Chewy

Quick progress update from the workshop. Our in-house security review of Paraloom is ongoing - every finding is fixed on devnet and written up in a public security log and the bigger pieces become tracked work out in the open. Right now that means hardening the privacy circuits ahead of mainnet: moving the shielded stack to a spend-authorization-key design (the well-established Tornado-Nova construction), reimplemented from scratch in our own arkworks stack on BN254. The new withdraw, transfer and deposit circuits are landing now, each with its own test suite. Follow along - security log: https://t.co/WNvb6pLOLU · circuit work: https://t.co/QpSpBC5SjZ Still pre-mainnet on devnet. An independent external audit and the MPC ceremony remain the hard gates before mainnet - we're building toward both.

update on the private swap: the full flow runs end to end now. you deposit into the shielded pool. a fresh address withdraws, trades sol to usdc on jupiter through orca, redeposits the usdc. on-chain, you and the trading address share no signer. ran the real jupiter router against real pools on a mainnet fork. code's open, link below.

How Paraloom's privacy layer works: 1. Deposit SOL into the shielded pool 2. A commitment is added to a Merkle tree 3. Transfer privately - no one sees amount or recipient 4. Withdraw with a zkSNARK proof The nullifier system prevents double-spending. Same security model as Zcash, built for Solana.

a few days ago we showed the idea: same jupiter trade, your wallet never on it. planning an X Space this week to go deeper - how the shielded pool works on devnet today, how a fresh address acts for you, where we are with the swap flow, and the future of paraloom. time + link when it's locked. bring questions.

We started building Paraloom in March 2025. Privacy Cash didn't exist yet - it launched in August 2025, five months later. So this was never a copy of anything. The goal from day one was a fully distributed, fully decentralized privacy system with a low hardware barrier: run a validator on a Raspberry Pi or an old laptop. Many validators, spread across the world, no single machine to seize. Tornado-style protocols and Privacy Cash all share one weak spot - a single operator behind the system. That's the door governments knock on. Tornado's dev got arrested. Privacy Cash advertises "OFAC compliance" because they can be pressured. Paraloom is built to have no such door - same reason no government can shut down Zcash or Bitcoin: nobody sits at the head of it. And here's the kicker. Privacy Cash works and the volume is real - it just crossed $300M in cumulative private transfers, and it's accelerating ($100M→$200M took 69 days, $200M→$300M only 52). The fees run on a 0.35% withdrawal cut. Now look at where all of that goes: Holders Revenue $0, validators' share $0. The entire fee stream flows to one operator, behind one contract and one relayer - not to the network. The bigger it gets, the bigger the single target. That's the world we're trying to fix. Privacy isn't broken; privacy works. What's broken is that one person writes a contract, runs a server, collects every cent of the fees, and is a single point a government can shut down. Paraloom routes that exact same fee stream to a permissionless validator set instead. Same privacy, lower fee (0.25% vs 0.35%), but no one at the head of it - and the rewards go to whoever runs a node.