π Protocol Overview
Architecture, threat model, and comparison with existing privacy protocols
ZK-Sentinel is a privacy-preserving financial protocol built on Ethereum that provides coercion resistance β a property no other mixer or privacy pool implements. Users can protect their funds even under physical threat through a dual-nullifier architecture where real and decoy withdrawals are computationally indistinguishable.
| # | Layer | Protection | Implementation |
|---|---|---|---|
| 1 | Commitment Hiding | Deposit amounts hidden | Poseidonβ hash |
| 2 | Nullifier Privacy | Withdrawal unlinkable to deposit | Dual nullifier (real + decoy) |
| 3 | Merkle Anonymity Set | Depositor hidden in crowd | Incremental Merkle tree (depth 20) |
| 4 | Relayer Binding | IP address protection | Anti-frontrunning hash binding |
| 5 | ZKML Coercion Detection | Biometric stress analysis | Halo2 on-chain ML verification |
| 6 | Shadow Passphrase | Decoy wallet under duress | Canary phrase β decoy nullifier |
| 7 | Privacy Pools (PoI) | Regulatory compliance | Association Set Provider |
| 8 | Selective Disclosure | Prove properties without revealing | Range proofs on amounts |
| 9 | Multi-denomination | Amount fingerprinting prevention | 92 pools across 12 tokens with 4 denominations each |
| Feature | Tornado Cash | Railgun | 0xbow | ZK-Sentinel |
|---|---|---|---|---|
| Coercion Resistance | β | β | β | β Dual nullifier |
| ZKML Biometrics | β | β | β | β Halo2 on-chain |
| Privacy Pools / PoI | β | Partial | β | β ASP Registry |
| Selective Disclosure | β | β | β | β Range proofs |
| Partial Withdrawals | β | β | β | β Change commitment |
| ERC-20 Support | DAI only | β Full | β | β Multi-token |
| Shadow Passphrase | β | β | β | β Canary defense |
| Multi-chain | ETH only | ETH+Polygon | ETH | ETH+Arbitrum+Base |
Attacker forces withdrawal at gunpoint. Defense: Shadow Passphrase triggers decoy nullifier, real funds remain.
Chainalysis/Elliptic trace deposits to withdrawals. Defense: Merkle anonymity set + relayer binding + multi-denomination.
Government requests proof of legitimate funds. Defense: Selective Disclosure + Proof of Innocence without revealing amounts.
Miner extracts value from pending withdrawal TX. Defense: Relayer binding hash prevents TX modification.