Skip to main content
PolyShield
POLYGON MAINNET · BETA
ProductHow It WorksDocsBlogRoadmap
Launch App
Docs menu · Security
Getting started
OverviewThe basicsQuickstartFAQ
Core concepts
The privacy modelZero-knowledge proofsSpending notesThe Merkle tree & nullifiers
Architecture
System overviewVault contractZK circuitsOff-chain services
Security
Threat modelTrust assumptionsBackup & recoveryFees
Reference
Glossary
SECURITY

Trust assumptions

A plain, honest accounting of what you rely on when you use PolyShield. The headline up front: nothing here lets anyone take your funds or send them anywhere but your own wallet.

Upgradeable contracts

Like nearly every serious DeFi protocol, PolyShield's contracts are upgradeable. That's a feature, not a flaw: it lets the team fix bugs and ship improvements without asking everyone to migrate their funds to a new contract. Upgrades are controlled by an owner key.

In production that key is a multisig — several independent signers who must agree before anything changes — so no single person can act alone. You're trusting that this key is responsibly managed, which is the same, well-understood assumption you already make with virtually every upgradeable app in crypto. It doesn't touch your day-to-day privacy, and it doesn't change the withdraw-to-self rule that keeps your money pointed at your own wallet.

The signing layer (convenience, not custody)

The operator places your orders on Polymarket. At worst it could be slow or temporarily unavailable — an inconvenience, not a way to lose money. It cannot move your funds (withdraw-to-self is enforced by cryptography) and cannot de-anonymize you. If it ever went offline, built-in on-chain cancellation paths let you reclaim any in-flight funds yourself. Version 2 runs it inside a secure enclave (AWS Nitro) that can cryptographically prove it's running the honest code.

Standard cryptography

PolyShield is built on Groth16, BN254, and Poseidon — the same battle-tested, widely-audited primitives used across the ZK ecosystem. You're trusting math that thousands of engineers and billions of dollars already rely on.

What you never have to trust
That any server keeps your secret safe — because no server ever receives it. Self-custody is absolute: control of your depositing wallet is all you need to control your money, always.