Summary: Reclaim Protocol is a cryptographic verification system for proving claims about user data from third-party websites without relying on uploaded documents. Its official docs position it as a privacy-preserving protocol that derives proofs from HTTPS responses, developer-defined providers, and zero-knowledge proof workflows, with SDKs and attestor infrastructure for integrating verified claims into apps.
What it does:
Lets applications verify facts like education, employment, status, age, and other website-derived claims by generating proofs directly from source websites
Uses provider definitions, HTTPS request interception, TLS-certificate validation, and zero-knowledge proofs to prove selected facts without exposing unnecessary user data
Offers multiple SDKs including JavaScript, React Native, Flutter, iOS Swift, Android Kotlin, blockchain, and zkFetch-oriented tooling
Maintains core protocol code through public repos such as attestor-core, the JS SDK, TLS tooling, and docs repositories
Anchors its security posture with a formal whitepaper reference plus an IACR ePrint security analysis of proxying/TLS-oracle security assumptions
Key claims:
The homepage claims Reclaim “generates cryptographic proof directly from source” and highlights millions of verifications with zero forged proofs
The docs explicitly position the product as an alternative to document-upload verification, arguing that AI makes uploaded documents increasingly easy to fake
The documentation says all verification happens client-side in a privacy-preserving manner using zero-knowledge proofs and describes the technology as zkTLS
The docs explain a concrete workflow: detect the relevant HTTPS request, extract only the required field via provider configuration, validate the server certificate, and generate a proof that can be verified by the relying backend
The docs point developers to a provider-exploration surface and to tooling for automating provider creation, which suggests Reclaim is building a generalized verification network rather than only a few fixed KYC use cases
The public GitHub organization shows protocol-level repos for the attestor/witness server, SDKs, TLS components, and ZK primitives, reinforcing that the system is more than a marketing wrapper around API-based attestations
The official docs link both a whitepaper and a formal ePrint analysis, which is stronger primary-source support than most crypto-adjacent verification startups publish
Whitepaper: Yes. The official docs link a Reclaim whitepaper PDF and a formal security analysis on IACR ePrint. In practice, the docs portal and public GitHub repos appear to be the most operationally useful primary sources for understanding how the system works today; see ../whitepapers/reclaim-protocol-primary-sources-2026-04-26.md.