ββββββββ βββ βββββββ ββββββββ βββ ββββββββ ββββββββ βββ ββββββββ ββββββββ βββ βββββββ ββββββββ βββ βββ ββββββββ βββ βββ
Privacy is not a feature. It's a right.
The privacy layer for cross-chain transactions via NEAR Intents + Zcash
One toggle to shield them all β’ Stealth addresses β’ Zero-knowledge proofs β’ Selective disclosure β’ Multi-chain support
- What is SIP?
- Quick Preview
- The Problem
- The Solution
- Key Features
- Installation
- Quick Start
- Architecture
- Packages
- Roadmap
- Tech Stack
- Development
- Contributing
- Security
- License
- Acknowledgments
SIP (Shielded Intents Protocol) brings HTTPS-level privacy to cross-chain transactions. Just as HTTPS encrypted the web without changing how users browse, SIP adds privacy to blockchain intents without changing how users swap.
HTTP β HTTPS (Web privacy upgrade)
Intents β SIP (Blockchain privacy upgrade)
Stop exposing your financial activity. Start swapping privately.
| β Public Intent (Everyone sees everything) | β Shielded Intent (Solvers see only what they need) |
|---|---|
{
from: "0x1234...",
inputAmount: 10,
inputToken: "SOL",
outputToken: "ETH",
recipient: "0x5678..."
}Exposed:
|
{
intentId: "abc123",
outputToken: "ETH",
minOutput: 0.004,
inputCommitment: "0xabc...",
recipientStealth: "0xdef...",
proof: "0x123..."
}Protected:
|
Result: Solvers can fulfill your intent without knowing who you are or where the funds are going.
Current cross-chain solutions expose everything about your transactions. This isn't just inconvenient β it's a security risk.
| Data Point | Visibility | Risk |
|---|---|---|
| Sender Address | Public | Targeted phishing, social engineering |
| Transaction Amount | Public | Front-running, MEV extraction |
| Recipient Address | Public | Surveillance, address clustering |
| Transaction History | Permanent | Financial profiling, discrimination |
| Attack Vector | How It Works | Impact |
|---|---|---|
| Front-Running | Bots see your pending swap, execute first | You get worse price |
| MEV Extraction | Validators reorder txs to profit | Value extracted from you |
| Phishing | Attackers identify high-value wallets | Direct theft attempts |
| Surveillance | Exchanges/govts track all activity | Privacy violation |
| Price Discrimination | Services see your balance | Higher fees for wealthy users |
The blockchain is a public ledger. Without privacy, it's a surveillance system.
SIP wraps cross-chain intents in a cryptographic privacy layer using battle-tested technology from Zcash and cutting-edge stealth address schemes.
βββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ
β USER β
β β β
β βΌ β
β βββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ β
β β SIP SDK β β
β β βββββββββββββββ βββββββββββββββ βββββββββββββββββββ β β
β β β Privacy β β Stealth β β ZK Proof β β β
β β β Toggle β β Address Gen β β Generation β β β
β β βββββββββββββββ βββββββββββββββ βββββββββββββββββββ β β
β βββββββββββββββββββββββββββ¬ββββββββββββββββββββββββββββββββ β
β β β
β βΌ β
β βββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ β
β β SHIELDED INTENT LAYER β β
β β β’ Pedersen commitments (hide amounts) β β
β β β’ Stealth addresses (hide recipients) β β
β β β’ ZK proofs (prove validity without revealing data) β β
β βββββββββββββββββββββββββββ¬ββββββββββββββββββββββββββββββββ β
β β β
β βΌ β
β βββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ β
β β NEAR INTENTS ROUTER β β
β β β’ Intent matching β β
β β β’ Solver network β β
β β β’ Cross-chain execution β β
β βββββββββββββββββββββββββββ¬ββββββββββββββββββββββββββββββββ β
β β β
β βββββββββββββββββΌββββββββββββββββ β
β βΌ βΌ βΌ β
β ββββββββββββββββ ββββββββββββββββ ββββββββββββββββ β
β β Solana β β Zcash β β Ethereum β β
β β β β (Privacy β β β β
β β β β Backbone) β β β β
β ββββββββββββββββ ββββββββββββββββ ββββββββββββββββ β
βββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ
| Mechanism | Purpose | Technology |
|---|---|---|
| Pedersen Commitments | Hide transaction amounts | value * G + blinding * H |
| Stealth Addresses | One-time recipient addresses | EIP-5564 style, secp256k1 |
| ZK Proofs | Prove validity without revealing data | Zcash proving system |
| Viewing Keys | Selective disclosure for compliance | Derived key pairs |
Toggle between public and shielded modes with a single switch. No complex setup, no key management headaches.
