Privacy Architecture
Traditional vs Privacy Multisig
Signer Identity
Public addresses stored on-chain
Hidden behind commitments
Who Signed
Visible to everyone
Commitment visible, EOA hidden
Commitment-Based Identity
Instead of storing addresses, PolyPay stores commitments (hash(secret, secret)):
The secret is derived from signing a message with your wallet
The commitment is stored on-chain in a signers list
Only you know the secret that matches your commitment
How It Works
Setup: Each signer generates a secret and computes their commitment
Registration: Commitments are added to the smart contract's signers list
Signing: To approve a transaction, signers prove they know the secret for their commitment using ZK proofs
Verification: The smart contract checks if the commitment exists in the signers list
Privacy Model
When you sign a transaction:
The ZK proof verifies you know the secret for your commitment
The contract checks your commitment is in the authorized signers list
Your Ethereum address (EOA) is never revealed on-chain
This means observers can see which commitment signed, but cannot link it back to your wallet address.
Relayer Privacy
In addition to ZK proofs, PolyPay uses a relayer wallet to enhance privacy further.
When signers call the smart contract directly, their wallet address is recorded as msg.sender on-chain. This partially reveals signer identity.
PolyPay's backend uses a dedicated relayer wallet to deploy accounts and execute transactions on behalf of users. Signers only submit ZK proofs to the backend (off-chain), and the relayer interacts with the blockchain.
Deploy account
Creator address exposed
Only relayer visible
Execute transaction
Executor address exposed
Only relayer visible
This creates complete EOA anonymity: no signer's Ethereum address ever appears on-chain.
Last updated