Circuits

Shield circuit

Written in Noir. Proves that a commitment is honestly computed from your spending key, token, amount, and salt — without revealing any of those values.

noir

// Private inputs (never revealed on-chain)
struct ShieldInputs {
  spending_pubkey: Field,
  token:           Field,
  amount:          Field,
  salt:            Field,
}

// Constraint: commitment is correctly derived
assert(commitment == poseidon2_hash4(
  spending_pubkey, token, amount, salt
));

The proof is verified by ShieldVerifier on-chain. Only the commitment is public — it reveals nothing about the depositor.

Compiling

bash

cd circuits/shield
nargo compile           # generates target/shield.json
bb write_vk -b target/shield.json -o target/vk
bb contract -k target/vk -o ../../contracts/contracts/ShieldVerifier.sol

←Deployments

Spend circuit→