Privacy-Proxy is a zero-knowledge powered private-proxy for your wallet system that keeps your transactions anonymous
The system provides:
-
Transaction Privacy: No one can trace who sent funds to whom
-
Balance Confidentiality: Your holdings remain hidden from observers
-
Multi-Layer Security: Five independent security layers protect your assets
-
Familiar UX: Works seamlessly with Phantom wallet β no new tools to learn
flowchart TB
subgraph User["User"]
Phantom["Phantom Wallet"]
UI["Privacy-Proxy dApp UI"]
end
subgraph PrivacyProxyCore["Privacy-Proxy Core"]
direction TB
SM["Session Manager<br/>Creates session keys"]
ZKGen["ZK Proof Generator<br/>Client-side proof creation"]
TXBuilder["Transaction Builder<br/>Constructs private transactions"]
end
subgraph OnChain["Solana On-Chain"]
direction TB
ProxyPDA["Privacy-Proxy PDA<br/>Shielded pool"]
ZKVerifier["ZK Verifier Program<br/>Authorization proofs"]
Timelock["Timelock Program<br/>Delayed execution"]
CTProgram["Confidential Transfer<br/>Token2022 Extension"]
end
subgraph PrivacyLayer["Privacy Layer"]
StealthAddr["Stealth Address Generator"]
Relayer["Transaction Relayer<br/>Pays gas, hides origin"]
end
Phantom <-->|"Connect & sign session"| UI
UI --> SM
SM -->|"Create session key"| Phantom
UI --> ZKGen
ZKGen -->|"Generate ZK proof"| TXBuilder
TXBuilder -->|"Build transaction"| Relayer
Relayer -->|"Submit"| ProxyPDA
ProxyPDA --> ZKVerifier
ZKVerifier -->|"Verify"| Timelock
Timelock -->|"After delay"| CTProgram
CTProgram -->|"Private transfer"| StealthAddr
| Component | Purpose | Technology |
|---|---|---|
| Phantom Wallet | User authentication & session signing | Phantom SDK |
| Session Manager | Time-limited, scope-limited authorization | Client-side + On-chain |
| ZK Proof Generator | Client-side password proof creation | snarkjs / RISC-0 WASM |
| Transaction Builder | Constructs encrypted transactions | TypeScript |
| Proxy Wallet PDA | Holds funds, enforces security rules | Anchor (Rust) |
| ZK Verifier | On-chain proof verification | Bonsol / Groth16 |
| Timelock Program | Delayed execution with cancellation | Anchor (Rust) |
| Confidential Transfer | Encrypted amounts | Token2022 Extension |
| Stealth Address Generator | One-time recipient addresses | Ed25519 cryptography |
| Transaction Relayer | Hides sender IP, pays gas | Rust + Tor |
flowchart TB
subgraph Layer1["Layer 1: Wallet Access"]
P[Phantom Wallet<br/>Biometric/Password]
end
subgraph Layer2["Layer 2: Session Authorization"]
S[Session Key<br/>Time-limited + Scope-limited]
end
subgraph Layer3["Layer 3: ZK Transaction Password"]
Z[ZK Proof of Password<br/>Without revealing password]
end
subgraph Layer4["Layer 4: Spending Limits"]
L[Per-transaction limits<br/>Daily limits<br/>Recipient whitelists]
end
subgraph Layer5["Layer 5: Time-Lock"]
T[Delayed execution<br/>Cancellation window]
end
P --> S --> Z --> L --> T --> TX[Transaction Executed]
Even with an unlocked wallet, an attacker cannot:
| Attack | Protection Mechanism |
|---|---|
| Transfer funds immediately | β±οΈ Time-lock (30-min delay) |
| Transfer beyond limits | π Per-tx and daily limits |
