Search

Search for projects by name or address

Privacy
SummaryProtocol descriptionRisk summaryUpgrades & GovernanceTrusted setup

STRK-20 logo
STRK-20

The proven program is not made available so it is unknown what logic is verified by the smart contract. Furthermore, real-time monitoring for this project is not supported.

About

A privacy pool on Starknet for arbitrary-amount private transfers and DeFi actions, using Cairo execution proofs and auditor-accessible compliance data.

  • Live metrics
    Not trackedOnchain monitoring is not available for this project.
  • Exit window
  • Admin view key
  • Reproducibility
    • Upgradeable
    Transfers
    DeFi
    Any amount
    Enforced compliance
    Closed source

    About

    A privacy pool on Starknet for arbitrary-amount private transfers and DeFi actions, using Cairo execution proofs and auditor-accessible compliance data.

    Protocol description

    STRK-20 is a privacy pool deployed as a smart contract on starknet. It uses a UTXO-style note model: users deposit ERC20 tokens into the pool, create encrypted notes, spend notes by publishing nullifiers, and withdraw to public Starknet addresses.

    The pool contract source code was reviewed for this entry, but the TypeScript SDK and proving stack are not open source yet. Because the prover and core program is not published, nobody can independently audit and verify the software that produces proofs or see what is actually proven. This adds a major trust assumption for liveness and validity.

    Privacy considerations

    The protocol supports private transfers, arbitrary amounts, partial withdrawals through private change notes, and DeFi actions through external helper contracts. DeFi integrations use open notes: the pool creates a note whose final amount is filled after an external helper, such as a swap or lending adapter, measures the onchain output.

    Recipients discover notes from onchain data through account-linked channels and token-specific subchannels. This avoids scanning all pool activity, but the discovery address is visible when channel metadata is written or read. Using a trusted or local node for note / channel discovery or separating note discovery from withdrawal submission is therefore crucial for privacy.

    Fees

    The pool currently charges a flat fee of 4 STRK plus gas for any action that uses the privacy pool, including deposits, swaps, and withdrawals.

    Compliance

    The compliance model relies on an ‘auditor’ public key. Users register an encrypted private viewing key, but all ‘private’ actions must include auditor-encrypted metadata. Whoever controls the auditor private key can decrypt user metadata offchain from onchain-emitted cyphertexts; this does not grant spending authority, but it can centrally remove any user’s privacy, even retroactively.

    Anonymity set

    The anonymity set, in the best case, corresponds to the set of all users of the privacy pool. But metadata leaks and the centralized auditor reduce the anonymity set in practice.

    Risk summary

    Funds can be stolen if

    1. the proof system or virtual Starknet execution model is broken or backdoored, allowing invalid server actions to be applied.
    2. the escrow smart contract is maliciously upgraded (no delay).
    3. an external DeFi helper or target protocol invoked by the user mishandles assets.

    Funds can be lost if

    1. a user loses the Starknet account key or private viewing key required to spend their notes.
    2. the pool is paused or upgraded in a way that prevents users from applying valid actions.

    Privacy can be lost if

    1. the auditor private key holder decrypts registered users’ viewing keys or withdrawal and metadata.
    2. the currently private SDK or prover leaks user secrets or metadata.
    3. deposits, withdrawals, open-note fills, timing, unique amounts, or DeFi helper calldata make a user’s activity linkable.
    Upgrades & Governance

    The pool uses StarkWare-style role components and an instantly upgradeable smart contract implementation.

    • APP_GOVERNOR can set the fee amount, fee collector, and proof validity window.
    • GOVERNANCE_ADMIN can grant governance and upgrade-governor roles.
    • SECURITY_ADMIN can grant pause, unpause, and auditor-key administration roles.
    • SECURITY_AGENT can pause the pool, if granted.
    • SECURITY_GOVERNOR can unpause the pool and change the auditor public key, if granted.
    • UPGRADE_GOVERNOR can approve and execute upgrades, if granted.
    • UPGRADE_AGENT can execute approved upgrades, if granted.

    The live role holders observed were:

    • APP_GOVERNOR: 0x2796da10aba2e1f445c38eba07e5a4393d6dab30d203d3432deb824e891619a (2/4 Multisig)
    • GOVERNANCE_ADMIN: 0x3103066e6c7037ba947ea9a7b5b8d110ae7f3d631fa5849435d0dc1fc5ef785 (EOA)
    • GOVERNANCE_ADMIN and SECURITY_ADMIN: 0x663cc699d9c51b7d4d434e06f5982692167546ce525d9155edb476ac9a117d6 (7/12 Multisig)
    Trusted setup

    Transparent setup

    Detailed description

    Transparent proving systems require no trusted setups and have no additional setup-related trust assumptions.