Be ready for the next release of an open source Kaspa community project based on the Bitcoin wise seedsigner idea but for Kaspa, 100% Rust and built for the people. It's called KasSigner and will be up on GitHub for a public release in the next coming days...π€
π₯· Stealth Addresses (DKSAP): publish one meta-address, receive at unlinkable one-time addresses. Dual-key ECDH means your watch-only wallet scans while spend keys never leave the air-gapped device. Live scanning catches payments in real time.
KasSigner v1.0.4 "Toccata" is live. π€πΌ
An air-gapped hardware signer you build yourself on a $15 ESP32-S3, talking to a browser watch-only wallet through QR codes only. No USB, no Bluetooth, no radio. Ever.
And now: covenants on Kaspa mainnet. π§΅
Let this be known that I no longer am working for @Igra_Labs. Effective July 1 st.
My notice of termination was given to me through a Telegram message June 30th afternoon.
No prior notice was given. No compensation offered. Weird.
As such, I no longer am able to vouch for the quality nor security of their solution.
NEway, those were stressful two years, and Iβm glad it is over.
I am going back to writing music. I think of starting my Masterβs Degree next year!
@Wevn_Space All this tangem excuses about how hard is to build dynamic addresses is BS to meβ¦ iβm not a professional and built a whole device with themβ¦ all is in the code for anyone to implementβ¦ address derivation is called π€πΌ @InKasWeRust ππ€πΌ
Trustless atomic swaps on Kaspa. No middleman, no server.
Alice and Bob swap KAS using HTLCs on TN12. Preimage extracted in real time from the DAG block stream. Fully decentralized, fully on-chain.
Air-gapped signing with KasSigner. Watch-only companion KasSee. Private keys never leave the device.
Open source. GPLv3. ππ€πΌ
https://t.co/VrbbWrGWAS
https://t.co/r4UWIGNbFh
#Kaspa #KasSigner #AtomicSwap #HTLC #OpenSource #Toccata
What if Kaspa becomes the settlement layer for other chains?
We just proved on TN12 that a persistent covenant can verify ZK proofs on-chain via OP_ZK_PRECOMPILE. 128-byte Groth16 proof. Self-looping state machine. Deposit, prove, withdraw.
The covenant does not care where the proof comes from. It verifies math.
An Ethereum L2 could settle on Kaspa. A Solana rollup could settle on Kaspa. A Bitcoin sidechain could settle on Kaspa. Any chain that can generate a Groth16 proof can bridge to it.
The only requirement: a valid proof for the committed circuit. The rest is 10 BPS finality and trustless verification.
Kaspa as the universal ZK settlement layer. Not theory. Working on TN12 today. Toccatta could be HUGE π€πΌ
#Kaspa #ZKProof #KasSigner #Toccata
Here it is...ZK Rollup on Kaspa. Confirmed on TN12.
Persistent covenant holds state root on L1. Advances only with a valid Groth16 proof of state transition. Self-looping. Funds stay locked or withdraw with proof.
4-account MiMC merkle tree. Transfer validity proved in 128 bytes. Old root to new root, verified on-chain via OP_ZK_PRECOMPILE.
Two consecutive state advances confirmed:
TX1: 378ec66ffe9f60dc18614ed1ba7016d7ce484689211d5d68dedda980e6f432d0
TX2: 5873978e930e4cd7403d7b6b720c5072b5513cf9dceba9f838509e16ee593c48
Deposit on L1. Prove state transitions off-chain. Withdraw on L1 with proof. Covenant persists. The circle is closed...
Browser WASM prover. Air-gapped signer. All open source.
#Kaspa #ZKRollup #KasSigner
ππ―ππ’π΄ππ¦ππΆπ΄π΅ππ€πΌ
Milestone...KIP-21 ZK Bridge PoC confirmed on TN12.
First ZK-gated deposit/withdrawal on Kaspa.
Groth16 proof verified on-chain via OP_ZK_PRECOMPILE. Seq-commit preimages as private witness. 128-byte proof unlocks funds from a P2SH covenant.
Deposit TX: lock KAS behind a ZK proof gate
Withdrawal TX: prove knowledge of (lane_tip, activity_digest, context), funds release
TX: 77ef53ab0066eb3fb09365df69353027b476bfa20247e5da344b642e1599778a
All browser-side. WASM prover in KasSee, air-gapped signer on KasSigner.
13 covenant types. 30+ opcodes exercised, and more to come...
State transition circuit next.
#Kaspa #ZKProof #KasSigner
ππ―ππ’π΄ππ¦ππΆπ΄π΅ππ€πΌ
Merkle Whitelist Vault confirmed on Kaspa TN12.