| Transfer without password | π ZK password proof required |
| Transfer to unknown addresses | π Whitelist enforcement |
| See balance | π Confidential balances (encrypted) |
| Link transactions | π΅οΈ Stealth addresses + relayer |
flowchart TB
Attacker[π Attacker gains access<br/>to unlocked Phantom wallet]
subgraph Security["Security Layers"]
S1{Session Key<br/>Expired?}
S2{ZK Password<br/>Known?}
S3{Within<br/>Limits?}
S4{Can<br/>Cancel?}
end
Attacker --> S1
S1 -->|Yes| Block1[β Cannot create session<br/>without Phantom approval]
S1 -->|No| S2
S2 -->|No| Block2[β Cannot generate valid<br/>ZK proof]
S2 -->|Yes - Guessed| S3
S3 -->|Exceeds| Block3[β Transaction rejected<br/>by on-chain limits]
S3 -->|Within| S4
S4 -->|30 min window| Block4[β
User cancels via<br/>notification/alert]
S4 -->|User offline| Risk[β οΈ Small amount<br/>may be lost]
style Block1 fill:#f88
style Block2 fill:#f88
style Block3 fill:#f88
style Block4 fill:#8f8
style Risk fill:#ff8
Privacy-Proxy implements a deposit-pool-withdraw model combined with stealth addresses:
| Party | Can Identify Sender? | Can Identify Receiver? |
|---|---|---|
| Sender (Alice) | N/A | β No β sends to pool, not directly to Bob |
| Receiver (Bob) | β No β receives from pool | N/A |
| Chain Observer | β No β relayer hides origin | β No β stealth address hides destination |
flowchart TB
subgraph Deposit["1οΈβ£ Deposit Phase"]
Alice[Alice] -->|Deposit via Relayer| Pool[Shielded Pool]
Carol[Carol] -->|Deposit| Pool
Dave[Dave] -->|Deposit| Pool
Eve[Eve] -->|Deposit| Pool
end
subgraph Anonymity["2οΈβ£ Mixing"]
Pool -->|Funds mixed| Pool
Note["All deposits are<br/>indistinguishable"]
end
subgraph Withdraw["3οΈβ£ Withdraw Phase"]
Pool -->|ZK Proof + Stealth Addr| Bob[Bob's Stealth Address]
end
subgraph Privacy["π Privacy Guarantees"]
P1["Alice doesn't know Bob<br/>(just specifies 'send to stealth key X')"]
P2["Bob doesn't know Alice<br/>(funds came from pool)"]
P3["Chain shows: Pool β Stealth<br/>(no link to Alice or Bob's identity)"]
end
flowchart LR
User[π€ User] -->|1. Encrypted via Tor| Relayer[π Relayer]
Relayer -->|2. Submit as Relayer's IP| RPC[Solana RPC]
RPC -->|3. On-chain| Pool[Shielded Pool]
ISP[ποΈ ISP] -.->|Sees| Note["Tor traffic to random nodes<br/>(Cannot identify destination)"]
The central on-chain account that holds user funds and enforces security policies.
classDiagram
class ProxyWalletPDA {
+owner: Pubkey
+zk_password_hash: [u8; 32]
+daily_limit: u64
+per_tx_limit: u64
+timelock_duration: i64
+whitelist: Vec~Pubkey~
+nonce: u64
---
+deposit()
+request_withdrawal()
+execute_withdrawal()
+cancel_withdrawal()
+update_limits()
}
class PendingTransaction {
+id: u64
+amount: u64
+recipient_stealth: Pubkey
+execute_after: i64
+zk_proof: Vec~u8~
+status: TxStatus
}
class SessionToken {
+authority: Pubkey
+valid_until: i64
+max_amount: u64
+allowed_programs: Vec~Pubkey~
}
ProxyWalletPDA "1" --> "*" PendingTransaction
ProxyWalletPDA "1" --> "*" SessionToken
The password is never stored on-chain. Instead, we store a commitment and verify knowledge via ZK proof.
