Privacy DeFi powered by FHE. Swap, transfer, earn yield with fully encrypted balances. Prove compliance cross-chain without revealing amounts. Your trades are invisible, your credit travels
Today's DeFi is a glass house. Every swap, every transfer, every LP position is visible to anyone with a block explorer. This creates real consequences:
MEV bots extract $1.4B+ annually by front-running trades they can see in the mempool and on-chain
Institutional capital stays away — hedge funds won't use on-chain DeFi when competitors can reverse-engineer their strategies from public balances
Compliance creates a paradox — proving you hold enough assets for a loan requires revealing your entire portfolio, defeating the purpose of financial privacy
Whale tracking has become an industry — wallet labels, portfolio trackers, and copy-trading bots turn every large holder into a public figure
Traditional finance has account privacy by default. DeFi has none. This isn't a feature gap — it's a fundamental barrier to institutional adoption and user safety.
Blackrocq is a full-stack private DeFi platform on Arbitrum powered by Fhenix CoFHE (Fully Homomorphic Encryption). Every financial operation — swaps, transfers, yield farming, liquidity provision — runs entirely on encrypted values. Not hidden. Not obfuscated. Mathematically encrypted on-chain, where even the smart contracts themselves cannot see your balances.
Shield — Lock public tokens (USDC, WETH, WBTC) in ShadowVault, receive FHE-encrypted equivalents (sUSDC, sETH, sBTC)
Use privately — Swap, transfer, earn yield, add liquidity. All operations use encrypted arithmetic via the CoFHE coprocessor. Nobody — not even the contracts — can see your balances or amounts.
Unshield — Burn encrypted tokens, receive public tokens back. This is the only point where amounts become visible.
Everything between shield and unshield is a black box — to block explorers, MEV bots, competitors, and even the contracts themselves. Only you can decrypt your own balances in your browser using the cofhejs SDK.
A constant-product AMM where reserves, input amounts, output amounts, and LP positions are all FHE-encrypted. MEV is structurally impossible — there's nothing to front-run when you can't see the trade. A $50M whale swap looks identical to a $50 swap on-chain. 0.3% fee, fully encrypted pool reserves.
Peer-to-peer encrypted escrow. Send any amount to any address — the amount is encrypted on-chain. The recipient claims it, or the sender reverts it. Nobody else ever knows how much was sent. Think Venmo, but with real financial privacy.
Deposit encrypted tokens, earn yield computed entirely on ciphertext. The contract calculates principal × APY × time using FHE multiplication and division — never touching plaintext. Your deposit size, your returns, your position — all invisible. Configured APYs: sUSDC 5%, sETH 3%, sBTC 2%.
This is where privacy meets the real world. Users can prove "my encrypted balance exceeds $10,000" without revealing whether it's $10,001 or $10 million. The FHE comparison runs on Arbitrum, only the boolean result (true/false) is decrypted, and that result is relayed to Base Sepolia via LayerZero V2.
On the destination chain, any contract can call isProofVerified() — enabling:
ShadowLend — privacy-preserving lending with borrow limits gated by cross-chain credit tier
AirdropVault — tier-based airdrop distribution (Bronze / Silver / Gold)
DeFiPassport — cross-chain credit scoring without ever seeing the underlying balance
Encrypted handles never leave Arbitrum. Only the boolean proof result (or a credit tier integer) crosses chains.
For institutions: A hedge fund can participate in on-chain DeFi without exposing their strategy. They shield $50M, swap encrypted tokens, earn yield — and their competitors see nothing. When they need a loan on another chain, they prove solvency with a boolean proof, not a balance screenshot.
For compliance: Today, proving you hold enough assets for a loan means revealing your entire wallet. With Blackrocq, a user proves "balance ≥ threshold" and the lender only sees true/false. This is the same principle behind credit scores in traditional finance — the bank sees your score, not your bank statements.
For everyday users: No more whale tracking. No more MEV. No more portfolio exposure. Send money to a friend without the amount being permanently public on Etherscan.
