ZK-Sentinel App — Privacy Protocol

Shadow Passphrase & Anti-Coercion

Anti-Coercion Defense. The Shadow Passphrase protects you during the $5 Wrench Attack. Peace of mind is a cryptographic parameter.

🟢 Real Passphrase

Your actual funds. Only accessible with the REAL passphrase.

Pool 1 ETH: 2 notes (2 ETH)

Pool 0.1 ETH: 3 notes (0.3 ETH)

USDC Pool: 2 notes (500 USDC)

Total: 2.3 ETH + 500 USDC

🟡 Decoy Passphrase

Fake balance shown under duress. Attacker sees only this.

Pool 0.01 ETH: 1 note (0.01 ETH)

Total: 0.01 ETH ($25)

🔬 Mathematical Indistinguishability

Real and decoy commitments are cryptographically indistinguishable. No observer — not even with infinite compute — can determine which commitment maps to the real passphrase.

C_real = Poseidon(secret_real, nullifier_real)

C_decoy = Poseidon(secret_decoy, nullifier_decoy)

Both produce valid Groth16 proofs. Both pass on-chain verification. Both are indistinguishable in the Merkle tree. The Poseidon hash function guarantees outputs reveal no information about inputs — making it information-theoretically impossible to distinguish real from decoy.

Dual Nullifier System

// Each deposit generates TWO nullifiers
struct DualNullifier {
nullifier_real: Poseidon(secret, path, 0),
nullifier_decoy: Poseidon(secret, path, 1),
}
// Both consumed independently
// Observer cannot link them to same deposit

Two Passphrases, Two Nullifiers

Each passphrase derives independent cryptographic keys → independent nullifiers → independent withdrawal paths.

Indistinguishable On-Chain

Both produce valid ZK proofs verified by the same Groth16 verifier. No metadata leakage.

Plausible Deniability

Under coercion, reveal decoy passphrase. Attacker cannot prove more funds exist. Information-theoretic security.

ZKML Coercion Detection (Halo2)

On-chain ML model verified via Halo2 proofs detects anomalous withdrawal patterns indicating coercion.

// Halo2-verified ML inference
struct CoercionCheck {
withdrawal_time: unusual_hour,
amount_pattern: full_drain,
frequency: anomalous,
ml_score: 0.89 // > 0.7 = alert
}
→ Automatic time-lock: 24h cooldown
→ Decoy pool activated

⏱ Decoy Pool — Timing Obfuscation

Random delays added to deposits/withdrawals to prevent timing correlation attacks.

Min delay: 30s

Max delay: 300s

Distribution: Poisson

Peace of mind = cryptographic parameter. Even under physical duress, the protocol protects you with ZKML time-locks, decoy pool obfuscation, and dual nullifier deniability.

9 Layers of Protection

🔐

1. ZK Proofs

Groth16

click to expand

🧠

2. ZKML

Halo2

click to expand

👥

3. Dual Nullifier

Anti-coercion

click to expand

🎭

4. Shadow Pass

Decoy wallet

click to expand

⏱

5. Decoy Pool

Timing obfuscation

click to expand

👻

6. Stealth Addr

One-time keys

click to expand

✓

7. PoI

Privacy Pools

click to expand

🔗

8. Nonce Binding

Anti-replay

click to expand

📊

9. Range Proofs

Configurable

click to expand