Releases: IsSlashy/Protocol-01-releases
Release list
v1.0.2 — Chrome extension parity + Privy removed + stabilized
Protocol 01 v1.0.2
What's new
- The Chrome extension now matches the mobile app, feature for feature: wallet, stealth addresses, shielded notes, and recurring subscriptions.
- Cross-device subscription sync. Subscribe on your phone, see it in the extension. Same wallet, same merchants, same prices, read on-chain by both.
- Connect your phone wallet to the extension over a one-time encrypted channel (no laptop camera needed).
- On-chain merchant registry in the extension, so prices match the mobile app exactly.
- Relayer health indicator in the app (Privacy page) and on the website.
Stabilization
- Shield, unshield, and sweep work end to end on devnet (V3 STARK pipeline).
- Private denominated transfers fixed (merkle frontier + new_subtrees length).
- subscribe_normal on-chain builder corrected (args + accounts).
- Relayers made self-healing.
Removed
- Privy is gone. Wallets are local seed phrases only, generated on your device and never sent anywhere.
Install
- Android: protocol-01-v1.0.2.apk below.
- Chrome extension (beta, devnet): https://protocol-01.dev/extension
v1.0.1 — X Quantum Dublin demo build
Hotfix rebuild — 2026-05-29. Same v1.0.1, fresh APK with the on-device fixes below. Install over the existing v1.0.1 (same signing key, data preserved).
Hotfix — 2026-05-29
- Privy embedded-wallet recovery & signing fixed —
PrivyElementsis now mounted so the embedded wallet's UI/unlock can render;signMessageno longer hangs onuser-signer:sign. The deterministic note-seed is persisted in SecureStore, so recovery runs offline on every boot instead of re-hitting the remote wallet WebView. - Transaction serialization fixed — the
@noble/curvesv2 migration had brokenTransaction.serialize()(every on-chain op threwundefined is not a function); the Hermes shims now point at the real v2 module paths. - C3 merkle_path STARK verifier fixed —
verify_constraints_merkle_pathtreated the 32 padding rows (480–511) as active Poseidon rounds, rejecting valid V3 unshield proofs withInvalidProof(deterministic per note). Verifier rebuilt and redeployed on devnet (DGY37k…, slot 465731409). - Resilience — transient RPC network retry + ephemeral crash-sweep with fresh balance.
- Build — pnpm 10 monorepo Android autolinking workaround.
Verified end-to-end on device (devnet): shield, emergency unshield + sweep, private merchant subscribe, and the classic local-keypair flow.
Dublin demo build, submitted to the X Quantum hackathon (Dogs Patch, 2026-05-24).
Highlights
p01_quantum_walletscaffold (Phase A) — first cut of the post-quantum smart-contract wallet program (STARK-authorized), groundwork for the full PQ end-to-end plan.- Mobile quantum wallet UX layer (Phase B) — boot scaffold +
WalletSignerabstraction so the wallet path is keypair / Privy agnostic. - Real-time progress bars across subscribe / shield / unshield / confidential / cancel.
- License key card on the subscription detail screen.
Fixes (Dublin)
stark gen_proofJSON output: commitment now quoted as a string (avoids JS number-precision truncation on the mobile side).- STARK proof generation timeout bumped 60s → 180s for slower Android devices.
Devnet artifacts
zk_shielded:GbVM5yvetrSD194Hnn1BXnR56F8ZWNKnij7DoVP9j27cp01_relayer:2okhzLVr6FEq5jP19KT6VurcSutx2zE4RhkRamrk5WpWp01_stark_verifier:DGY37k3Jt7cbrfNa9rxyLZVcFB7S7A2NqtVpkh9fWQvs- 13 V4 denominated pools live.
Install
Download protocol-01-v1.0.1.apk below. Android may warn about installing outside the Play Store; allow it for this build.
v1.0.0 — STARK V3 cancel + refund-via-relayer pipeline live
Highlights
- STARK V3 cancel unblocked end-to-end on devnet (private subscription cancel via STARK proof + retailer payout + close).
- Refund-via-relayer pipeline (
p01_relayer::submit_refund_job/process_refund_job): residual lamports go to a RefundJob PDA, a keeper delivers a stealth-encrypted re-shielded note to the subscriber. - Validated live: shield, classic recurring subscriptions, private recurring subscriptions (subscribe / pause / resume / cancel with STARK proof).
