirm the proof against the original signature. This is the cryptographic mechanism that enables minimum-necessary disclosure.

Products Built on This Patent

Three Blade Labs products are built on the architecture covered by this patent application.

ZeroH

AI-native GRC platform for Islamic finance. ZeroH uses Self-Governing Data Objects and Disclosure Provenance Tokens to produce cryptographically verifiable compliance records. The QFC Digital Asset Lab deployment anchors these records to Hedera Hashgraph.

View ZeroH

Trust Center

Blade Labs Trust Center provides cryptographically verifiable compliance disclosures. The selective disclosure mechanism allows Blade Labs to share specific compliance attributes with auditors or customers without exposing internal records.

View Trust Center

ZeroH Disclosure

Enables selective sharing of compliance records with counterparties, regulators, and auditors. Disclosure Provenance Tokens provide an immutable record of what was shared and when, meeting audit trail requirements without centralizing sensitive data.

View ZeroH

What Comes Next

The UK filing establishes priority for the invention as of 27 February 2026. The Patent Cooperation Treaty (PCT) deadline is 27 February 2027. Filing a PCT application by that date would allow Blade Labs to pursue patent protection across more than 150 countries through a single international application under the World Intellectual Property Organization framework.

The patent marking page at bladelabs.io/patents lists products and features covered by this patent application and will be updated as the application progresses through examination.

GB2604344.8 is pending. Patent applications are not granted patents until after examination. Products listed as covered by this application are marked as patent pending.

Frequently Asked Questions

What does UK patent application GB2604344.8 cover?

The application covers systems and methods for cryptographic disclosure provenance of Self-Governing Data. It contains 25 claims: system claims 1 to 20, method claims 21 to 23, and computer-readable medium claims 24 to 25. The claims address how data objects can be created, disclosed selectively, and traced cryptographically without requiring a central authority to manage access.

What is the Sovereignty Trilemma?

The Sovereignty Trilemma describes a three-way tension that existing data architectures struggle to resolve simultaneously: data sovereignty (the data owner controls who sees what), data utility (authorized parties can use and verify the data), and individual privacy (only the minimum necessary information is disclosed). Current approaches typically sacrifice one of the three. The patented system addresses all three together through Self-Governing Data Objects and selective disclosure via BBS+ signatures.

What are Self-Governing Data Objects?

Self-Governing Data Objects are data structures described in the patent that carry their own access logic and cryptographic provenance. Rather than relying on a central system to enforce who can read or share a record, the object itself contains the rules and the cryptographic evidence of every disclosure that has occurred. The boundary between what is disclosed and what remains private is defined at the object level, not at the infrastructure level.

What is BBS+ selective disclosure and why does it matter?

BBS+ is a cryptographic signature scheme that allows a holder to prove selected attributes from a signed credential without revealing the full credential. In the context of compliance records, this means an institution can share proof that a specific obligation was satisfied without exposing the full contract, counterparty details, or Shariah board deliberations. The patent applies BBS+ signatures as the mechanism for generating Disclosure Provenance Tokens that record what was shared, when, and to whom.

Which products use the technology covered by this patent?

Three products are built on the patented architecture: ZeroH, the AI-native GRC platform for Islamic finance; the Trust Center, which provides cryptographically verifiable compliance disclosures; and ZeroH Disclosure, which enables selective sharing of compliance records. The Hedera Hashgraph anchoring used in the QFC Digital Asset Lab deployment is part of the same technical stack.

What is the PCT deadline and what does it mean?

The Patent Cooperation Treaty (PCT) deadline is 27 February 2027. Filing a PCT application by that date would allow Blade Labs to seek patent protection in over 150 countries through a single international application, rather than filing separately in each jurisdiction. The PCT deadline is 12 months after the UK filing date of 27 February 2026.