Axiomatic
Privacy & Confidential Transfers

Shielded Transfers

End-to-end guide to shielding, transferring, and unshielding ETH and ERC-20 tokens using the ConfidentialLedger.

Overview

Shielded transfers let entities move ETH and ERC-20 tokens privately on-chain. The system uses a UTXO-based note model with Poseidon commitments and Halo2-KZG zero-knowledge proofs on BN254.

Three operations are supported:

OperationDescription
ShieldDeposit public tokens into the private ledger, creating a shielded note
TransferSend shielded tokens to another entity without revealing amounts or identities on-chain
UnshieldWithdraw shielded tokens back to a public address

How It Works

Shield (Deposit)

  1. Entity calls POST /api/privacy/shield with token, amount, and chain
  2. The API derives the entity's key set, computes a Poseidon commitment, and encrypts the note data
  3. A UserOp is submitted through the entity's smart wallet to ShieldedTransferFacet
  4. The facet calls ConfidentialLedger.shield(), which inserts the commitment into the Merkle tree
  5. The scanner detects the NoteCreated event, trial-decrypts it, and records the note in the database

Private Transfer

  1. Entity calls POST /api/privacy/prove-transfer with recipient, token, and amount
  2. The API selects input notes (coin selection), fetches Merkle paths from on-chain
  3. A JoinSplit proof is generated via the native Halo2-KZG prover (2 inputs, 2 outputs)
  4. The proof bundle is returned to the client, which submits it to POST /api/relay/transfer
  5. The relay submits the transfer anonymously — the sender's wallet never appears on-chain
  6. The ConfidentialLedger verifies the proof, records nullifiers, and inserts new commitments

Unshield (Withdrawal)

  1. Entity calls POST /api/privacy/unshield with token, amount, and optional recipient
  2. The API selects input notes, generates a proof with value_delta equal to the withdrawal amount
  3. A UserOp is submitted to ShieldedTransferFacet.unshieldTokens()
  4. The facet calls ConfidentialLedger.unshield(), which verifies the proof and sends tokens to the recipient

Token Support

ChainTokenAddressStatus
Base SepoliaETHaddress(0)Supported
Base SepoliaUSDC0x036CbD53842c5426634e7929541eC2318f3dCF7eSupported
BaseETHaddress(0)Supported
BaseUSDC0x833589fCD6eDb6E08f4c7C32D4f71b54bdA02913Supported
BaseDAI0x50c5725949A6F0c72E6C4a641F24049A917DB0CbSupported

Native ETH uses the address(0) sentinel in the ConfidentialLedger. The contract wraps/unwraps ETH automatically.

Gas Estimates

OperationGasApprox. Cost (Base)
Shield (ETH)~80,000~$0.01
Shield (ERC-20)~120,000~$0.01
Private Transfer~350,000~$0.03
Unshield~350,000~$0.03

All operations are sponsored by the platform paymaster — entities do not need to hold ETH for gas.

Accounting Integration

Shielded transfers are automatically classified and posted through the posting engine:

Event TypeDebitCredit
shielded_depositassets.crypto.shieldedcash.usdc
shielded_withdrawalcash.usdcassets.crypto.shielded
shielded_transfer_inassets.crypto.shieldedassets.crypto.shielded
shielded_transfer_outassets.crypto.shieldedassets.crypto.shielded

Encryption

Field-level encryption protects all sensitive financial data, PII, and transaction payloads at rest.

Architecture

Contract relationships, data flow diagrams, and deployment order for the privacy system.

On this page

OverviewHow It WorksShield (Deposit)Private TransferUnshield (Withdrawal)Token SupportGas EstimatesAccounting Integration