A privacy L3 on Base, built on the OP Stack. shh ships in two profiles that share one cryptographic core:
- Full privacy chain — every transfer is a shielded UTXO note (Circom + Groth16).
- Open L3 + Privacy Pool — a transparent EVM L3 with an opt-in, compliance-compatible Privacy Pool (fixed denomination + Association Sets, so withdrawals are "unlockable" by an Association Set Provider).
It runs locally with a single sequencer via Docker Compose, and is live as a public testnet L3 settling to Base Sepolia — see Live testnet.
packages/
circuits/ Circom circuits + trusted-setup tooling (the zk core)
contracts/ Hardhat: pools, Poseidon Merkle tree, bridges, generated verifiers
sdk/ TypeScript: notes, Merkle tree, witness + proof generation (npm: @privashh/sdk)
asp-publisher/ daemon: publishes the Privacy Pool association-set root on-chain
infra/
op-stack/ Docker Compose single-sequencer L3 (live; settles to Base Sepolia)
explorer/ Blockscout
apps/
web/ Next.js wallet backend (route handlers; local dev)
docs/
workflow.md phased build plan + verification gates
architecture.md system architecture
privacy-design.md cryptographic source of truth (hashes, circuits, signals)
pnpm install
pnpm setup # compile circuits + Groth16 trusted setup + build sdk & contracts
pnpm dev # local chain + deploy + copy artifacts + wallet backend (http://localhost:3000)pnpm dev is the turn-key local stack: it starts a local node, deploys the privacy core,
copies circuit artifacts into the web app, and runs the wallet backend. Then:
node apps/web/scripts/demo-deposit.mjs # make a Privacy Pool deposit
curl http://localhost:3000/api/pool/leaves # see it indexedRun the full verification gate directly:
pnpm --filter @privashh/sdk test # 9/9 notes, Merkle, value conservation
pnpm --filter @shh/circuits test # 4/4 valid witness proves+verifies; tampered fails
pnpm contracts:test # 10/10 deposit→prove→withdraw, double-spend, ASP gating,
# bidirectional shielded bridge, front-runningReal L3 + explorer (Docker; chain boot is optional — see each README):
cd infra/op-stack && cp .env.example .env && make generate && docker compose up -d
cd infra/explorer && cp .env.example .env && docker compose up -dStatus: live on a public testnet — the L3, privacy core, ASP publisher, and public RPC are up, and the client SDK is published to npm. The wallet UI (in-browser proving) is in progress. See docs/workflow.md.
shh runs as a public OP Stack L3 settling to Base Sepolia.
| Chain ID | 55666 |
| RPC | https://rpc.shh.gg |
| Settlement (L1) | Base Sepolia (84532) |
| Profile | open-pool (transparent L3 + Privacy Pool) |
| Pool denomination | 0.1 ETH |
Deployed contracts (open-pool profile):
| Contract | Address |
|---|---|
| PrivacyPool | 0x06f7F1539030D116AecCC7a32eF35D71b572dc3c |
| ShieldedPool | 0xFf0186cb30cF970F1911760e2fc2b37ED5114520 |
| AssociationSetProvider | 0x37C5550c8baF1015f0a469b7C4d6D63065965aeF |
| PoolWithdrawVerifier | 0xc3A5f03b0b1BeD88A50BadAf0C83b9c04f5ede56 |
| Transaction2x2Verifier | 0xc26C4e92f2c48dC9dC45e02e81092c15f3caC25e |
| Poseidon hasher | 0x17071fFB640DB06aE3568050a9E0217c51899e64 |
An ASP publisher keeps the association-set root current on-chain, so deposits become
withdrawable. The client SDK is published as
@privashh/sdk:
npm install @privashh/sdkThe trusted setup shipped for development is single-contributor and must not secure real funds. Mainnet requires a multi-party ceremony and an external audit (Phase 8). See docs/privacy-design.md.