Search

Search for projects by name or address

Privacy

Zama Confidential Tokens logo
Zama Confidential Tokens

About

Zama Confidential Tokens is an app that wraps ERC-20 assets into confidential tokens and hides balances and transfer amounts using Zama FHEVM on Ethereum.


  • Total Value Locked
    $39.15 Macross 8 assets and 8 buckets
  • TVL
    $39.15 M
  • Assets tracked
    8
  • Buckets tracked
    8
  • Deposits 7D
    117
  • Deposits 30D
    2.33 K
  • Deposits Total
    2.43 K
  • Exit window
  • Privacy
  • Reproducibility
  • Attributes
    FHEPrivate amountsAny amountDeFi

  • About

    Zama Confidential Tokens is an app that wraps ERC-20 assets into confidential tokens and hides balances and transfer amounts using Zama FHEVM on Ethereum.

    Zama Confidential Tokens is an account-based confidential token system on Ethereum, using the Zama FHE protocol. It is based on ERC-7984. Users deposit regular ERC-20 tokens into asset-specific escrows and receive confidential tokens whose balances and internal transfer amounts are represented as encrypted handles.

    ‘Confidential’ here means from: and to: addresses and transfer timestamps always remain public. Only balances and transfer amounts are hidden. Each confidential token aggregates encrypted balances for a single underlying asset, so the hidden state is the amount and balance data, not the public address graph.

    Zama Confidential Tokens architecture

    Architecture

    The Zama FHE protocol uses fully homomorphic encryption to let smart contracts operate on encrypted values. Balances are stored as encrypted handles instead of plaintext balances, and FHEVM system contracts are called for encrypted arithmetic, comparisons, transfers, minting, or burning, but most of the actual FHE execution happens offchain.

    The FHE coprocessor is an offchain service that performs FHE-related work the EVM cannot execute directly. Encrypted user inputs are accepted onchain only after the InputVerifier checks signatures from the coprocessor signer set (currently 1/1). The coprocessor is constrained on what it can commit onchain by the smart contract, but it is not trustless and can affect validity if compromised.

    The ACL is the onchain access-control registry for encrypted handles. It records which accounts or contracts are allowed to use a ciphertext handle, which prevents arbitrary users from reusing encrypted values they do not control.

    The (T)KMS is the threshold key-management service used for private and public decryptions. It holds the FHE secret key and functions like a multisig with a threshold (7/13). An unwrap for example burns an encrypted confidential-token amount and asks for that amount to be publicly decrypted; finalization is accepted only after the KMSVerifier checks enough KMS signatures over the threshold-decrypted result. The KMS Signers are operated by Zama, Dfns, Figment, Fireblocks, InfStones, Unit410, LayerZero, Ledger, Omakase, Stake Capital, OpenZeppelin, Etherscan, and Conduit.

    There are many moving parts and offchain components in the Zama FHE protocol on which Zama Confidential Tokens is built. The Zama Gateway, an L3 on Arbitrum, is currently used to gather signatures and make data available but the authority for asset storage and signature verification remains Ethereum L1.

    Privacy considerations

    Deposits and withdrawals are public privacy boundaries. A wrap emits the confidential-token recipient and the rounded clear underlying-token amount. The recipient can be different from the depositor, but that relationship is still visible in the deposit event. Withdrawals then reveal the recipient and amount.

    Within a confidential token, holders can make confidential transfers between transparent EVM addresses. These transfers reveal the parties and encrypted ciphertext handles, but not the clear amount or resulting balances. The confidential balances and transfer amounts of users can be decrypted by 7/13 KMS signers, including retroactively.

    The smart contracts do not fully validate FHE offchain work, which makes the KMS and coprocessor each trusted for security, privacy and liveness. Encrypted user inputs are accepted through the InputVerifier, which requires 1/1 coprocessor signatures. Public decryptions are accepted through the KMSVerifier, which requires 7/13 KMS signatures. Decentralization of the critical offchain services is announced in the docs but not implemented onchain (e.g. coprocessors, fraud proofs, slashing, zk proofs).

    Practical privacy also depends on timing, amounts, address reuse, wallet/RPC providers, and any frontend or service used to create encrypted inputs. Users are advised to research OPSEC best practice.