Fixes
claimable_periods()now caps at remaining funded periods to prevent u64 underflow at retailer payout when a vault's elapsed window outruns its funding.cancel_private_starkaccounts switched toOption<UncheckedAccount<'info>>for the optional pool / tree / refund-job slots so Anchor 0.32's program-id sentinel is honored cleanly.
Devnet artifacts
- Program:
GbVM5yvetrSD194Hnn1BXnR56F8ZWNKnij7DoVP9j27c(zk_shielded) - Relayer:
2okhzLVr6FEq5jP19KT6VurcSutx2zE4RhkRamrk5WpW(p01_relayer) - STARK verifier:
DGY37k3Jt7cbrfNa9rxyLZVcFB7S7A2NqtVpkh9fWQvs(p01_stark_verifier) - 13 V4 denominated pools live.
Install
adb install -r protocol-01-v1.0.0.apk
Notes from a v0.9.x install are preserved if both APKs were signed with the same release keystore.
v0.9.11 — Phase A (relayer) + Phase B (event scrub) live
What's new
Network privacy (Phase A) — V3 shield/unshield/transfer now route through the on-chain p01_relayer program with a hosted off-chain worker on Railway. Hides the user's RPC submission IP and uses an ephemeral fee-payer for the outer wrapper tx (closes leaks L19 + partial L17).
- New
Settings → Privacy → RELAY ROUTINGtoggle (default ON). - Universal fallback: if the relayer hiccups, falls back to direct on-chain submit so the user UX never breaks.
- Critical fix: rent-exempt minimum pre-funded on the ephemeral submitter.
On-chain event scrubbing (Phase B) — zk_shielded no longer emits ShieldDenominatedV3Event / UnshieldDenominatedStarkV3Event / TransferDenominatedStarkV3Event. These were leaking depositor, recipient, denomination, etc. directly to any indexer parsing program logs. The universal LeafInserted event + on-chain NullifierRecord PDA suffice for clients.
- Devnet program upgrade:
4dVAbEkMqmFkb8VcSmsbR6FYw9sbktx3yUr4EnjQbHUkUvnbZ1CZN1zw7orrt6dMB4gQBkeo1EN3bRsTTzFc9Fam - Validated live: inner unshield txs now show zero
Program data:lines.
Honest scope
What's closed:
- L19 (RPC IP) — hosted relayer
- L17 partial (outer fee-payer = ephemeral)
- Event-level L1 / L5 / L7 (depositor / recipient / nullifier no longer in events)
What's still leaky (deferred):
- Tx-account-level L1 / L5 (depositor/recipient still appear as accounts in the inner tx) — needs Phase A.5 (feeder pool) + B.2 (stealth recipient).
- L2 (pre-fund tx from main wallet to ephemeral) — same Phase A.5 territory.
Phase A.5 is deferred until either TEE attestation or N≥3 distinct relayers exist; a single-relayer feeder pool would be trust-shifting, not privacy-gaining.
Install
- Devnet only.
- Re-installing over an existing v0.9.x debug build will wipe AsyncStorage/SecureStore (signature mismatch). Re-install over v0.9.11 release will preserve notes.
v0.9.9 Frost — Privy auth + recovery silenced + UI polish
Hotfix on top of the original v0.9.9 build.
- Stable Privy embedded wallet — same Google account always resolves to the same Solana address. Auto-create now waits 3s for Privy to surface existing wallets before minting a new one.
- Boot recovery modal silenced for fresh wallets and Privy logins. Pre-stamps the recovery flag at the wallet-creation source (
services/createWallet,walletStore.initializeWithPrivy) so the auto scan only fires for genuine cross-device seed imports. - Stream P2P private mode UI cleaned up — no more total-amount input when the per-payment rate is derived from the denominated note on the next screen.
- APK 125 MB → 96 MB — three.js / WebGL deps dropped, drawables trimmed, JS bundle slimmed.
