ZEX-Swap

Project Description

ZexERC is a privacy-preserving decentralized exchange protocol that enables confidential token swaps using zero-knowledge proofs and homomorphic encryption. Built as an extension of the Encrypted ERC-20 (eERC) standard, ZexERC allows users to trade tokens peer-to-peer while keeping transaction amounts completely hidden from blockchain observers.

The Problem

In current DeFi ecosystems, all transaction data is publicly visible on-chain. This creates several critical issues:

• Front-running attacks: MEV bots can see pending large trades and exploit them

• Privacy leaks: Anyone can track wallet balances and trading patterns

• Institutional hesitation: Large traders avoid DeFi due to information exposure

• Targeted attacks: Visible whale wallets become targets for hackers

Our Solution

ZexERC introduces a novel Confidential Allowance Model for peer-to-peer trading that keeps all amounts encrypted while still allowing trustless, on-chain verification through ZK proofs.

Key Features:

How It Works

│ ZexERC Swap Protocol │

├──────────────────────────────────────────────────────────────┤

│ 1. INITIATE: Alice creates offer (rate public, amounts hidden)│

│ 2. ACCEPT: Bob generates ZK proof that his amount is valid │

│ 3. FINALIZE: Atomic swap executes with encrypted balances │

└──────────────────────────────────────────────────────────────┘

Technical Stack

• Blockchain: EVM-compatible (Mantle L2)

• Smart Contracts: Solidity 0.8.27

• ZK Circuits: Circom 2.1.9 with Groth16 proving system

• Cryptography: BabyJubJub curve, ElGamal encryption, Poseidon hash

• Testing: Hardhat, Chai, 97% test coverage

Key Innovations

1. Dual Approval System

We implemented two approval mechanisms:

• Confidential Approve (EOA→EOA): Amount encrypted for spender only

• Public Confidential Approve (EOA→Contract): Amount disclosed to enable contract logic

2. PCT (Private Ciphertext Token) System

A novel approach to encrypted balance management:

• Enables receivers to decrypt their incoming amounts

• Maintains full privacy from blockchain observers

• Includes auditor PCT for compliance without revealing to public

3. Three-Phase Swap Protocol

↓ ↓ ↓

Offer ZK Proof Atomic

Created Verified Swap

Metrics & Achievements

Future Roadmap

• Order book with hidden limit prices

• Multi-asset atomic swaps

• Privacy pools for liquidity aggregation

• Cross-chain confidential bridges

• Browser SDK with WebGPU proving

Why Mantle?

1. Low Gas Costs: ZK proof verification is expensive; Mantle L2 makes it affordable

2. EVM Native: Zero modifications needed for deployment

3. Growing Ecosystem: Privacy is the missing piece in Mantle DeFi

4. Institutional Alignment: Mantle's treasury focus aligns with our compliance features

# Work Completed During Hackathon

## 1. ZexERC Smart Contract Extension

File: contracts/ZexERC.sol (~900 lines)

Extended the base EncryptedERC contract with the following functionality:

- confidentialApprove()

Approve tokens to EOAs with hidden (encrypted) amounts.

- publicConfidentialApprove()

Approve tokens to contracts with disclosed amounts.

- confidentialTransferFrom()

Spend from encrypted allowances.

- initiateOffer()

Create peer-to-peer (P2P) swap offers.

- acceptOffer()

Accept offers with zero-knowledge proof validation.

- finalizeSwap()

Execute atomic swaps with finalization proofs.

- cancelConfidentialAllowance()

Revoke approvals using a zero-knowledge proof.

---

## 2. Zero-Knowledge Circuits

Directory: circom/

Designed and implemented five new ZK circuits:

| Circuit File | Constraints | Purpose |

|-------------------------------------|-------------|----------------------------------------------|

| confidential_approve.circom | ~15k | Prove approval amount ≤ balance |

| confidential_transfer_from.circom| ~18k | Prove spend amount ≤ allowance |

| cancel_allowance.circom | ~8k | Prove ownership for allowance cancellation |

| offer_acceptance.circom | ~12k | Prove amount ≤ maximum offer amount |

| offer_finalization.circom | ~14k | Prove correct exchange rate computation |

Each circuit verifies:

- Public key ownership (proof of knowledge of private key)

- Balance or allowance sufficiency via range proofs

- Correct encryption of amounts for recipients

- Auditor PCT generation for compliance

---

## 3. Verifier Contracts

Directory: contracts/verifiers/

Auto-generated Solidity verifier contracts from the ZK circuits:

- ConfidentialApproveCircuitGroth16Verifier.sol

- ConfidentialTransferFromCircuitGroth16Verifier.sol

- CancelAllowanceCircuitGroth16Verifier.sol

- OfferAcceptanceCircuitGroth16Verifier.sol

- OfferFinalizationCircuitGroth16Verifier.sol

---

## 4. Interface Definitions

Directory: contracts/interfaces/

Created clean and modular interface contracts:

- IZexERC.sol — Main ZexERC interface

- IConfidentialApproveVerifier.sol

- IConfidentialTransferFromVerifier.sol

- IOfferAcceptanceVerifier.sol

- IOfferFinalizationVerifier.sol

---

## 5. Test Suites

Directory: test/

Implemented comprehensive test coverage:

- *ZexERC.ts**

Unit tests for all ZexERC functions (~34 KB)

- *ZexERC-E2E.ts**

End-to-end swap lifecycle tests with real ZK proofs (~19 KB)

- *zex-helpers.ts**

Utilities for zero-knowledge proof generation and testing (~10 KB)

---

## 6. Deployment Scripts

File: scripts/deploy-zex.ts

Production-ready deployment script that:

- Deploys all base and ZEX-specific verifier contracts

- Deploys the BabyJubJub cryptographic library

- Deploys the Registrar for user key management

- Deploys ZexERC with all dependencies correctly linked

N/A