1 of 8

ShieldVoucher

Private Bitcoin Payments on Starknet

Presented by Jerry George

2 of 8

Bitcoin is Fully Traceable

Every Bitcoin transaction is permanently recorded on a public ledger, creating an immutable trail of financial activity. While this transparency ensures network security, it fundamentally breaks financial privacy.

Addresses can be linked through analysis, transaction patterns reveal spending habits, and historical transactions remain visible forever. For privacy-conscious users, this is unacceptable.

3 of 8

Shielded Voucher Model

Deposit

Lock BTC in escrow contract

Commitment

Create cryptographic hash

ZK Proof

Generate privacy proof

Redeem

Claim funds anonymously

This four-phase protocol enables private Bitcoin transfers using zero-knowledge cryptography and Starknet's scalable infrastructure.

4 of 8

Zero-Knowledge Architecture

Pedersen Hash Commitments

Cryptographic commitments hide deposit amounts while ensuring they can't be changed later

Merkle Tree Inclusion Proof

Prove your commitment exists in the tree without revealing its position or siblings

Nullifier Protection

Unique identifier prevents double-spending while remaining unlinkable to original deposit

Secret Never On-Chain

Random secret stays client-side, never exposed to blockchain observers or validators

5 of 8

Starknet + Proof Stack

Core Infrastructure

Cairo smart contracts - Write verified logic in Starknet's native language

STARK proofs - Herodotus Atlantic generates scalable cryptographic proofs

FactRegistry - On-chain verification of proof integrity

L2 scalability - Process thousands of private transactions efficiently

6 of 8

Execution Flow

Generate Secret (Client-Side)

Random 256-bit secret created locally, never transmitted or stored

Commit to Merkle Tree

Compute Pedersen hash and append to on-chain Merkle tree

Generate STARK Proof

Prove knowledge of secret without revealing it using Cairo

Verify On-Chain

FactRegistry confirms proof validity and uniqueness

Release Funds

Recipient claims BTC without any linkage to original deposit

7 of 8

Security Guarantees

Unlinkability

No shared identifiers connect deposit and redemption. Observers cannot link transactions even with full blockchain visibility.

Double-Spend Protection

Nullifier system ensures each commitment can only be redeemed once, preventing replay attacks while maintaining privacy.

Cryptographic Verification

STARK proofs provide mathematical certainty that commitments are valid without revealing underlying secrets.

Trustless Execution

Smart contracts enforce protocol rules automatically. No trusted intermediaries required for private transactions.

8 of 8

Live Demo

01

Deposit

Lock BTC in escrow

02

Generate Code

Create redeemable voucher

03

Redeem

Claim funds privately

Watch as a complete private Bitcoin transaction executes on Starknet in real-time, demonstrating full privacy guarantees.