Unlinkable Confidential Payments
Quantum-resistant privacy for on-chain payments. Send funds that only the recipient can see. Withdraw to fresh wallets with zero on-chain link.
Vault Privacy Metrics
How It Works
Sender Deposits
Sender encrypts payment details using the recipient's CIFER and deposits funds into the Privacy Vault. Amount and memo are quantum-encrypted.
Recipient Decrypts
Only the recipient can decrypt the claim ticket using their CIFER. No one else -- not even the blockchain -- can see the payment details.
Unlinkable Withdrawal
Recipient generates a fresh wallet and withdraws there. The new wallet has zero history, making the payment completely unlinkable.
How We Compare
| Solution | Privacy | Quantum Safe | Decentralized | Compliant |
|---|---|---|---|---|
| Regular ETH / EVM | None | No | Yes | Yes |
| Tornado Cash | Full | No | Yes | Sanctioned |
| Zcash / Monero | Full | No | Yes | Restricted |
| CEX Internal | From public only | N/A | No | Yes |
| CIFER Private Tx | Selective | Encryption: Yes | Contract: Yes | Not sanctioned |
Selective privacy: Encrypted claim tickets + unlinkable withdrawals. Sender address visible on-chain.
Encryption quantum-safe: ML-KEM-768 (NIST post-quantum). Blockchain signing (ECDSA) is not yet quantum-safe on any EVM chain.
Contract decentralized: On-chain logic is permissionless. CIFER key management relies on Ternoa's enclave network.
Security Guarantees
Quantum-Resistant Encryption
ML-KEM-768 (NIST post-quantum standard) protects encrypted claim tickets against future quantum computers.
Unlinkable Withdrawals
Fresh wallets have zero transaction history, breaking any on-chain link between sender and recipient.
Encrypted Claim Tickets
Payment details (amount, memo, claim secret) are encrypted on-chain. Only the recipient can decrypt.
Double-Spend Prevention
Nullifiers are marked as used after claim, preventing re-use of the same claim ticket.