Funds locked in a covenant can ONLY go to approved addresses. The script stores a single 32-byte merkle root. At spend time, an on-chain merkle proof verifies the destination is in the whitelist.
This is on-chain. The merkle root is in the script. The proof is verified by every node. No app can bypass it. No firmware update can override it. Consensus is the enforcer.
3 addresses whitelisted. 3 spends confirmed. 1 non-whitelisted address rejected.
OP_CAT + OP_BLAKE2B doing merkle proof verification directly in Kaspa script. No app logic. No server. Consensus enforced.
Scales to thousands of addresses with the same 32-byte root. Corporate treasuries, whitelisted vendor payments, airdrop claims, token registries, all verifiable on L1.
TX 1: c10fbda2...d06f53 TX 2: 70728a70...749167 TX 3: 732d1fe5...01223e
#Kaspa #TN12 #Toccata #KasSigner #Opensource
ππ―ππ’π΄ππ¦ππΆπ΄π΅ππ€πΌ
Commit-reveal covenant confirmed on Kaspa TN12.
Two-phase protocol.
Phase 1: lock BLAKE2B(secret) on-chain. Nobody sees your data.
Phase 2: reveal the preimage, script verifies the hash, owner signs, funds move.
Between commit and reveal, the content is hidden. A miner sees the TX in the mempool but learns nothing. The hash is meaningless without the preimage.
Use cases: sealed-bid auctions, fair randomness, front-running resistant KRC20 mints, any protocol where you need to commit before you reveal.
TX: a101d411...d768c8f
#Kaspa #TN12 #Toccata #KasSigner #Opensource
ππ€πΌ
ππ―ππ’π΄ππ¦ππΆπ΄π΅
First consensus-enforced state machine on Kaspa L1. TN12. Three air-gapped devices. Three roles. Three state transitions. One covenant.
A supply chain traced on-chain: Manufactured β Shipped β Delivered. Each step signed by a different participant on a $15 chip that never touches the internet. The script enforces who can sign at each stage, verifies the covenant recreates itself with the correct next-state amount, and checks SPK continuity, all at consensus level.
No indexer. No middleware. No oracle. No smart contract VM. The state machine IS the script. Amount encodes state. Introspection enforces transitions. Consensus validates everything.
State 0β1 (manufacturer): 71810c1e...f0977176 State 1β2 (shipper): e7ca1975...fe74fe47 State 2βdone (receiver): 785777a6...9869efc8
#KaspaTN12 Β· #Toccata Β· #KasSigner #OpenSource
ππ―ππ’π΄ππ¦ππΆπ΄π΅ππ€πΌ
Second ZK precompile live on Kaspa L1. RISC0 Succinct. TN12 222,668 bytes of STARK proof. One air-gapped signature. On-chain verification.
RISC0 proves execution of arbitrary RISC-V programs, not circuits, not constraints, full programs. The node verifies a succinct receipt over BabyBear. The signer sees none of it. QR relay carries 538 bytes to the device. The other 222KB stays in the browser and gets assembled into the sig_script at finalization.
Two ZK verifiers. Two confirmed TXs. Same covenant framework. Same $15 @KasSigner esp32-s3 chip
Groth16 (BN254): 128 bytes. 14M script units. TX d7e203a1...2380c463 RISC0 Succinct (BabyBear): 222,668 bytes. 25M script units. TX ceac9f02...5b8f3476
#Kaspa #Toccata #KasSigner #Opensource
ππ―ππ’π΄ππ¦ππΆπ΄π΅ππ€πΌ
Masive...First zero-knowledge proof transaction ever executed on the Kaspa network. TN12 Not from an L2. Not from a funded team. From an air-gapped hardware signer on a $15 chip.
@KasSigner
π€πΌ Zero-knowledge proof verified on Kaspa L1. Air-gapped. Funds locked behind a ZK gate. To spend, you prove you know β without revealing what you know. The chain verifies the math. Funds move or they don't. Under the hood: β Groth16 prover (arkworks BN254) compiled to browser WASM β 128-byte proof generated client-side β VK hash-committed in P2SH covenant via BLAKE2B β OP_ZK_PRECOMPILE (0xa6) verifies the pairing on-chain β Air-gapped Schnorr signing via QR relay β signer never sees the proof Three boundaries between the secret and the world. Browser. Device. Chain. Nothing leaks. TX:d7e203a1bec5a8cdede7be0f8ea391ebdf44a946667484f9d515c24a2380c463 No trusted third party. No server. No reveal. Just math. Built on rusty-kaspa Toccata opcodes. 100% open source. https://t.co/r4UWIGNbFh #Kaspa #KasSigner #ZeroKnowledge #Groth16 #Toccata #ZKP
Persistent Vault is live on KasSigner Γ TN12
Single-owner covenant that recreates itself on every withdrawal. Your KAS stays locked in a self-enforcing P2SH vault. Partial withdrawals reduce the balance but the covenant persists forever.