sequenceDiagram
participant User
participant Client as Client (Browser)
participant Chain as Solana
Note over User,Chain: Setup Phase (One-time)
User->>Client: Enter password "secret123"
Client->>Client: hash = Poseidon(password, salt)
Client->>Client: commitment = Poseidon(hash, randomness)
Client->>Chain: Store commitment in ProxyWalletPDA
Note over User,Chain: Transaction Phase
User->>Client: Enter password to authorize
Client->>Client: Regenerate hash from password
Client->>Client: Generate ZK proof Ο proving:<br/>1. I know hash such that<br/> commitment = Poseidon(hash, randomness)<br/>2. hash = Poseidon(password, salt)
Client->>Chain: Submit transaction + proof Ο
Chain->>Chain: Verify Ο against stored commitment
Chain->>Chain: Execute transaction if valid
flowchart LR
subgraph Recipient["Bob (Recipient)"]
SK["Spending Key<br/>sk_spend"]
VK["Viewing Key<br/>sk_view"]
MA["Meta-Address<br/>Published publicly"]
end
subgraph Sender["Alice (Sender)"]
R["Random r"]
Derive["Derive stealth address<br/>S = H(r * PK_view) * G + PK_spend"]
EP["Ephemeral pubkey<br/>R = r * G"]
end
subgraph Blockchain["On-Chain"]
Registry["Ephemeral Key Registry"]
Transfer["Transfer to S"]
end
subgraph Recovery["Bob Scans"]
Scan["For each R:<br/>S' = H(sk_view * R) * G + PK_spend<br/>If match, derive sk"]
end
SK --> MA
VK --> MA
MA --> Sender
R --> Derive
R --> EP
Derive --> Transfer
EP --> Registry
Registry --> Scan
sequenceDiagram
participant User as π€ User
participant Phantom as π¦ Phantom
participant App as π± Privacy-Proxy dApp
participant Relayer as π Relayer
participant Proxy as π¦ Proxy PDA
participant Stealth as π΅οΈ Stealth Address
Note over User,Stealth: Phase 1: Session Setup
User->>Phantom: Connect wallet
Phantom->>App: Return public key
App->>App: Generate ephemeral session keypair
App->>Phantom: Request signature for session creation
Phantom->>User: "Approve session for 1 hour, max 10 SOL?"
User->>Phantom: Approve
Phantom->>App: Signed session token
App->>Proxy: Create SessionToken on-chain
Note over User,Stealth: Phase 2: Transaction Initiation
User->>App: Request transfer: 5 SOL to Bob
App->>App: Generate stealth address for Bob
App->>User: "Enter your ZK password"
User->>App: Enter password
App->>App: Generate ZK proof locally
App->>App: Build transaction with:<br/>- ZK proof<br/>- Stealth address<br/>- Encrypted amount
Note over User,Stealth: Phase 3: Submission via Relayer
App->>Relayer: Submit encrypted transaction request
Relayer->>Relayer: Pay gas fees
Relayer->>Proxy: Submit to Solana (origin hidden)
Proxy->>Proxy: Verify ZK proof
Proxy->>Proxy: Check session validity
Proxy->>Proxy: Check spending limits
Proxy->>Proxy: Create PendingTransaction<br/>with 30-min timelock
Note over User,Stealth: Phase 4: Time-Lock & Execution
Proxy-->>App: Event: Transaction pending
App-->>User: "Transaction pending. Cancel within 30 min?"
alt User cancels
User->>App: Cancel transaction
App->>Proxy: cancel_withdrawal(tx_id)
Proxy->>Proxy: Refund to proxy wallet
else Time expires
Proxy->>Proxy: Auto-execute after 30 min
Proxy->>Stealth: Transfer encrypted amount
Stealth-->>User: Bob receives funds
end
| Component | Technology |
|---|---|
| Smart Contracts | Anchor Framework (Rust) |
| Token Standard | SPL Token + Token2022 Extensions |
| ZK Verification | Bonsol (RISC-0 verifier on Solana) |
| Program Libraries | solana-program, anchor-lang |
| Component | Technology |
|---|---|
| dApp Frontend | Next.js / React |
| Wallet Integration | Phantom SDK (@phantom/browser-sdk) |
| ZK Proof Generation | snarkjs / RISC-0 WASM |
| Encryption | NaCl / tweetnacl-js |
| Component | Technology |
|---|---|
| Relayer Service | Rust / Node.js |
| Stealth Address Registry | Solana on-chain or IPFS |
| Monitoring | Helius webhooks, Prometheus |
Privacy-Proxy represents a technically feasible approach to building a privacy-preserving wallet on Solana. By combining proven cryptographic primitives (ZK proofs, stealth addresses, confidential transfers) with a defense-in-depth security model, the system provides:
-
Strong Privacy: Full sender/receiver anonymity with amount confidentiality
-
Robust Security: Multi-layer protection even against compromised wallets
-
Excellent UX: Seamless Phantom integration, familiar workflow
-
Solana Performance: Sub-second finality, minimal fees
The primary challengesβZK proof performance, anonymity set bootstrap, and relayer decentralizationβall have viable solutions that can be implemented incrementally as the protocol matures.