π₯οΈ
Best Viewed on Desktop
The technical documentation and app previews are optimized for desktop viewing.
β Back to HomeποΈ
Architecture
ZK-Sentinel V11 implements defense-in-depth through ten independent layers, from local encryption to ZKML-based coercion detection.
L10
ZKML Privacy Monitor
LSTM model para detecciΓ³n de anomalΓas on-chain
L9
Selective Disclosure
RevelaciΓ³n granular: rango de monto, timestamp, ASP membership
L8
Shadow Passphrase (Anti-Coercion)
Dual nullifier β frase real vs seΓ±uelo con wallets separadas
L7
Proof of Innocence (Privacy Pools)
Membership proof en Association Set sin revelar identidad
L6
Shielded Transfers + Time Delay
Movimientos internos ocultos + retardo configurable anti-timing
L5
Stealth Addresses
Direcciones efΓmeras EIP-5564 para depΓ³sitos no vinculables
L4
Batch Operations + Amount Splitting
DepΓ³sitos/retiros agrupados β oculta montos originales
L3
Partial Withdrawals (V11)
Retiro parcial con change commitment β Poseidonβ(C, amount) liga monto
L2
Relayer Network
Transacciones gasless via relayers β rompe link de gas + fee binding
L1
Core Pool (Poseidonβ + Groth16 + Halo2)
Commitment scheme, Merkle tree 20 levels, dual nullifier, ZKML verification
Performance Metrics (Paper Table 10)
Proof Generation Time
Withdraw (base): ~1.5s
Withdraw + MLP: ~2.1s
Withdraw + LSTM: ~4.5s
PoI proof: ~650 ms
Partial withdrawal: ~490 ms
Selective disclosure: ~700 ms
On-Chain Gas Costs
Deposit (V11 amount-binding): ~95,000 gas
Full withdrawal + PoI: ~280,000 gas
Partial withdrawal + PoI: ~1,430,000 gas
Selective disclosure: ~270,000 gas
Proof size (Groth16): 128 bytes (3 BN254 group elements)
System Flow
deposit β withdraw flowprotocol
User Relayer Contract (Sepolia) β β β ββββ deposit(C, pool) ββββββββββββββββββββββββββββΊ β C = Poseidonβ(s, Ξ·_r, Ξ·_d, H_f) β β ββββ insertLeaf(C) β Merkle root update β β β β [time passes β anonymity set grows] β β β β ββββ generateProof() ββΊ β β snarkjs.groth16.fullProve() β (browser/CLI) β β β β β ββββ withdraw(proof) βββΊ β β β βββ relay(proof,addr) βββΊ β verifyProof(Ο, public_signals) β β ββββ checkNullifier(Ξ·) β no double spend β β ββββ transfer(recipient, amount - fee) β β ββββ transfer(relayer, fee) β β β ββββ funds received ββββ β ββββββββββββββββββββββ β
Cryptographic Primitives
Poseidon HashHash
ZK-friendly hash optimized for BN254 (Grassi et al. 2021). ~8x cheaper in R1CS constraints vs SHA-256. Used for commitments, nullifiers, and Merkle tree nodes.
Groth16Proof System
Non-interactive zk-SNARK (Groth 2016). Proof = 3 group elements (A β Gβ, B β Gβ, C β Gβ) = 128 bytes on BN254. Verification: constant time via pairing check.
Halo2Proof System
Polynomial commitment scheme for ZKML. EZKL compiles PyTorchβONNXβHalo2 circuits. On-chain KZG pairing verification. Used for coercion detection model.
Merkle TreeAccumulator
Binary tree of depth 20 (2Β²β° = 1,048,576 leaves). Poseidon nodes. ROOT_HISTORY_SIZE=100. Zero values precomputed for efficient insertion.
BN254 CurveElliptic Curve
Barreto-Naehrig curve at 128-bit security. Native EVM precompile support: ecAdd (0x06), ecMul (0x07), ecPairing (0x08). Field size p β 2Β²β΅β΄.
Dual NullifierNovel
N_real = H(s, 0), N_decoy = H(s, 1). Cryptographically independent (Lemma 1). Arithmetic selector: a = ia Γ frase. Output = aΒ·H(N_real) + (1βa)Β·H(N_decoy).
Poseidonβ CommitmentNovel
C = Poseidonβ(secret, N_real, N_decoy, H_phrase). 4-input scheme binds both nullifiers + passphrase to single Merkle leaf. V11: leaf = Poseidonβ(C, amount).
Shadow PassphraseNovel
Canary phrase β a deliberate decoy trigger. frase_correcta = frase_real Γ (1 β frase_shadow). Produces successful TX indistinguishable from real withdrawal.