Under the hood: β TX version 1 + KIP-20 covenant identity opcodes β Genesis/continuation dual-path script β Air-gapped Schnorr signing via QR relay β Blake2b covenant_id binding validated by consensus
First spend establishes the covenant: b4bdf8b6b364a18c536104c408ba506ee58e57c2befcd0668b1393d78a52050c
Second spend, node enforces SPK continuity:945278e5e58be4544df56ef31baa09259c67b4bcfc41b7d46895cd6d7314e372
No multisig. No escrow. No trust. Just math.
Built on rusty-kaspa Toccata opcodes. 100% open source.ππ€πΌ
https://t.co/r4UWIGNbFh
#Kaspa #KasSigner #Covenants #KIP20 #Toccata
Two privacy primitives cooked on @KasSigner today. Will be delivered in the next update
1/ Stealth Addresses
Anyone can pay you without linking the payment to your public address. Receiver publishes a stealth meta-address once. Sender derives a one-time address β unlinkable on chain. Detection happens air-gapped on the hardware signer via ECDH.
Works on mainnet right now β no new opcodes needed.
2/ PayJoin Covenant
A covenant that enforces input mixing on-chain. The script uses OpTxInputCount + OpTxInputSpk to guarantee the spending TX includes inputs from multiple addresses. Chain analysis can't tell which inputs belong to which outputs. Forced mixing β not optional, not cooperative, enforced by script.
TX: 3e65ae53feeac252ecd2f3b2bdb479257c6f11f514485d186cdd001e368f4476
All open source. All air-gapped. Individual sovereignty. ππ€πΌ
#Kaspa #KasSigner #Privacy #StealthAddresses #PayJoin #Toccata
First OP_CHECKSIGFROMSTACK oracle covenant executed on Kaspa TN12 with @KasSigner
Three air-gapped hardware signers. Three roles:
β Alice (owner) funds the covenant
β Carol (oracle) signs an off-chain attestation
β Bob (beneficiary) claims β only when Carol's attestation verifies on-chain
BIP340 Schnorr signature on an arbitrary message hash, verified by the Kaspa script engine. No TX sighash β pure oracle attestation.
Use cases: insurance payouts, escrow arbitration, sports bets, price triggers, conditional vesting β anything gated on real-world events.
All open source. All air-gapped. No trust required.ππ€πΌ
TX: 6a0cd4035c0d94a3646f8a096ece6ad770c8539f949fa298f78aa879353800005d
#Kaspa #KasSigner #Toccata #Covenants #OpCheckSigFromStack
Cross-chain atomic swaps on Kaspa too. Confirmed on TN12.
KasSigner now supports SHA-256 hash locks β the same standard used by Bitcoin, Ethereum, Litecoin, and many other chains.
Same preimage will work on both chains.
All air-gapped. All on hardware. All open source. InKasWeRust. ππ€πΌ
#Kaspa #AtomicSwap #CrossChain #Toccata
Air-gapped atomic swaps on Kaspa. Not a simulation. On-chain.
Today we confirmed 6 covenant types on TN12 β all signed on ESP32-S3 hardware with zero network exposure:
Spending limits. Allowances with cooldowns. Treasury with whitelisted destinations. Vesting schedules. And atomic swaps β both the refund path (CLTV timeout) and the claim path (Blake2b preimage reveal).
Every signature computed air-gapped. Every TX relayed via QR codes. Every opcode verified against rusty-kaspa source.
Toccata is coming. KasSigner is ready. ππ€πΌ
https://t.co/r4UWIGNbFh
#Kaspa #Toccata #Covenants #KasSigner
Time-locked vaults on Kaspa.
KasSigner just spent the first OP_CHECKLOCKTIMEVERIFY covenant via air-gapped hardware signer on TN12.
Owner spends anytime. Beneficiary unlocks after a DAA score threshold. Enforced by consensus β not by trust.
Signed on an ESP32. Transported by QR code. No USB. No Bluetooth. No network. No middleman
This is what self-custody looks like.
Kaspa tech is ready to change the world as we know it... Anyone around the world could use it... Really "SMART MONEY", but more than only that....InKasWeRust. ππ€πΌ
https://t.co/r4UWIGNbFh