ROADMAP
Building privacy infrastructure for prediction markets.
Six phases from working prototype to cryptography frontier. The core protocol, the full order/fee/recovery stack, and live Polymarket integration are shipped and running on Polygon mainnet — the remaining phases harden, decentralize, and scale it.
P1
Core Protocol · shipped
SHIPPED
Private Vault — Live on Polygon Mainnet
9 Circom circuits compiled to WASM + Groth16 proving keys: DEPOSIT, BET_AUTH, SETTLEMENT_CREDIT, WITHDRAWAL, BET_CANCEL, CANCEL_CREDIT, POSITION_CLOSE, PARTIAL_CREDIT, CONSOLIDATE
UUPS-upgradeable Vault + CommitmentMerkleTree (Poseidon, depth 32, rolling 1024-root window) + NullifierRegistry + 9 Groth16 verifier adapters, all behind ERC-1967 proxies
Mandatory deposit-binding proof (FC-2): the committed balance is cryptographically tied to the amount actually transferred — no over-commitment
Wallet-derived secrets — secrets derived deterministically from an EIP-191 signature, so users never back anything up; full note recovery from chain history
Operator-driven one-click settlement with payouts derived on-chain from the real Gnosis CTF; client-side WASM proving (real Groth16, no mocks)
$50,000 USDC per-address cumulative deposit cap, enforced in Vault.deposit()
Full deposit → bet → settle → withdraw exercised end-to-end on Polygon mainnet with real funds
P2
Orders, Fees & Infra · shipped
SHIPPED
Order Types, Fees & Backend Index
FAK market orders + GTC/GTD resting limit orders (FC-4), with partial-fill credit for the unfilled remainder
Gasless operator reporting (FC-9): the operator signs a single EIP-712 attestation per bet instead of pushing status on-chain
Just-in-time collateral deployment (FC-7): nothing is pre-deployed; the deposit wallet is funded per-bet, with a reused residual buffer
Protocol fees (FC-10): bet fee + relay-gas reimbursement (injected into BET_AUTH) and a withdrawal fee — all governance-mutable, accruing in the pool
Note consolidation (FC-8) and pre-settlement position close / secondary sale (FC-1)
Backend index/cache + recovery + explorer (FC-12): clients fetch merkle paths, recovery data, and events from the relay — never re-scanning the chain
Live Polymarket integration: real Gamma markets, a conditionId→tokenId market registry, and a settlement resolver (poll + filtered CTF event)
Single-host Docker deployment behind Caddy with automatic TLS
P3
Hardening & Beta · in progress
IN PROGRESS
Audit, Trust-Minimize the Owner Key, Public Beta
Third-party security audit + remediation; enable a tuned Content-Security-Policy
Move the contract owner (instant UUPS upgrade key) to a multisig / HSM and evaluate an upgrade timelock
Base-buffer collateral policy (Option 4 / FC-6) layered over JIT to smooth funding
Persist the signing-layer circuit-breaker halt flag across restarts + a real alert sink (PagerDuty/Telegram)
Grow the anonymity set; define the governance path to lift the per-address deposit cap
Public mainnet beta — open onboarding on Polygon mainnet (current phase)
P4
TEE & Trust Minimization · planned
PLANNED
Confidential Signing & Resilience
Signing Layer v2: AWS Nitro Enclave — the vault EOA key never leaves the enclave boundary
Remote attestation endpoint + on-chain attestation gate: the Vault accepts bets only from an attested, unmodified signer
Multi-EOA rotation: recover from a Polymarket ban without disrupting the commitment tree
Withdrawal timing posture (Standard / Fast / Paranoid) and an onion-routed relay to resist IP/timing correlation
Fee governance transition: move fee parameters to an on-chain governance contract
P5
Multi-chain & Scaling · research
RESEARCH
Cross-Chain Deposits & Proof Scaling
Multi-chain deposits: accept USDC from Ethereum, Base, and Arbitrum into the Polygon vault via a canonical/lock-and-mint bridge
SMT-based nullifier registry: O(log n) membership proofs replacing the flat mapping
Recursive proofs: aggregate multiple bet authorizations into a single on-chain proof
WebSocket live vault feed; native-speed mobile WASM prover
Expand beyond Polymarket via a generic CLOB adapter; optional compliant selective-disclosure withdrawal mode
P6
Cryptography Frontier · research
RESEARCH
Post-Quantum & FHE
POST-QUANTUM ZKP RESEARCH
Research lattice-based and hash-based ZK proof systems resistant to quantum adversaries
Evaluate STARKs and other transparent, post-quantum-friendly proof systems
Assess a migration path from BN254-based Groth16 to a post-quantum ZK backend
NEXT-GENERATION PROVING
ZK coprocessor integration: offload proof verification gas to a dedicated coprocessor network
Proof marketplace: permissionless GPU operators compete to generate proofs for users
FULLY HOMOMORPHIC ENCRYPTION RESEARCH
Research FHE primitives for private vault state computed without decryption
Evaluate FHE-ZK hybrids — FHE for state confidentiality, ZK for transition validity
Assess FHE-based private order matching as an alternative to the CLOB-proxy architecture