Works across Solana, Ethereum, NEAR, and more. Privacy shouldn't be chain-specific.
| Level | Description | Use Case |
|---|---|---|
TRANSPARENT |
Standard public transaction | When privacy isn't needed |
SHIELDED |
Full privacy via Zcash pool | Personal transactions |
COMPLIANT |
Privacy + viewing key | Institutional/regulatory |
Every transaction uses a fresh one-time address. No address reuse, no transaction linkability.
Selective disclosure for audits and compliance. Prove your transaction history without exposing it to everyone.
Hidden amounts and recipients mean front-runners can't extract value from your trades.
Same swap interface you're used to. Privacy happens under the hood.
# npm
npm install @sip-protocol/sdk
# pnpm
pnpm add @sip-protocol/sdk
# yarn
yarn add @sip-protocol/sdkimport { SIP, PrivacyLevel } from '@sip-protocol/sdk';
const sip = new SIP({
network: 'mainnet', // or 'testnet'
});const intent = await sip.createIntent({
input: {
chain: 'solana',
token: 'SOL',
amount: 10,
},
output: {
chain: 'ethereum',
token: 'ETH',
},
privacy: PrivacyLevel.SHIELDED,
});// Solvers compete to fill your intent
const quotes = await intent.getQuotes();
// Execute with the best quote
const result = await intent.execute(quotes[0]);
console.log(result.status); // 'fulfilled'
console.log(result.txHash); // null (shielded!)
console.log(result.proof); // ZK proof of execution// Public mode (standard intent, no privacy)
privacy: PrivacyLevel.TRANSPARENT
// Full privacy (via Zcash shielded pool)
privacy: PrivacyLevel.SHIELDED
// Privacy + audit capability (for institutions)
privacy: PrivacyLevel.COMPLIANT,
viewingKey: generateViewingKey()sip-protocol/
βββ apps/
β βββ demo/ # Next.js demo application
β βββ src/app/ # App router pages
β βββ src/components/ # UI components
βββ packages/
β βββ sdk/ # @sip-protocol/sdk
β β βββ src/stealth.ts # Stealth address generation
β β βββ src/intent.ts # Intent builder
β β βββ src/privacy.ts # Viewing key management
β β βββ src/crypto.ts # Pedersen commitments
β β βββ src/sip.ts # Main client class
β βββ types/ # @sip-protocol/types
β βββ src/intent.ts # ShieldedIntent interface
β βββ src/privacy.ts # PrivacyLevel enum
β βββ src/stealth.ts # Stealth address types
βββ docs/ # Documentation
User Input β Privacy Layer β Intent Creation β Solver Network β Execution
β β β β β
β βΌ β β β
β ββββββββββββ β β β
β β Generate β β β β
β β Stealth β β β β
β β Address β β β β
β ββββββββββββ β β β
β β β β β
β βΌ β β β
β ββββββββββββ β β β
β β Create β β β β
β β Pedersen β β β β
β βCommitmentβ β β β
β ββββββββββββ β β β
β β β β β
β βΌ β β β
β ββββββββββββ β β β
β β Generate β β β β
β β ZK Proof β β β β
β ββββββββββββ β β β
β β β β β
ββββββββββββββββ΄βββββββββββββββ΄ββββββββββββββββββ΄ββββββββββββββ
| Package | Description | Status |
|---|---|---|
@sip-protocol/sdk |
Core SDK for creating shielded intents | β Active |
@sip-protocol/types |
TypeScript type definitions | β Active |
apps/demo |
Reference implementation and demo app | β Active |
- β Core type definitions (ShieldedIntent, PrivacyLevel, StealthAddress)
- β SDK architecture (SIP client, IntentBuilder)
- β Stealth address generation (secp256k1, EIP-5564 style)