    Fees

    There currently is no protocol fee. Users still pay Ethereum gas for each action, including confidential token transfers, and may pay costs charged by external wallets, relayers, or services used to create or submit transactions.

    Compliance

    Compliance is enforced in each confidential token contract. The owner can block and unblock local users, and confidential token contracts can be configured to call an underlying-token denylist function. These checks apply to direct deposits, ERC-1363 callback deposits, confidential transfers, unwrap requests, and unwrap finalization.

    Because confidential tokens are backed by underlying tokens held in their contract addresses, issuer or token-admin controls over those underlyings remain a dependency. If an underlying token admin blocks a confidential token address, the escrowed token can become stuck. If a user address is blocked by an underlying token and the confidential token has a transitive denylist hook configured, that address can be prevented from depositing, transferring, or completing withdrawals.

    Anonymity set

    Zama Confidential Tokens does not use fixed-denomination notes. For a given finalized withdrawal, the set of prior deposits that could have funded the withdrawing account through the public address graph is its effective anonymity set: deposits credited to the same address, or to addresses that visibly transferred confidential tokens to it before the withdrawal. Amounts are private inside the confidential token, so links within the remaining candidate set can remain ambiguous, but deposits and finalized withdrawals expose each boundary amount and endpoint address. Integration with DeFi and its use from inside the confidential token increases the anonymity set.

    As mentioned in ‘Privacy Considerations’, the mostly centralized offchain services that cannot be circumvented can corrupt practical privacy, independent of the abstract measurable anonymity set.

    2025 Dec 27 — 2026 Jul 07

    2026 May 12 — Jul 07

    Asset
    Deposits 7D
    Deposits 30D
    Deposits Total
    Value Locked
    steakcUSDCsteakcUSDC
    8
    $6.70 M
    154
    $20.23 M
    155
    $20.89 M
    $14.26 M
    USDTUSDT
    10
    $183.57 K
    73
    $294.23 K
    103
    $361.77 K
    $7.98 M
    ZAMAZAMA
    5
    $11.67 K
    23
    $15.13 K
    27
    $15.45 K
    $6.31 M
    USDCUSDC
    90
    $8.33 M
    2.06 K
    $29.16 M
    2.10 K
    $29.67 M
    $5.43 M
    bbqTGBPbbqTGBP
    0
    $0.00
    1
    $5.07 M
    1
    $5.07 M
    $5.05 M
    XAUtXAUt
    0
    $0.00
    0
    $0.00
    2
    $0.53
    $53.98 K
    WETHWETH
    4
    $21.39 K
    20
    $71.22 K
    39
    $85.91 K
    $39.87 K
    tGBPtGBP
    0
    $0.00
    2
    $10.16 K
    2
    $10.16 K
    $10.28 K
    Total
    117
    $15.25 M
    2.33 K
    $54.86 M
    2.43 K
    $56.12 M
    $39.15 M

    Funds can be stolen if

    1. a malicious upgrade compromises the confidential token contracts or FHEVM contracts with their escrowed underlying tokens.
    2. 7/13 KMS signers attest to an incorrect public decryption during unwrap finalization, allowing more underlying tokens to be released than were burned.
    3. the 1/1 coprocessor input verification path accepts invalid encrypted inputs that bypass confidential balance checks.

    Funds can be lost if

    1. an underlying token admin blacklists a confidential token address or otherwise prevents transfers from the contract.
    2. a user is blocked by the confidential token owner or by a configured underlying-token denylist before finalization/withdrawal.
    3. offchain ciphertext data required by the coprocessor or KMS for encrypted handles becomes unavailable and cannot be reconstructed.

    Privacy can be lost if

    1. 7/13 KMS signers collude or are compromised and decrypt private ciphertext handles.
    2. the offchain coprocessor, wallet, relayer, frontend, or RPC path records enough metadata to link a user to encrypted inputs or transactions.
    3. deposits and withdrawals are linked by clear boundary amounts, recipient graph, timing, or address reuse.

    Zama governance is implemented through an Aragon ‘DAO’ deployment controlled by two multisigs: ZamaGovMultisigA with a 9/17 threshold and ZamaGovMultisigB with a 3/5 threshold. The multisigs can upgrade contracts or change critical configuration without a timelock.

    Confidential token owners and underlying token owners can freeze users. The ACL owner can manage ACL-level account blocking and unpause the ACL, while pausers from the PauserSet can pause the ACL. The exact roles and accounts are listed in the permissions section.

