Skip to content

feat(examples): add keyless Zcash transparent signer example#501

Draft
clawdbot-glitch003 wants to merge 2 commits into
mainfrom
glitch003/zcash-signer-example
Draft

feat(examples): add keyless Zcash transparent signer example#501
clawdbot-glitch003 wants to merge 2 commits into
mainfrom
glitch003/zcash-signer-example

Conversation

@clawdbot-glitch003

@clawdbot-glitch003 clawdbot-glitch003 commented Jun 16, 2026

Copy link
Copy Markdown
Collaborator

Draft — parked for later. Full resume guide is committed at
examples/zcash-signer/SHIELDED-HANDOFF.md.
Read that to pick this back up; the summary below is the short version.

What's here now (transparent — complete & verified)

A keyless Zcash transparent (t1) wallet bound to a Lit Action's CID, modeled on examples/solana-signer. The action derives a secp256k1 t1 address from its own identity key, builds a v4 transaction, computes the ZIP-243 BLAKE2b sighash (NU6 branch id), and only signs single-recipient P2PKH transfers under a code-bound cap with change forced back to itself; the client uses Blockchair mainnet REST for UTXOs/broadcast. The signing path was checked against all 10 official zip_0243 test vectors (10/10) plus canonical secp256k1/DER vectors and an end-to-end run of the real action.

Why it's a draft

The original intent was to pivot this to a shielded (Orchard) signer. That was scoped and proven feasible with a real spike — the orchard crate compiled to WASM generates a Halo2 proof inside a real Lit Action (~100 MB peak, ~56 s in the TEE). It's parked behind two infra limit bumps that must land on dev first:

  1. Ingress timeoutdstack-ingress's internal nginx cuts responses at 60 s. Fixed in fix(phala): raise dstack-ingress nginx proxy timeouts to 900s #442 (raises PROXY_READ_TIMEOUT to 900 s); needs merge + dev redeploy.
  2. Action memory — on-chain LIT_ACTION_DEFAULT_MEMORY_LIMIT_MB (default 64, max 640) needs setting to 256 via the monitor dapp (no code change).

To resume

Land the two limits on dev, re-run the spike proof to confirm it returns, then build the real Orchard prover (real spends + v5 tx assembly), the wasm-loading JS action (fetch + pinned SHA-256 so it stays CID-bound), and a lightwalletd (lwd.testnet.zec.pro) client for note scanning + broadcast. Full details, exact spike numbers, and the spike crate source are in the handoff doc. The transparent example may be removed in favor of shielded at that point.

A keyless Zcash transparent (t1) wallet bound to a Lit Action's CID. The
action derives a secp256k1 t1 address from its own identity key, builds and
ZIP-243 signs every transaction it sends (BLAKE2b sighash personalized by the
consensus branch ID), and only signs single-recipient P2PKH transfers under a
code-bound cap with change forced back to itself. Includes the action, a
Blockchair-backed client (setup/address/balance/transfer), and a README.

Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
@clawdbot-glitch003
clawdbot-glitch003 requested a review from a team June 16, 2026 18:52
@socket-security

socket-security Bot commented Jun 16, 2026

Copy link
Copy Markdown

Dependency limit exceeded — report not shown.

This pull request scan exceeded the 10,000-dependency limit applied to this scan, so the results are incomplete and may be inaccurate. To avoid reporting false positives, Socket has not posted a report.

Upgrade your plan to raise the dependency limit and get complete reports, or view the partial scan in the dashboard.

Socket is always free for open source. If this is a non-commercial open source project, contact us to request a free Team account.

Captures the full state for picking this up later: what the transparent
example is and how it was verified, the shielded (Orchard) target design,
the WASM proving spike with real native/local/TEE numbers (and the spike
crate source), the wasm-delivery 413 tension, and the two infra blockers
(ingress timeout PR #442; on-chain LIT_ACTION_DEFAULT_MEMORY_LIMIT_MB -> 256)
with a step-by-step resume checklist.

Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
@clawdbot-glitch003
clawdbot-glitch003 marked this pull request as draft June 16, 2026 19:01
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

Projects

None yet

Development

Successfully merging this pull request may close these issues.

2 participants