Internal Documentation
Not for Public Release
This section contains internal technical documentation that is not intended for the public website. These pages document design decisions, architecture rationale, and implementation details for the development team.
Roadmap
- Roadmap - Evolution to general-purpose privacy pool with EBEMT L3 integration
Quick Reference
| Category | Decision | Rationale |
|---|---|---|
| Curve | Grumpkin | Native to Barretenberg, single-curve design |
| Signatures | Schnorr | 20% fewer constraints than EdDSA |
| Hash | Poseidon2 | SNARK-optimized, Huff = 85% gas savings |
| Tree | 3-ary, depth 16 | Same hash cost as binary, 43M capacity |
| Proving | UltraHonk | No trusted setup, browser WASM, native recursion |
| Circuit | 2-in-2-out | Uniform fingerprint, supports all operations |
| Token ID | uint160(address) | Simple, no registry needed |
| Key hierarchy | SPK->NPK, VK separate | Viewing key never in circuit |
| Compliance | UKRC k-of-n | No single point of failure |
| Fee model | Relayer-paid (EMT), user-paid (external) | Dogfooding, sustainable |
| Multi-chain | Hub & Spoke (Base + ETH/Polygon) | Unified anonymity set |
| Cross-chain msg | Chainlink CCIP | Security-first, regulatory credibility |
| EMT Emitter | 2-of-3 MPC (Fireblocks) | Fast automated signing, no SPOF |
Contents
Cryptographic Choices
- Cryptography - Why Grumpkin, Schnorr, Poseidon2, ternary trees
- Performance - Why proofs are fast, gas optimization, sync speed
Architecture Decisions
- Circuit Design - Why 2-in-2-out, public inputs, swap circuit
- Note Locking - Preventing double-spend during proof generation
- Relayer Architecture - Gasless transactions, trust model
- QuickSync Design - Fast sync, health monitoring
- Tree Rotation - How/when trees rotate, old notes validity
- Multi-Chain Architecture - Hub & Spoke design, CCIP, MPC Emitter
Key & Identity
- Key Derivation - Full key hierarchy explained
- Linked Mode - EIP-712 signature to spending key
- Stealth Addresses - Per-swap unlinkability
- Nullifier Design - Why
H(NK, leafIndex)
Token Support
- Token ID Design - Why address cast to uint256
- EMT vs External Tokens - Different paths, different trust
- External Token Support - Full ERC-20 support design
Compliance
- UKRC Overview - Guardian system overview
- Compliance Key Derivation - Per-note keys from commitment
- Sender Commitment - Counterparty tracing
Additional Design Specs
See /docs/internal/ in the repository for detailed design documents:
| Document | Description |
|---|---|
MULTI_CHAIN_DESIGN.md | Multi-chain Hub & Spoke architecture |
SWAP_DESIGN.md | Private swap architecture |
EXTERNAL_TOKENS_DESIGN.md | ERC-20 token support (full spec) |
MICA_EMT_DESIGN.md | MiCA compliance design |
COMPLIANCE_SPEC.md | UKRC guardian system |
MERCHANT_AGGREGATION.md | Batch withdrawal design |
OPTIMISTIC_TX_DESIGN.md | Optimistic UX improvements |