    Offchain components like the coprocessor and KMS are trusted for liveness, privacy and security and are currently not decentralized.

    Transparent setup

    Detailed description

    Transparent proving systems require no trusted setups and have no additional setup-related trust assumptions.

    A dashboard to explore contracts and permissions
    Go to Disco
    Disco UI Banner

    Ethereum

    Actors:

    ZamaGovMultisigB0xBc86…a38F

    A Multisig with 3/5 threshold. Aragon multisig plugin for creating proposals and collecting approvals against a configurable threshold.

    • Can upgrade with no delay
      • HCULimit
      • ConfidentialSteakcUSDCWrapper
      • Staking (Coprocessor)
      • ConfidentialXAUTWrapper
      • KMSVerifier
      • ConfidentialZAMAWrapper
      • ConfidentialBRONWrapper
      • ConfidentialTGBPWrapper
      • ConfidentialUSDTWrapper
      • DAO
      • ConfidentialBbqTGBPWrapper
      • ACL
      • InputVerifier
      • FHEVMExecutor
      • ConfidentialWETHWrapper
      • ConfidentialUSDCWrapper
      • Staking (KMS)
      • ConfidentialTokenWrappersRegistry
    • Can interact with ConfidentialSteakcUSDCWrapper
      • block and unblock users, and transfer ownership
    • Can interact with Staking (Coprocessor)
      • grant and revoke manager accounts, transfer or renounce the default admin role, and change the default admin transfer delay
      • set the reward rate, set the unstake cooldown period, and add or remove reward-eligible staking accounts
    • Can interact with ConfidentialXAUTWrapper
      • block and unblock users, and transfer ownership
    • Can interact with KMSVerifier
      • set the KMS signer set and signature threshold used for public decryption verification
    • Can interact with ConfidentialZAMAWrapper
      • block and unblock users, and transfer ownership
    • Can interact with ConfidentialBRONWrapper
      • block and unblock users, and transfer ownership
    • Can interact with ConfidentialTGBPWrapper
      • block and unblock users, and transfer ownership
    • Can interact with ConfidentialUSDTWrapper
      • block and unblock users, and transfer ownership
    • Can interact with DAO
      • change multisig plugin settings
      • change multisig plugin target execution configuration
      • grant and revoke DAO permissions
    • Can interact with ConfidentialBbqTGBPWrapper
      • block and unblock users, and transfer ownership
    • Can interact with PauserSet
      • add, remove, or swap accounts that can pause the ACL
    • Can interact with ACL
      • transfer ACL ownership, unpause the ACL, block or unblock accounts, manage PauserSet membership, and update Zama verifier signer sets and thresholds
    • Can interact with InputVerifier
      • set the coprocessor signer set and signature threshold used for encrypted input verification
    • Can interact with ConfidentialWETHWrapper
      • block and unblock users, and transfer ownership
    • Can interact with ConfidentialUSDCWrapper
      • block and unblock users, and transfer ownership
    • Can interact with Staking (KMS)
      • grant and revoke manager accounts, transfer or renounce the default admin role, and change the default admin transfer delay
      • set the reward rate, set the unstake cooldown period, and add or remove reward-eligible staking accounts
    • Can interact with ConfidentialTokenWrappersRegistry
      • manage addresses in the registry
    ZamaGovMultisigA0xE43c…e66f

    A Multisig with 9/17 threshold. Aragon multisig plugin for creating proposals and collecting approvals against a configurable threshold.

