Skip to main content
PolyShield
POLYGON MAINNET · BETA
ProductHow It WorksDocsBlogRoadmap
Launch App
Docs menu · Architecture
Getting started
OverviewThe basicsQuickstartFAQ
Core concepts
The privacy modelZero-knowledge proofsSpending notesThe Merkle tree & nullifiers
Architecture
System overviewVault contractZK circuitsOff-chain services
Security
Threat modelTrust assumptionsBackup & recoveryFees
Reference
Glossary
ARCHITECTURE

Off-chain services

Two off-chain services keep the experience smooth without ever holding a secret or being able to de-anonymize you.

Signing layer

A Node.js service holding the vault EOA key. Per bet it:

  1. Listens for BetAuthorized events (windowed, cursor-persisted log scan) and resolves the real Polymarket tokenId / conditionId from a market registry.
  2. Funds the Polymarket deposit wallet just-in-time right before the order — no collateral sits pre-deployed.
  3. Submits to the live CLOB: fill-or-kill for market orders, GTC/GTD for resting limit orders.
  4. Tracks fills over a websocket and signs one EIP-712 attestation per bet (FILLED / FAILED / PARTIAL / SOLD), which you submit with your credit proof.
  5. Detects market resolution and calls resolveMarket, then best-effort redeems collateral.
Dead-man circuit breaker
If Polymarket bans the account (403 / flagged), the signing layer halts all signing and alerts — funds stay safe and recoverable through the on-chain cancellation paths.

Proof relay & backend index

A stateless service with two jobs:

  • Relay — accepts a proof + public inputs and submits the matching Vault call from its own EOA, paying gas. Your wallet only ever signs Vault.deposit(). It can't forge proofs.
  • Index/cache — mirrors public on-chain state into SQLite so clients never re-scan the chain: /merkle-path (O(32) path lookup), /recovery-data (your deposits + anonymous spend events), /events (the public explorer).
Privacy invariant
The index stores only public, anonymous data. It can't link a spend to a wallet (no secret server-side) and can't forge notes (your client matches events by your own derived nullifier). Worst case for a malicious index is incomplete recovery — never theft or de-anonymization.