Skip to main content
PolyShield
POLYGON MAINNET · BETA
ProductHow It WorksDocsBlogRoadmap
Launch App
Docs menu · Architecture
Getting started
OverviewThe basicsQuickstartFAQ
Core concepts
The privacy modelZero-knowledge proofsSpending notesThe Merkle tree & nullifiers
Architecture
System overviewVault contractZK circuitsOff-chain services
Security
Threat modelTrust assumptionsBackup & recoveryFees
Reference
Glossary
ARCHITECTURE

System overview

PolyShield is four layers, each with a deliberately narrow trust role. The privacy guarantee survives even if the two off-chain services are fully compromised.

Your browserwallet · secret · proof generationonly party that can link youProof relay + indexsubmits proofs · pays gas · serves merkle / recovery datacannot forge or de-anonymizeSigning layerholds vault EOA · places CLOB orders · resolves marketscentralized v1 → TEE v2On-chain (Polygon)Vault · Merkle tree · nullifiers · 9 verifierssource of truth
Four layers, each with a distinct trust role. Privacy holds even if the relay and signing layer are fully compromised — they never see a secret, and the on-chain rules block theft regardless of who submits a transaction.
Your browser
Holds the wallet-derived secret and generates every proof in WASM. The only party that can link a wallet to a note.
Proof relay
Submits your proofs to the Vault and pays the gas, so your wallet is never the transaction sender. Doubles as the backend index. Cannot forge proofs or de-anonymize anyone.
Signing layer
Holds the vault EOA, places CLOB orders, resolves settled markets, and funds collateral just-in-time. Centralized in v1; an AWS Nitro TEE in v2.
On-chain
The Vault (UUPS proxy), its Merkle tree, nullifier registry, and 9 Groth16 verifiers. The source of truth — trustless except the owner upgrade key.
Why this split matters
Privacy doesn't depend on trusting the relay or signing layer. They only ever handle ZK proofs and public inputs — no secret passes through them. And the on-chain rules block theft, double-spend, and forged credits no matter who submits the transaction.