    • Can upgrade with no delay
      • HCULimit
      • ConfidentialSteakcUSDCWrapper
      • Staking (Coprocessor)
      • ConfidentialXAUTWrapper
      • KMSVerifier
      • ConfidentialZAMAWrapper
      • ConfidentialBRONWrapper
      • ConfidentialTGBPWrapper
      • ConfidentialUSDTWrapper
      • DAO
      • ConfidentialBbqTGBPWrapper
      • ACL
      • InputVerifier
      • FHEVMExecutor
      • ConfidentialWETHWrapper
      • ConfidentialUSDCWrapper
      • Staking (KMS)
      • ConfidentialTokenWrappersRegistry
    • Can interact with ConfidentialSteakcUSDCWrapper
      • block and unblock users, and transfer ownership
    • Can interact with Staking (Coprocessor)
      • grant and revoke manager accounts, transfer or renounce the default admin role, and change the default admin transfer delay
      • set the reward rate, set the unstake cooldown period, and add or remove reward-eligible staking accounts
    • Can interact with ConfidentialXAUTWrapper
      • block and unblock users, and transfer ownership
    • Can interact with KMSVerifier
      • set the KMS signer set and signature threshold used for public decryption verification
    • Can interact with ConfidentialZAMAWrapper
      • block and unblock users, and transfer ownership
    • Can interact with ConfidentialBRONWrapper
      • block and unblock users, and transfer ownership
    • Can interact with ConfidentialTGBPWrapper
      • block and unblock users, and transfer ownership
    • Can interact with ConfidentialUSDTWrapper
      • block and unblock users, and transfer ownership
    • Can interact with DAO
      • change multisig plugin settings
      • change multisig plugin target execution configuration
      • grant and revoke DAO permissions
    • Can interact with ConfidentialBbqTGBPWrapper
      • block and unblock users, and transfer ownership
    • Can interact with PauserSet
      • add, remove, or swap accounts that can pause the ACL
    • Can interact with ACL
      • transfer ACL ownership, unpause the ACL, block or unblock accounts, manage PauserSet membership, and update Zama verifier signer sets and thresholds
    • Can interact with InputVerifier
      • set the coprocessor signer set and signature threshold used for encrypted input verification
    • Can interact with ConfidentialWETHWrapper
      • block and unblock users, and transfer ownership
    • Can interact with ConfidentialUSDCWrapper
      • block and unblock users, and transfer ownership
    • Can interact with Staking (KMS)
      • grant and revoke manager accounts, transfer or renounce the default admin role, and change the default admin transfer delay
      • set the reward rate, set the unstake cooldown period, and add or remove reward-eligible staking accounts
    • Can interact with ConfidentialTokenWrappersRegistry
      • manage addresses in the registry
    ZamaGovMemberDAO0x31bB…382C

    Aragon DAO that stores governance state and executes proposal action batches. Member of ZamaGovMultisigA.

    • Can interact with ZamaGovMemberDAO
      • change multisig plugin settings
      • change multisig plugin target execution configuration
    • Can interact with InputVerifier
      • sign encrypted input verification bundles accepted by the InputVerifier
    • Can interact with KMSVerifier
      • sign public decryption results accepted by the KMSVerifier

    Member of Safe.

    • Can interact with PauserSet
      • pause the ACL

    Member of ZamaGovMultisigB.

    • Can interact with PauserSet
      • pause the ACL

    Member of ZamaGovMultisigB, ZamaGovMultisigA.

    • Can interact with PauserSet
      • pause the ACL

    Zama Gateway

    Actors:

    A Multisig with 3/5 threshold. Gateway owner Safe. Its LayerZero governance module is outside the Zama Gateway protocol surface covered here.

    • Can upgrade with no delay
      • MultichainACL
      • Decryption
      • KMSGeneration
      • ProtocolPayment
      • InputVerification
      • CiphertextCommits
      • GatewayConfig
    • Can interact with Decryption
      • unpause Decryption
    • Can interact with KMSGeneration
      • start KMS key generation, CRS generation, PRSS initialization, and key resharing
    • Can interact with GatewayPauserSet
      • add, remove, or swap gateway pausers
    • Can interact with ProtocolPayment
      • set gateway fee prices for input verification, public decryption, and user decryption
    • Can interact with InputVerification
      • unpause InputVerification
    • Can interact with GatewayConfig
      • update KMS, coprocessor, custodian, host-chain, and threshold configuration, transfer GatewayConfig ownership, and unpause gateway workflow contracts
    • Can upgrade with no delay
      • MultichainACL
      • Decryption
      • KMSGeneration
      • ProtocolPayment
      • InputVerification
      • CiphertextCommits
    • Can interact with GatewayConfig
      • accept GatewayConfig ownership
    • Can interact with MultichainACL
      • submit public-decryption allowances, account handle allowances, and user-decryption delegation or revocation messages to MultichainACL
    • Can interact with InputVerification
      • sign encrypted input proof verification responses accepted by InputVerification
      • submit coprocessor proof verification and rejection responses to InputVerification
    • Can interact with CiphertextCommits
      • submit ciphertext and SNS ciphertext digests to CiphertextCommits
    • Can interact with GatewayConfig
      • sign encrypted input proof verification responses accepted by the gateway
      • submit coprocessor responses, ACL mirror updates, and ciphertext material commitments to gateway contracts
    • Can interact with Decryption
      • submit KMS decryption responses to Decryption
    • Can interact with KMSGeneration
      • submit KMS key-generation and CRS-generation responses to KMSGeneration
    • Can interact with GatewayConfig
      • submit KMS decryption, key-generation, and CRS-generation responses to gateway contracts
    • Can interact with Decryption
      • sign public decryption results and user decryption shares accepted by Decryption
    • Can interact with KMSGeneration
      • sign KMS key-generation and CRS-generation material accepted by KMSGeneration
    • Can interact with GatewayConfig
      • sign KMS decryption, key-generation, and CRS-generation material accepted by gateway contracts
    • Can interact with GatewayConfig
      • participate in gateway key custody workflows
      • sign gateway key custody material

