Skip to main content

Introduction

The Privacy Cash SDK provides a TypeScript/JavaScript interface to integrate private transactions into your Solana applications. Built on zero-knowledge proofs, the SDK enables users to shield and withdraw SOL and SPL tokens privately, breaking on-chain transaction links.

Key Features

Private Transfers

Shield SOL and SPL tokens into privacy pools using zero-knowledge commitments

Zero-Knowledge Proofs

Generate Groth16 proofs for unlinkable withdrawals

UTXO Model

Manage private balances with a familiar UTXO-based approach

Merkle Trees

Track commitments using efficient sparse Merkle trees

Architecture Overview

The SDK implements a privacy protocol with the following components:

UTXO Management

The SDK uses a UTXO (Unspent Transaction Output) model inspired by Tornado Cash Nova. Each UTXO contains:
  • Amount: The value of the UTXO
  • Keypair: A Poseidon-based keypair (not standard Ed25519)
    • Private key: Random 31-byte value
    • Public key: PoseidonHash(privateKey)
  • Blinding Factor: Random value for commitment hiding
  • Mint Address: Token mint (SOL or SPL token)
  • Index: Position in the Merkle tree

Commitment Scheme

Commitments are calculated using Poseidon hash: 
commitment = PoseidonHash(amount, pubkey, blinding, mintAddress)
Commitments are inserted into a Merkle tree maintained by the on-chain program.

Nullifier Generation

Nullifiers prevent double-spending by marking UTXOs as spent: 
signature = PoseidonSign(privateKey, commitment, index)
nullifier = PoseidonHash(commitment, index, signature)

Zero-Knowledge Proofs

The SDK generates Groth16 proofs that verify:
  1. Merkle proof: UTXO exists in the commitment tree
  2. Nullifier validity: Prover knows the private key
  3. Balance conservation: Input amounts equal output amounts plus fees
  4. External data binding: Transaction metadata is correctly committed

Transaction Flow

1

Shield (Deposit)

Create UTXOs with encrypted outputs and insert commitments into the Merkle tree. Users send tokens to the program’s token account.
2

Transfer (Optional)

Generate proofs to spend input UTXOs and create new output UTXOs, all within the privacy pool.
3

Withdraw

Prove ownership of UTXOs and withdraw to any recipient address without revealing the deposit source.

Fee Structure

  • Deposit Fee: 0% (Free deposits)
  • Withdrawal Fee: 0.35% of withdrawal amount
  • Fee Recipient: AWexibGxNFKTa1b5R5MN4PJr9HWnWRwf8EW9g8cLx3dM

Security Considerations

The SDK uses cryptographic primitives that require careful handling:
  • Keep private keys secure: UTXO keypairs control access to funds
  • Store encrypted outputs: Needed to reconstruct UTXOs for spending
  • Verify Merkle roots: Ensure roots exist in the program’s history
  • Use sufficient anonymity sets: Wait for more deposits before withdrawing

Supported Networks

  • Mainnet: 9fhQBbumKEFuXtMBDw8AaQyAjCorLGJQiS3skWZdQyQD
  • Devnet: Available for testing
  • Localnet: Supported for development

Next Steps

Installation

Install and configure the Privacy Cash SDK

Basic Usage

Learn the core SDK operations

Examples

Explore complete integration examples

API Reference

Browse the full API documentation

Build docs developers (and LLMs) love

Get started for freeTalk to us