Search for projects by name or address
Zama Confidential Tokens is an app that wraps ERC-20 assets into confidential tokens and hides balances and transfer amounts using Zama FHEVM on Ethereum.
Zama Confidential Tokens is an app that wraps ERC-20 assets into confidential tokens and hides balances and transfer amounts using Zama FHEVM on Ethereum.
Zama Confidential Tokens is an account-based confidential token system on Ethereum, using the Zama FHE protocol. It is based on ERC-7984. Users deposit regular ERC-20 tokens into asset-specific escrows and receive confidential tokens whose balances and internal transfer amounts are represented as encrypted handles.
‘Confidential’ here means from: and to: addresses and transfer timestamps always remain public. Only balances and transfer amounts are hidden. Each confidential token aggregates encrypted balances for a single underlying asset, so the hidden state is the amount and balance data, not the public address graph.

The Zama FHE protocol uses fully homomorphic encryption to let smart contracts operate on encrypted values. Balances are stored as encrypted handles instead of plaintext balances, and FHEVM system contracts are called for encrypted arithmetic, comparisons, transfers, minting, or burning, but most of the actual FHE execution happens offchain.
The FHE coprocessor is an offchain service that performs FHE-related work the EVM cannot execute directly. Encrypted user inputs are accepted onchain only after the InputVerifier checks signatures from the coprocessor signer set (currently 1/1). The coprocessor is constrained on what it can commit onchain by the smart contract, but it is not trustless and can affect validity if compromised.
The ACL is the onchain access-control registry for encrypted handles. It records which accounts or contracts are allowed to use a ciphertext handle, which prevents arbitrary users from reusing encrypted values they do not control.
The (T)KMS is the threshold key-management service used for private and public decryptions. It holds the FHE secret key and functions like a multisig with a threshold (7/13). An unwrap for example burns an encrypted confidential-token amount and asks for that amount to be publicly decrypted; finalization is accepted only after the KMSVerifier checks enough KMS signatures over the threshold-decrypted result. The KMS Signers are operated by Zama, Dfns, Figment, Fireblocks, InfStones, Unit410, LayerZero, Ledger, Omakase, Stake Capital, OpenZeppelin, Etherscan, and Conduit.
There are many moving parts and offchain components in the Zama FHE protocol on which Zama Confidential Tokens is built. The Zama Gateway, an L3 on Arbitrum, is currently used to gather signatures and make data available but the authority for asset storage and signature verification remains Ethereum L1.
Deposits and withdrawals are public privacy boundaries. A wrap emits the confidential-token recipient and the rounded clear underlying-token amount. The recipient can be different from the depositor, but that relationship is still visible in the deposit event. Withdrawals then reveal the recipient and amount.
Within a confidential token, holders can make confidential transfers between transparent EVM addresses. These transfers reveal the parties and encrypted ciphertext handles, but not the clear amount or resulting balances. The confidential balances and transfer amounts of users can be decrypted by 7/13 KMS signers, including retroactively.
The smart contracts do not fully validate FHE offchain work, which makes the KMS and coprocessor each trusted for security, privacy and liveness. Encrypted user inputs are accepted through the InputVerifier, which requires 1/1 coprocessor signatures. Public decryptions are accepted through the KMSVerifier, which requires 7/13 KMS signatures. Decentralization of the critical offchain services is announced in the docs but not implemented onchain (e.g. coprocessors, fraud proofs, slashing, zk proofs).
Practical privacy also depends on timing, amounts, address reuse, wallet/RPC providers, and any frontend or service used to create encrypted inputs. Users are advised to research OPSEC best practice.
There currently is no protocol fee. Users still pay Ethereum gas for each action, including confidential token transfers, and may pay costs charged by external wallets, relayers, or services used to create or submit transactions.
Compliance is enforced in each confidential token contract. The owner can block and unblock local users, and confidential token contracts can be configured to call an underlying-token denylist function. These checks apply to direct deposits, ERC-1363 callback deposits, confidential transfers, unwrap requests, and unwrap finalization.
Because confidential tokens are backed by underlying tokens held in their contract addresses, issuer or token-admin controls over those underlyings remain a dependency. If an underlying token admin blocks a confidential token address, the escrowed token can become stuck. If a user address is blocked by an underlying token and the confidential token has a transitive denylist hook configured, that address can be prevented from depositing, transferring, or completing withdrawals.
Zama Confidential Tokens does not use fixed-denomination notes. For a given finalized withdrawal, the set of prior deposits that could have funded the withdrawing account through the public address graph is its effective anonymity set: deposits credited to the same address, or to addresses that visibly transferred confidential tokens to it before the withdrawal. Amounts are private inside the confidential token, so links within the remaining candidate set can remain ambiguous, but deposits and finalized withdrawals expose each boundary amount and endpoint address. Integration with DeFi and its use from inside the confidential token increases the anonymity set.
As mentioned in ‘Privacy Considerations’, the mostly centralized offchain services that cannot be circumvented can corrupt practical privacy, independent of the abstract measurable anonymity set.
2025 Dec 27 — 2026 Jul 07
2026 May 12 — Jul 07
Asset | Deposits 7D | Deposits 30D | Deposits Total | Value Locked |
|---|---|---|---|---|
steakcUSDC | 8 $6.70 M | 154 $20.23 M | 155 $20.89 M | $14.26 M |
USDT | 10 $183.57 K | 73 $294.23 K | 103 $361.77 K | $7.98 M |
ZAMA | 5 $11.67 K | 23 $15.13 K | 27 $15.45 K | $6.31 M |
USDC | 90 $8.33 M | 2.06 K $29.16 M | 2.10 K $29.67 M | $5.43 M |
bbqTGBP | 0 $0.00 | 1 $5.07 M | 1 $5.07 M | $5.05 M |
XAUt | 0 $0.00 | 0 $0.00 | 2 $0.53 | $53.98 K |
WETH | 4 $21.39 K | 20 $71.22 K | 39 $85.91 K | $39.87 K |
tGBP | 0 $0.00 | 2 $10.16 K | 2 $10.16 K | $10.28 K |
| Total | 117 $15.25 M | 2.33 K $54.86 M | 2.43 K $56.12 M | $39.15 M |
Zama governance is implemented through an Aragon ‘DAO’ deployment controlled by two multisigs: ZamaGovMultisigA with a 9/17 threshold and ZamaGovMultisigB with a 3/5 threshold. The multisigs can upgrade contracts or change critical configuration without a timelock.
Confidential token owners and underlying token owners can freeze users. The ACL owner can manage ACL-level account blocking and unpause the ACL, while pausers from the PauserSet can pause the ACL. The exact roles and accounts are listed in the permissions section.
Offchain components like the coprocessor and KMS are trusted for liveness, privacy and security and are currently not decentralized.
Transparent proving systems require no trusted setups and have no additional setup-related trust assumptions.