    Member of SafeL2.

    • Can interact with GatewayPauserSet
      • pause GatewayConfig and pausable gateway workflow contracts
    A dashboard to explore contracts and permissions
    Go to Disco
    Disco UI Banner

    Ethereum

    Tracks and enforces homomorphic computation unit limits for FHEVM operation requests.

    • Roles:
      • lOwner: DAO; ultimately ZamaGovMultisigA, ZamaGovMultisigB

    ERC-20 wrapper that escrows an underlying token and issues confidential balances. It supports encrypted transfers, wrapping, unwrapping, local blocking, and optional underlying-token denylist checks.

    • Roles:
      • admin: DAO; ultimately ZamaGovMultisigA, ZamaGovMultisigB
      • owner: DAO; ultimately ZamaGovMultisigA, ZamaGovMultisigB

    ERC-20 wrapper that escrows an underlying token and issues confidential balances. It supports encrypted transfers, wrapping, unwrapping, local blocking, and optional underlying-token denylist checks.

    • Roles:
      • admin: DAO; ultimately ZamaGovMultisigA, ZamaGovMultisigB
      • owner: DAO; ultimately ZamaGovMultisigA, ZamaGovMultisigB

    Ethereum host-chain verifier for public decryption results produced through the Zama Gateway Decryption contract. Confidential token wrappers use it before accepting decrypted values.

    • Roles:
      • getKmsSigners: EOA 31, EOA 32, EOA 33, EOA 34, EOA 35, EOA 36, EOA 37, EOA 38, EOA 39, EOA 40, EOA 41, EOA 42, EOA 43
      • lOwner: DAO; ultimately ZamaGovMultisigA, ZamaGovMultisigB

    ERC-20 wrapper that escrows an underlying token and issues confidential balances. It supports encrypted transfers, wrapping, unwrapping, local blocking, and optional underlying-token denylist checks.

    • Roles:
      • admin: DAO; ultimately ZamaGovMultisigA, ZamaGovMultisigB
      • owner: DAO; ultimately ZamaGovMultisigA, ZamaGovMultisigB

    ERC-20 wrapper that escrows an underlying token and issues confidential balances. It supports encrypted transfers, wrapping, unwrapping, local blocking, and optional underlying-token denylist checks.

    • Roles:
      • admin: DAO; ultimately ZamaGovMultisigA, ZamaGovMultisigB
      • owner: DAO; ultimately ZamaGovMultisigA, ZamaGovMultisigB

    ERC-20 wrapper that escrows an underlying token and issues confidential balances. It supports encrypted transfers, wrapping, unwrapping, local blocking, and optional underlying-token denylist checks.

    • Roles:
      • admin: DAO; ultimately ZamaGovMultisigA, ZamaGovMultisigB
      • owner: DAO; ultimately ZamaGovMultisigA, ZamaGovMultisigB

    ERC-20 wrapper that escrows an underlying token and issues confidential balances. It supports encrypted transfers, wrapping, unwrapping, local blocking, and optional underlying-token denylist checks.

    • Roles:
      • admin: DAO; ultimately ZamaGovMultisigA, ZamaGovMultisigB
      • owner: DAO; ultimately ZamaGovMultisigA, ZamaGovMultisigB

    ERC-20 wrapper that escrows an underlying token and issues confidential balances. It supports encrypted transfers, wrapping, unwrapping, local blocking, and optional underlying-token denylist checks.

