ZK-SNARK based programmable privacy protocol for Solana

CA: AKNtnKXdvBkoneD893GRnkY2bN9wPSsanaDfKSm8pump

---

Overview

OPAQ is a privacy protocol built on Solana that enables private token transfers, selective attribute disclosure, and privacy pool participation using zero-knowledge proofs. The protocol uses ZK-SNARKs (Groth16/PLONK) to verify transaction validity without revealing sensitive details.

Users can transfer tokens privately, prove compliance with disclosure policies without exposing underlying data, and participate in privacy pools that provide anonymity through a shared set of commitments.

Architecture

%%{init: {'theme':'base','themeVariables':{'primaryColor':'#1A1A3E','primaryTextColor':'#F0EDE8','primaryBorderColor':'#C5A55A','lineColor':'#6B4C9A','secondaryColor':'#12122B','tertiaryColor':'#12122B','background':'#12122B','mainBkg':'#1A1A3E','nodeBorder':'#C5A55A','clusterBkg':'#12122B','clusterBorder':'#6B4C9A','titleColor':'#F0EDE8','edgeLabelBackground':'#1A1A3E'}}}%%
graph TB
    subgraph Client["Client Layer"]
        SDK[TypeScript SDK]
        CLI[CLI Tool]
    end

    subgraph Protocol["OPAQ Protocol"]
        Core[opaq_core<br/>Anchor Program]
        Math[opaq_math<br/>Poseidon / Field Ops]
        Circuits[opaq_circuits<br/>R1CS Constraints]
    end

    subgraph Solana["Solana Runtime"]
        Accounts[On-chain Accounts]
        Verifier[ZK Proof Verifier]
    end

    SDK --> Core
    CLI --> Core
    Core --> Math
    Core --> Circuits
    Circuits --> Math
    Core --> Accounts
    Core --> Verifier

Loading

Features

Private Transfers -- Send tokens without revealing the sender, receiver, or amount. A Groth16 proof attests to the validity of the transfer while keeping all inputs hidden behind commitments and nullifiers.

Programmable Disclosure -- Define policies that specify which attributes a counterparty must prove, and at what threshold. Verifiers learn only that the prover satisfies the policy, nothing more.

Privacy Pools -- Deposit into a shared Merkle tree of commitments. When withdrawing, a ZK proof demonstrates membership in the pool without identifying the specific deposit, providing k-anonymity proportional to the pool size.

Selective Disclosure Credentials -- Issue and verify credentials that attest to properties (age range, jurisdiction, accreditation) without exposing the raw data. Credentials are bound to a holder commitment and can be revoked on-chain.

Installation

git clone https://github.com/opaq-labs/opaq.git
cd opaq

Build

# Rust workspace
cargo build --workspace

# TypeScript SDK
cd sdk
npm install
npm run build

Test

cargo test --workspace
cd sdk && npm test

Usage

SDK

import { OpaqClient } from "@opaq-labs/sdk";

const client = new OpaqClient("devnet");

// Create a disclosure policy requiring 2 of 3 attributes
await client.createDisclosurePolicy(authority, {
  threshold: 2,
  requiredAttributes: [1, 2, 3],
  expirySlot: new BN(300_000_000),
});

CLI

# Check pool status
opaq pool-status --pool <POOL_ADDRESS>

# Verify a proof file
opaq verify-proof --proof-file proof.json

# Generate a commitment
opaq generate-commitment --amount 1000000

Project Structure

opaq/
  programs/opaq_core/     Anchor program (transfer, disclosure, pools)
  libs/opaq_math/         Poseidon hash, field arithmetic, commitments
  libs/opaq_circuits/     ZK circuit constraint generation
  sdk/                    TypeScript SDK for client integration
  cli/                    Command-line interface
  tests/                  Integration tests

License

This project is licensed under the MIT License. See LICENSE for details.