- Web download CTA size label updated to match.
v0.9.8 — BLE P2P Sharing + Play Store Ready
BLE P2P Note Sharing (NEW)
- Share shielded notes between devices via Bluetooth
- X25519 + XSalsa20-Poly1305 end-to-end encryption
- Visual fingerprint verification (anti-MITM)
- Native Android GATT write (bypasses ble-plx limitations)
- Receive button accessible without existing notes
NDK 28 Crash Fix
- Fixed fatal crash on launch (
libworklets.so—__cxa_init_primary_exception) - NDK 27.2 → 28.0 with clang 19 ICE workaround (pnpm patch)
NFC
- Disabled (Coming Soon) — BLE is the recommended transport
- Backend fixes: thread safety, timeout, partial read protection
Build & Security
- Gradle JVM: ZGC + 6GB heap (fixes JVM crash on Windows)
- Release signing passwords removed from source code
- Version synced: 0.9.8 / versionCode 20 / targetSdk 36
i18n
- Full EN/FR/JA translations for sharing screens
Stats
- 14 Solana programs · 6 Circom circuits · 6 STARK AIRs · 9 Arcis MPC circuits
- 3 client apps (mobile, extension, web)
v0.9.7 — Privacy Shield Fix + Founder Page
Privacy Shield Fix (Critical)
- Stealth addresses now applied on subscription payments
- Ephemeral fee payer hides sender identity on-chain
- Works with both local keypair and Privy wallets
Founder Page
- New /founder page on protocol-01.vercel.app
- Full profile: timeline, mission, technical scope (EN/FR/JA)
Demo Videos
- Remotion-powered 4K demo videos (FR + EN)
Stats
- 14 Solana programs
- 15 ZK circuits (9 Circom + 6 STARK)
- 16 SDKs
- 3 client apps
v0.9.6 — Fix native wallet unshield + Privy auth guard
Protocol 01 v0.9.6 (Standalone APK)
Bug Fixes
- fix: getKeypair static import — Dynamic
import()ofgetKeypairbroke in Hermes release builds ("Property 'getKeypair' doesn't exist"). Replaced all 3 dynamic imports with static import. Fixes unshield crash for native wallet users. - fix: Privy "Already logged in" guard — OAuth login functions now check
isAuthenticatedbefore callingoauthLogin.login(), preventing error when a cached Privy session exists. - fix: graceful redirect on Privy session conflict — Login screen catches "Already logged in" errors and redirects to wallet instead of showing error alert.
Build
- versionCode: 18 | versionName: 0.9.6
- Standalone APK (JS bundle embedded, no Metro required)
- NDK: 27.2.12479018 | Hermes enabled
- APK size: ~111 MB
v0.9.5 — Full Stealth Privacy + Crash Fixes
Privacy
- Full stealth unshield: wallet never appears on-chain (stealth signer + ECDH recipient)
- MPC nullifier fix: 4×u64 chunks (was overflowing 254-bit Poseidon field in ~75% of cases)
- Timing decorrelation: random jitter between funding, unshield, and sweep
Crash Fixes
- NDK 28 for react-native-worklets 0.8.1 (libworklets.so ABI crash)
useT()missing in ServiceCard/StreamCard (Services tab crash)tStatic()in timeUntil() (Activity → Scheduled crash)
UI/UX
- Chat History page reworked (design system alignment)
- Unshield / Emergency Unshield page reworked + i18n (EN/FR/JA)
- Send SOL: removed Private Send block, fixed tab bar overlap
- Version display updated to v0.9.5
Build
- APK: 111 MB (arm64-v8a only, was 190 MB)
- NDK 28.0, standalone release (no Metro/Expo needed)
- Signed release keystore
v0.9.4 — UI Overhaul + Performance
v0.9.4 — UI Overhaul + Performance
UI/UX — Lean Design System
- Lightened all screens: removed BlurView/LinearGradient/borders across the entire app
- Flat
surfaceSecondary(#0f0f12) cards everywhere — consistent with P-01 DA - Agent header redesigned to match WalletHeader pattern
- Agent welcome page: 2-column grid, inline market data
- Lock screen: app logo replaces "01" text, clean fingerprint circle
- Devnet airdrop: moved from floating FAB to inline button next to SOL balance
- Streams, Subscribe, My Notes, Privacy, Settings, Agent Settings, Security, Backup, Network — all lightened
Performance
- Tab switching:
lazy: true+freezeOnBlur: true— tabs load on demand and freeze when hidden - Removed 279 entering animations that fired on every tab switch
- Heavy async work deferred with
InteractionManager.runAfterInteractions - Tab animation set to native
shiftfor smooth transitions - APK size: 144MB (arm64-only, down from 204MB)
Version
- versionCode 16, versionName 0.9.4