Stealth Pay

first private transaction with Stealth Pay: install SDK configure pool address and spending key call shield() estimated time to first real ZK transaction: under 30 minutes

you cannot generate a valid proof for a note you don't own not because the contract prevents it because the circuit prevents it the math won't produce a valid witness without the spending key that matches the commitment

how the tree sync works: SDK reads PrivacyPool events from last synced block each Shield event: one leaf inserted each Spend event: nullifier marked used local root matches on-chain root no API. no server. just events.

client-side proving means your user's browser is the proving server no cloud infra needed no cost per proof on our side no single point of failure for proof generation you own the entire execution stack

proof size for a spend: ~2KB that's the entire cryptographic argument that you own two notes, they're in the tree, the math balances, and the nullifiers are valid 2KB proves everything the chain needs to know

Poseidon2 was designed specifically for ZK circuits SHA256 is expensive to prove inside a circuit Poseidon2 is not this is why the Merkle tree uses Poseidon2 and not the hash everyone knows

a ZK proof has two input categories: public inputs : the chain sees these private inputs : the chain never touches these your spending key, your amount, your salt: all private inputs the proof says: these private inputs satisfy the circuit. nothing else.

banks compete on privacy they don't share your balance with your competitors crypto is the first financial system where your competitor can check your position in real time, for free

inheritance is a private matter estate planning is a private matter on-chain, both are reconstructable from the moment of the first transaction permanent public records have permanent personal consequences

MEV is a privacy problem before it's an economics problem front-running exists because pending transactions are visible before they land private transactions remove the surface before any MEV solution is needed

protocol treasury management, publicly visible: your runway is estimatable your vendor relationships are mapped your market moves are front-runnable none of that needed to be public

the gap between crypto people and everyone else on privacy: crypto people: "public wallets are fine, I have nothing to hide" everyone else: "I will not put my real finances somewhere that makes them public" one of these is wrong about adoption