Stellar Community Fund

By Sanctum

Private Payments on Soroban

SCF #25

$85.0K

Legacy v5.0 Community Award

Awarded

Sanctumis a non-custodial privacy-preserving payment system, with several compliance-friendly safety features.

Products & Services

Sanctum is a non-custodial privacy-enhancing payment system. Transactions on Sanctum are private by default, meaning the identities of the senders and recipients are unknown to the public and the amounts are also hidden. Moreover, the system targets regulatory compliance by implementing the following features:

- Blacklisting: When a user is blacklisted, say in response to a warrant or a known DeFi exploit, any transaction where that user is a sender or a recipient can be decrypted by an authorized party. That is, the law enforcement party is provided a decryption key for accessing all transactions involving that blacklisted user. The key is generated by a decentralized mechanism where, say, all parties in a committee approve the decryption request upon verifying the warrant. The access structure policy implemented by this committee is configurable -- for instance, any m out of n committee members can approve the request. - Proof of Innocence: As the set of blacklisted addresses grows, any payment must additionally prove that the sender and recipient are not blacklisted users, based on the most recent database of blacklisted users. This so-called proof-of-innocence is zero-knowledge, thus providing anonymity. - Anti-Money Laundering: Sanctum attempts to provide anti-money laundering (AML) by enforcing a privacy budget, wherein transactions remain fully private only until a certain cumulative threshold (say $10,000 a month) and any transaction that exceeds the threshold can be decrypted by an authorized party (e.g., a law enforcement party). - Anonymous Credentials: Sanctum provides each user with a credential, which can be issued as a result of the KYC process. Sanctum works with the anon-creds system and is therefore agnostic of the identity provider. Sanctum verifies that a payment only occurs between users that have a valid credential, although the private attributes of the credential are never leaked.