SYS // v0.1.0-ALPHAHEALTH // Nodes (6/6) OK
UNTRACEDocumentation

Private Blockchain Transactions

Untrace is a private-by-default blockchain. Unlike public chains where every transaction, address balance, and smart contract interaction is visible to anyone, Untrace transactions reveal only what the parties choose to reveal — and nothing more.

The Problem With Public Chains

On Ethereum, Solana, and most L1/L2 networks today:

  • Every transaction is visible to every participant on the network
  • Wallet balances are public — anyone can look up what you hold
  • Smart contract interactions are traceable — your DeFi positions, vault contents, and counterparties are exposed
  • Transaction graphs can be de-anonymized using on-chain analytics

This is a fundamental privacy failure. Institutions cannot use public chains for sensitive financial operations. Individuals cannot use them without exposing their full financial history.

Untrace treats transaction privacy as a first-class property, not an afterthought.

How Private Transactions Work

Untrace uses a combination of ZK proofs, stealth addresses, and confidential transaction amounts to ensure that transactions reveal the minimum possible information while still being cryptographically valid and network-verifiable.

1. ZK Transaction Proofs

Every transaction on Untrace is accompanied by a ZK proof that asserts:

  • The sender has sufficient balance (without revealing the balance)
  • The transaction is correctly formed (without revealing the amount)
  • The sender's identity is authorized (without revealing the DID)

The network verifies the proof and processes the transaction — without learning anything about who sent what to whom, or for how much.

2. Stealth Addresses

Recipients on Untrace use stealth addresses — one-time addresses derived from a recipient's public key using a Diffie-Hellman key exchange. For each transaction:

  1. The sender generates a unique ephemeral key pair
  2. A one-time stealth address is derived for the recipient
  3. Funds are sent to the stealth address
  4. The recipient scans the chain using their private scan key to identify incoming transactions

An observer on-chain sees only a payment to a fresh address. The link between that address and the recipient's identity is invisible.

Sender computes:
  shared_secret = ECDH(sender_ephemeral_key, recipient_public_key)
  stealth_address = KDF(shared_secret)

Recipient scans:
  For each tx, test: KDF(ECDH(scan_key, tx.ephemeral_pubkey)) == tx.destination

3. Confidential Amounts

Transaction amounts on Untrace are hidden using Pedersen Commitments. A commitment to an amount A with blinding factor r is:

$$C = r \cdot G + A \cdot H$$

The commitment hides the amount while allowing the network to verify that inputs equal outputs (no coins created from nothing) without seeing any individual value. This is the same technique used in Confidential Transactions (Maxwell, 2016) and extended in Monero's RingCT.

What Is and Is Not Revealed

| Data | Visible On-Chain | Notes | | --------------------- | ---------------- | -------------------------------------------- | | Transaction exists | Yes | A transaction record is needed for consensus | | Sender identity | No | Stealth address; ZK proof | | Recipient identity | No | Stealth address | | Amount | No | Pedersen commitment | | Smart contract called | Configurable | dApps can choose to expose or hide this | | Proof validity | Yes | Network must verify the proof | | Timestamp / block | Yes | Required for consensus and ordering |

Selective Disclosure

Privacy on Untrace is not absolute — it is user-controlled. Parties can choose to disclose specific transaction details to specific verifiers without revealing anything else.

Use cases for selective disclosure:

  • Regulatory compliance: A business proves to a regulator that a specific payment occurred, without revealing any other transactions
  • Tax reporting: Prove total income to a tax authority without exposing individual counterparties
  • Audit: Allow an auditor to verify a set of transactions without accessing the full transaction graph
  • KYC/AML: Prove that funds did not originate from flagged sources, without revealing the source

Selective disclosure is enabled by the same ZK infrastructure that powers the rest of the Untrace protocol — proofs are generated for specific claims, revealing only what is needed.

// Generate a disclosure proof for a specific transaction
const proof = await client.tx.generateDisclosureProof(txId, {
  revealAmount: true,
  revealTimestamp: true,
  revealRecipient: false,
  revealSender: false,
})

// Verifier checks the proof without accessing any other data
await verifier.verify(proof)

Private Smart Contracts

Untrace extends privacy to smart contract execution. Contract state, inputs, and outputs can all be kept private:

  • Private inputs: Function arguments are ZK-proven without being revealed to nodes
  • Private state: Contract storage is encrypted; only authorized parties see state
  • Private events: Event emissions can be encrypted for specific recipients

This enables applications like private voting, sealed-bid auctions, confidential DeFi, and privacy-preserving identity verification — all on programmable infrastructure.

Comparison

| Chain | Public Amounts | Hidden Amounts | Hidden Addresses | Private Contracts | | -------------- | -------------- | ------------------ | ---------------- | ------------------------ | | Ethereum | Yes | No | No | No | | Zcash | Configurable | Shielded pool only | Shielded only | No | | Monero | No | Yes (RingCT) | Yes (stealth) | No | | Aztec (L2) | No | Yes | Yes | Yes (Ethereum-dependent) | | Untrace | No | Yes | Yes | Yes (native L1) |

Further Reading

  • ZK Data Vaults — How ZK proofs extend to data storage, not just payments
  • Web3 Access Control — Fine-grained ZK-gated permissions
  • Whitepaper — Full cryptographic specification of the transaction privacy system
  • Tokenomics — How private transaction fees flow through the $UNTRACE burn mechanism