A Multisig with 3/5 threshold. Aragon multisig plugin for creating proposals and collecting approvals against a configurable threshold.
A Multisig with 9/17 threshold. Aragon multisig plugin for creating proposals and collecting approvals against a configurable threshold.
Aragon DAO that stores governance state and executes proposal action batches. Member of ZamaGovMultisigA.
A Multisig with 3/5 threshold. Gateway owner Safe. Its LayerZero governance module is outside the Zama Gateway protocol surface covered here.

Tracks and enforces homomorphic computation unit limits for FHEVM operation requests.
ERC-20 wrapper that escrows an underlying token and issues confidential balances. It supports encrypted transfers, wrapping, unwrapping, local blocking, and optional underlying-token denylist checks.
ERC-20 wrapper that escrows an underlying token and issues confidential balances. It supports encrypted transfers, wrapping, unwrapping, local blocking, and optional underlying-token denylist checks.
Ethereum host-chain verifier for public decryption results produced through the Zama Gateway Decryption contract. Confidential token wrappers use it before accepting decrypted values.
ERC-20 wrapper that escrows an underlying token and issues confidential balances. It supports encrypted transfers, wrapping, unwrapping, local blocking, and optional underlying-token denylist checks.
ERC-20 wrapper that escrows an underlying token and issues confidential balances. It supports encrypted transfers, wrapping, unwrapping, local blocking, and optional underlying-token denylist checks.
ERC-20 wrapper that escrows an underlying token and issues confidential balances. It supports encrypted transfers, wrapping, unwrapping, local blocking, and optional underlying-token denylist checks.
ERC-20 wrapper that escrows an underlying token and issues confidential balances. It supports encrypted transfers, wrapping, unwrapping, local blocking, and optional underlying-token denylist checks.
ERC-20 wrapper that escrows an underlying token and issues confidential balances. It supports encrypted transfers, wrapping, unwrapping, local blocking, and optional underlying-token denylist checks.
Ethereum host-chain access-control registry for encrypted handles, storing handle allowances and delegation state for ciphertext references. Its public-decryption and user-delegation events are mirrored into the Gateway MultichainACL by coprocessor consensus.
Ethereum host-chain verifier for encrypted input attestations produced by the Zama Gateway InputVerification contract. The FHEVMExecutor calls it before accepting user-provided ciphertext handles.
FHEVM executor that accepts encrypted operation requests, accounts for computation usage, and stores ciphertext handles for operation results.
ERC-20 wrapper that escrows an underlying token and issues confidential balances. It supports encrypted transfers, wrapping, unwrapping, local blocking, and optional underlying-token denylist checks.
ERC-20 wrapper that escrows an underlying token and issues confidential balances. It supports encrypted transfers, wrapping, unwrapping, local blocking, and optional underlying-token denylist checks.
Registry for Zama confidential token wrappers.
Aragon DAO that stores governance state and executes proposal action batches.
Maintains the pauser account set used in pause-control checks.
Staking contract that escrows ZAMA, issues non-transferable staked voting tokens, and mints protocol rewards to eligible stakers at a configurable reward rate.
Staking contract that escrows ZAMA, issues non-transferable staked voting tokens, and mints protocol rewards to eligible stakers at a configurable reward rate.
Gateway-side ACL mirror that records coprocessor consensus for host-chain public decryption permissions, account handle allowances, and delegated user-decryption access. For Ethereum, it mirrors ACL events emitted by the L1 ACL contract registered in GatewayConfig.
Gateway contract that orchestrates public and user decryption requests, checks mirrored host-chain ACL state, collects KMS responses, and emits results once the configured KMS threshold is reached. Ethereum KMSVerifier verifies public decryption results against this contract’s EIP-712 domain.
Gateway contract that orchestrates FHE key generation, CRS generation, PRSS initialization, and key resharing through threshold KMS responses.
Gateway fee contract that charges ZAMA fees for encrypted input verification, public decryption, and user decryption requests, then forwards the collected fees to the configured fee burner sender.
Gateway contract that receives encrypted input verification requests from registered host chains, collects coprocessor responses, and emits a threshold-signed attestation once coprocessor consensus is reached. Ethereum InputVerifier verifies attestations against this contract’s EIP-712 domain.
Gateway contract that stores ciphertext and SNS ciphertext digests after coprocessor consensus, allowing decryption requests to reference committed ciphertext material.
Central configuration contract for the Zama Gateway. It stores the KMS, coprocessor, custodian, host-chain, pauser, and consensus-threshold configuration used by the gateway workflow contracts.
Maintains the set of accounts allowed to pause gateway contracts. The set is managed by the GatewayConfig owner.