    • Roles:
      • admin: DAO; ultimately ZamaGovMultisigA, ZamaGovMultisigB
      • owner: DAO; ultimately ZamaGovMultisigA, ZamaGovMultisigB

    Ethereum host-chain access-control registry for encrypted handles, storing handle allowances and delegation state for ciphertext references. Its public-decryption and user-delegation events are mirrored into the Gateway MultichainACL by coprocessor consensus.

    • Roles:
      • admin: DAO; ultimately ZamaGovMultisigA, ZamaGovMultisigB
      • owner: DAO; ultimately ZamaGovMultisigA, ZamaGovMultisigB

    Ethereum host-chain verifier for encrypted input attestations produced by the Zama Gateway InputVerification contract. The FHEVMExecutor calls it before accepting user-provided ciphertext handles.

    • Roles:
      • getCoprocessorSigners: EOA 30
      • lOwner: DAO; ultimately ZamaGovMultisigA, ZamaGovMultisigB

    FHEVM executor that accepts encrypted operation requests, accounts for computation usage, and stores ciphertext handles for operation results.

    • Roles:
      • lOwner: DAO; ultimately ZamaGovMultisigA, ZamaGovMultisigB

    ERC-20 wrapper that escrows an underlying token and issues confidential balances. It supports encrypted transfers, wrapping, unwrapping, local blocking, and optional underlying-token denylist checks.

    • Roles:
      • admin: DAO; ultimately ZamaGovMultisigA, ZamaGovMultisigB
      • owner: DAO; ultimately ZamaGovMultisigA, ZamaGovMultisigB

    ERC-20 wrapper that escrows an underlying token and issues confidential balances. It supports encrypted transfers, wrapping, unwrapping, local blocking, and optional underlying-token denylist checks.

    • Roles:
      • admin: DAO; ultimately ZamaGovMultisigA, ZamaGovMultisigB
      • owner: DAO; ultimately ZamaGovMultisigA, ZamaGovMultisigB
    ConfidentialTokenWrappersRegistry0xeb50…bBA0Implementation (Upgradable)Admin

    Registry for Zama confidential token wrappers.

    • Roles:
      • admin: DAO; ultimately ZamaGovMultisigA, ZamaGovMultisigB
      • owner: DAO; ultimately ZamaGovMultisigA, ZamaGovMultisigB

    Aragon DAO that stores governance state and executes proposal action batches.

    • Roles:
      • daoExecutors: ZamaGovMultisigA, ZamaGovMultisigB
      • daoRootHolders: DAO; ultimately ZamaGovMultisigA, ZamaGovMultisigB
      • daoUpgraders: DAO; ultimately ZamaGovMultisigA, ZamaGovMultisigB
      • multisigSettingsAdmins: DAO, ZamaGovMultisigA, ZamaGovMultisigB; ultimately ZamaGovMultisigA, ZamaGovMultisigB
      • multisigTargetConfigAdmins: DAO, ZamaGovMultisigA, ZamaGovMultisigB; ultimately ZamaGovMultisigA, ZamaGovMultisigB
    PauserSet0xbBfE…586C

    Maintains the pauser account set used in pause-control checks.

    • Roles:
      • lOwner: DAO; ultimately ZamaGovMultisigA, ZamaGovMultisigB
      • pausers: EOA 45, EOA 46, EOA 47, EOA 48, Safe; ultimately EOA 44, EOA 49

    Staking contract that escrows ZAMA, issues non-transferable staked voting tokens, and mints protocol rewards to eligible stakers at a configurable reward rate.

    • Roles:
      • admin: DAO; ultimately ZamaGovMultisigA, ZamaGovMultisigB
      • defaultAdmin: DAO; ultimately ZamaGovMultisigA, ZamaGovMultisigB
      • managerRoleMembers: DAO; ultimately ZamaGovMultisigA, ZamaGovMultisigB

    Staking contract that escrows ZAMA, issues non-transferable staked voting tokens, and mints protocol rewards to eligible stakers at a configurable reward rate.

