Skip to main content
PolyShield
POLYGON MAINNET · BETA
ProductHow It WorksDocsBlogRoadmap
Launch App
Docs menu · Security
Getting started
OverviewThe basicsQuickstartFAQ
Core concepts
The privacy modelZero-knowledge proofsSpending notesThe Merkle tree & nullifiers
Architecture
System overviewVault contractZK circuitsOff-chain services
Security
Threat modelTrust assumptionsBackup & recoveryFees
Reference
Glossary
SECURITY

Backup & recovery

There is nothing to back up. Your wallet is your backup — secrets are derived from it on demand.

How recovery works

  1. On a new device (or after clearing storage), click Recover notes.
  2. The app fetches your public events from the backend index (/recovery-data) — no chain scan.
  3. It re-derives your secrets by index from a single wallet signature and keeps only the events whose nullifier matches your own.
  4. Your full note set is rebuilt, including credit notes from settlements.
V2 master seed
New deposits use a one-signature scheme: a single master-seed signature unlocks every note secret for the session, held in memory only. Recovery and every spend in a session collapse to that one signature — no per-note prompts.

What you must preserve

Your wallet, and only your wallet. As long as you control the depositing address, your position is recoverable. Lose the wallet and the position is unrecoverable — there is no admin override, by design.

Withdrawal restriction

You can only withdraw to the wallet that made the original deposit. This is enforced inside the withdrawal circuit via the owner_address field and independently re-checked by the Vault. There is no path to send funds anywhere else.