Nox

Problem Statement

Nox is a privacy-preserving trading layer for perpetual futures. Users deposit tokens into a dark pool where balances are represented as ZK notes instead of public addresses. APrivacyProxyowns all on-chain positions on the underlyingClearingHouseV2, while real user ownership is tracked off-chain using signatures derived from a private “dark-pool secret.” This lets traders open/close positions and move collateral without revealing their identity or balances on-chain.Funds flow in two directions:Into the DEX: Users prove note ownership in theTokenPoolusing ZK (withdraw/transfer proofs). The pool “approvesWithdrawal” and thePrivacyProxypulls collateral, credits private free-collateral for the user’s pubkey, and deposits intoClearingHouseV2.Back to the dark pool: Users sign a withdraw intent; the proxy withdraws collateral fromClearingHouseV2and callsTokenPool.depositForto mint a new private note to the user’s receiver hash.An HTTP backend indexes on-chain events and serves a privacy-aware API. It tracks open/historical positions per user pubkey and maintains a local view of unspent notes keyed by receiver hash. The frontend bootstraps a per-user secret via a signed message, derives a pubkey and receiver hash, and interacts with the backend using signed headers. As a result, positions and balances can be queried privately, while the public ledger only shows activity of the proxy and the DEX.

Solution

Smart contracts (Solidity):TokenPool: Private note system with Poseidon commitments, incremental Merkle tree, nullifiers, and two ZK verifiers (Claim and Withdraw/Transfer). Supports deposit, withdraw, transfer, claim, approveWithdrawal, and depositFor.PrivacyProxy: Bridges the dark pool and ClearingHouseV2. Manages per-user free collateral mapped by a pubkey (keccak of the user’s secret EOA). Requires ECDSA signatures over action-specific messages to authorize trading or withdrawals.ClearingHouseV2: Minimal perp engine with collateral accounting, fees, PnL, margin checks, liquidations, and position events. Collateral token is mintable for positive PnL to settle profit into the system.ZK verifiers: Ultra Honk-based on-chain verifiers for claim and withdraw/transfer circuits.Libraries: Poseidon2, Merkle tree, ProofLib for public input decoding.ZK Circuits (Noir):Claim circuit merges a new claim with an existing commitment via Lean IMT inclusion proofs and Poseidon hashing, enforcing correct receiver secret and (optional) previous state accumulation.Withdraw/Transfer circuit (in repo) validates spending via nullifier, root inclusion, and new commitment computation for change notes.Backend (Rust, Axum + sled + ethers):Dual services: API server and indexer.Indexer queries logs from PrivacyProxy, ClearingHouseV2, and TokenPool (NoteCreated/NoteClaimed) and persists:Open positions by user pubkey (private), historical positions (closed/liquidated), and public positions by EOA for transparency.Unspent notes by receiver hash, allowing users to fetch notes privately using only their hash.API endpoints require signed headers. Server derives the same pubkey as the contracts (keccak of recovered EOA), aligning off-chain identity with on-chain checks. Also stores small encrypted metadata blobs per user (e.g., last-used nullifier nonce and latest commitment info).Frontend (Vite + React + wagmi + Zustand + axios):On “private mode” init, asks the user to sign a message; derives a private key used to form a “secret wallet,” then derives:pubKey: keccak(address(secretWallet))receiverHash: Poseidon(receiverSecret)Uses signed headers to call the backend for:Private open/historical positions paginationUnspent notes for the user’s receiver hashSmall encrypted metadata storage (to track nullifier nonce and commitment leaf index)Public mode can view public open positions by EOA via indexer endpoints.Integrations and hacky bits:The proxy pattern concentrates all public DEX activity under PrivacyProxy, hiding actual owners while preserving correctness with signatures bound to a derived pubkey.sled is used for a lightweight append-only style DB to serve fast pagination and note lookups without external infra.The indexer converts websocket RPC to HTTP polling to safely chunk through historical ranges and avoid missed events, with retry loops and chunking to handle RPC limits.Mint-on-profit in ClearingHouseV2 simplifies PnL settlement for a hackathon demo environment.Partner/stack benefits:Noir/Honk verifiers on-chain let us prove note ownership and state transitions without revealing identities.Ethers + Axum provide a fast Rust indexer and HTTP server.wagmi and ethers on the frontend streamline wallet interactions and message signing.This delivers privacy-preserving perp trading: users keep balances and actions private in a ZK note system, while a proxy safely intermediates interaction with a standard DEX.