User Browser (cofhejs SDK) ←→ Wallet (MetaMask)
│
┌────────▼──────────────────────────────────────────────┐
│ Arbitrum Sepolia │
│ │
│ Public ERC20s → ShadowVault → Encrypted ERC20s │
│ (Privacy (euint128 balances) │
│ Gateway) │ │
│ ┌──────────┼──────────┐ │
│ ▼ ▼ ▼ │
│ ShadowSwap ShadowTransfer ShadowYieldVault
│ (Encrypted (Encrypted P2P (Encrypted Yield)
│ AMM) Escrow) │
│ │
│ ShadowXChain ──── LayerZero V2 ────→ Base Sepolia │
│ ShadowCreditScore (DeFiPassport, │
│ (FHE Proofs + Tier Relay) ShadowLend, │
│ AirdropVault) │
│ │
│ ┌──────────────────────────────────────────────────┐ │
│ │ Fhenix CoFHE Coprocessor │ │
│ │ Encrypted arithmetic · Access control · Decrypt │ │
│ └──────────────────────────────────────────────────┘ │
└───────────────────────────────────────────────────────┘
12 smart contracts deployed across Arbitrum Sepolia and Base Sepolia. 8 Foundry test suites with CoFHE mocks. 8 frontend pages with live FHE encryption/decryption in the browser via cofhejs.
In normal DeFi, a transfer that exceeds your balance reverts with "insufficient balance" — leaking the fact that your balance is below the attempted amount. In Blackrocq, we use FHE.select(canTransfer, amount, 0): if the balance is too low, the transfer silently sends 0. No revert, no error, no information leak. Privacy is maintained even in failure cases.
When contract A holds an encrypted handle and passes it to contract B, B won't have access by default. We use FHE.allow(handle, targetContract) before every cross-contract call — ensuring encrypted values flow securely between ShadowSwap, ShadowTransfer, and the EncryptedERC20 token without breaking the FHE access model.
FHE operates on euint128 (max ~3.4×10³⁸). Operations like reserve × amount can overflow. We scale values down by 1e12 before multiplication, then scale the result — keeping all arithmetic within safe bounds while maintaining precision.
🚀 Live at https://arb.rocq.xyz — connect a wallet on Arbitrum Sepolia and try every feature end-to-end.
Built entirely from scratch during the hackathon:
- EncryptedERC20 — Custom FHE token contract with encrypted balances (euint128), operator model
for cross-contract transfers, and built-in compliance proofs (proveBalanceAbove)
- ShadowVault — Privacy gateway that bridges public ERC20 tokens into the encrypted layer via
shield/unshield
- ShadowSwap — Full constant-product AMM operating entirely on encrypted values. Pool creation,
liquidity add/remove, and token swaps — all on FHE ciphertext with overflow-safe arithmetic
- ShadowTransfer — Encrypted P2P escrow system with create/claim/revert lifecycle
- ShadowYieldVault — Yield farming where APY accrual (mul/div) runs on encrypted principal.
Per-second yield computed in FHE
- ShadowXChain + ShadowXChainReceiver — Cross-chain proof relay using LayerZero V2 OApp.
Compliance proofs generated on Arbitrum, relayed as booleans to Base Sepolia
- ShadowCreditScore — Multi-token credit tier system (Bronze/Silver/Gold) computed from 3
encrypted balance proofs
- DeFiPassport + ShadowLend + AirdropVault — Destination-chain contracts that consume cross-chain
proofs for lending and airdrops
- Full Next.js frontend — 8 pages with live cofhejs FHE encryption/decryption, RainbowKit wallet
connection, privacy toggles, and real-time cross-chain verification polling
- Event indexer — Express + MongoDB service tracking all contract events
- 8 Foundry test suites — Comprehensive tests using CoFHE mock contracts
- Multi-chain deployment — 11 contracts on Arbitrum Sepolia, 5 contracts on Base Sepolia,
LayerZero V2 peer wiring
None, Will be continue working on Private DeFi