    • Roles:
      • admin: DAO; ultimately ZamaGovMultisigA, ZamaGovMultisigB
      • defaultAdmin: DAO; ultimately ZamaGovMultisigA, ZamaGovMultisigB
      • managerRoleMembers: DAO; ultimately ZamaGovMultisigA, ZamaGovMultisigB

    Zama Gateway

    Gateway-side ACL mirror that records coprocessor consensus for host-chain public decryption permissions, account handle allowances, and delegated user-decryption access. For Ethereum, it mirrors ACL events emitted by the L1 ACL contract registered in GatewayConfig.

    • Roles:
      • admin: EOA 1
      • gatewayCoprocessorTxSenders: EOA 2
      • gatewayOwner: SafeL2

    Gateway contract that orchestrates public and user decryption requests, checks mirrored host-chain ACL state, collects KMS responses, and emits results once the configured KMS threshold is reached. Ethereum KMSVerifier verifies public decryption results against this contract’s EIP-712 domain.

    • Roles:
      • admin: EOA 1
      • gatewayKmsSigners: EOA 10, EOA 11, EOA 14, EOA 15, EOA 16, EOA 17, EOA 19, EOA 22, EOA 25, EOA 26, EOA 27, EOA 4, EOA 9
      • gatewayKmsTxSenders: EOA 12, EOA 13, EOA 18, EOA 20, EOA 21, EOA 23, EOA 24, EOA 28, EOA 3, EOA 5, EOA 6, EOA 7, EOA 8
      • gatewayOwner: SafeL2

    Gateway contract that orchestrates FHE key generation, CRS generation, PRSS initialization, and key resharing through threshold KMS responses.

    • Roles:
      • admin: EOA 1
      • gatewayKmsSigners: EOA 10, EOA 11, EOA 14, EOA 15, EOA 16, EOA 17, EOA 19, EOA 22, EOA 25, EOA 26, EOA 27, EOA 4, EOA 9
      • gatewayKmsTxSenders: EOA 12, EOA 13, EOA 18, EOA 20, EOA 21, EOA 23, EOA 24, EOA 28, EOA 3, EOA 5, EOA 6, EOA 7, EOA 8
      • gatewayOwner: SafeL2

    Gateway fee contract that charges ZAMA fees for encrypted input verification, public decryption, and user decryption requests, then forwards the collected fees to the configured fee burner sender.

    • Roles:
      • admin: EOA 1
      • gatewayOwner: SafeL2

    Gateway contract that receives encrypted input verification requests from registered host chains, collects coprocessor responses, and emits a threshold-signed attestation once coprocessor consensus is reached. Ethereum InputVerifier verifies attestations against this contract’s EIP-712 domain.

    • Roles:
      • admin: EOA 1
      • gatewayCoprocessorSigners: EOA 2
      • gatewayCoprocessorTxSenders: EOA 2
      • gatewayOwner: SafeL2

    Gateway contract that stores ciphertext and SNS ciphertext digests after coprocessor consensus, allowing decryption requests to reference committed ciphertext material.

    • Roles:
      • admin: EOA 1
      • gatewayCoprocessorTxSenders: EOA 2
      • gatewayOwner: SafeL2

    Central configuration contract for the Zama Gateway. It stores the KMS, coprocessor, custodian, host-chain, pauser, and consensus-threshold configuration used by the gateway workflow contracts.

    • Roles:
      • admin: SafeL2
      • getCoprocessorSigners: EOA 2
      • getCoprocessorTxSenders: EOA 2
      • getCustodianSigners: EOA 29
      • getCustodianTxSenders: EOA 29
      • getKmsSigners: EOA 10, EOA 11, EOA 14, EOA 15, EOA 16, EOA 17, EOA 19, EOA 22, EOA 25, EOA 26, EOA 27, EOA 4, EOA 9
      • getKmsTxSenders: EOA 12, EOA 13, EOA 18, EOA 20, EOA 21, EOA 23, EOA 24, EOA 28, EOA 3, EOA 5, EOA 6, EOA 7, EOA 8
      • owner: SafeL2
      • pendingOwner: EOA 1
    Can be upgraded by:
    GatewayPauserSet0x571e…ac1b

    Maintains the set of accounts allowed to pause gateway contracts. The set is managed by the GatewayConfig owner.

    • Roles:
      • gatewayOwner: SafeL2
      • pausers: EOA 50, EOA 51, EOA 52, EOA 53