- β Pedersen commitment implementation
- β Demo application with comparison view
- β Monorepo setup (pnpm + Turborepo)
- β Zcash testnet RPC client
- β Shielded transaction support
- β Solver interface design
- β³ NEAR 1Click API integration
- β³ End-to-end shielded flow
- β³ Mock ZK proof generation
- Real ZK proof generation
- Solver network integration
- Multi-chain execution
- Viewing key verification
- Transaction status tracking
- Security audit
- Mainnet deployment
- SDK v1.0 release
- Documentation site
- Additional chain support
| Category | Technology | Purpose |
|---|---|---|
| Framework | Next.js 14 (App Router) | Demo application |
| Language | TypeScript (strict mode) | Type safety |
| Styling | Tailwind CSS + shadcn/ui | UI components |
| State | Zustand | Client state management |
| Monorepo | pnpm + Turborepo | Package management |
| Cryptography | @noble/curves, @noble/hashes | Stealth addresses, commitments |
| Deployment | Vercel | Hosting |
- Node.js 18+
- pnpm 8+
# Clone the repository
git clone https://github.com/RECTOR-LABS/sip-protocol.git
cd sip-protocol
# Install dependencies
pnpm install
# Start development
pnpm devpnpm dev # Start development server (port 3000)
pnpm build # Build all packages
pnpm lint # Lint code
pnpm typecheck # Type checkWe welcome contributions! Please see CONTRIBUTING.md for guidelines.
- Protocol improvements
- SDK features
- Documentation
- Security audits
- Chain integrations
SIP is experimental software. Use at your own risk.
CRITICAL: Always use HTTPS/TLS when connecting to Zcash nodes in production.
The Zcash RPC client uses HTTP Basic Authentication, which transmits credentials in base64-encoded cleartext. Without TLS/HTTPS:
- RPC credentials are vulnerable to network sniffing
- All transaction data can be intercepted
- Man-in-the-middle attacks are possible
Production Requirements:
- β
Use
https://URLs for Zcash RPC endpoints - β Configure zcashd with valid TLS certificates
- β Store credentials in secure environment variables
- β Use network-level access controls (firewall rules, VPCs)
- β NEVER use HTTP in production
- β NEVER hardcode credentials in source code
Example:
// β
Production (HTTPS)
const client = new ZcashRPCClient({
host: 'https://your-node.com',
port: 8232,
username: process.env.ZCASH_RPC_USER,
password: process.env.ZCASH_RPC_PASS,
})
// β οΈ Development only (HTTP on localhost)
const testClient = new ZcashRPCClient({
host: '127.0.0.1',
port: 18232,
username: 'test',
password: 'test',
testnet: true,
})If you discover a security vulnerability, please report it responsibly:
- Email: security@sip-protocol.xyz
- Do NOT open public issues for security vulnerabilities
MIT License β see LICENSE file for details.
SIP builds on the shoulders of giants:
- Zcash β Privacy-preserving cryptocurrency and proving system
- NEAR Protocol β Intent-centric blockchain infrastructure
- EIP-5564 β Stealth address standard
- @noble/curves β Audited cryptographic primitives
- The broader privacy and cryptography research community
Built for the NEAR AI Intents Hackathon
Privacy is not a feature. It's a right.
Documentation Β· Demo Β· Report Bug