Z mark
APP

Zcash Verifier

Local Proving

Client-side witness construction and SP1 proof requests

Overview

The browser experience uses the zfun_wasm package (compiled from crates/wasm) to deserialize a Zcash light-wallet database entirely in memory. Rusqlite runs against a temporary, read-only copy of the file; no wallet bytes leave the device. Once the witness is built, the module mirrors the native CLI and runs verify_holdings locally before uploading the serialized SP1 stdin to the prover service.

All network calls are plain HTTPS requests to the prover server (/queue, /hashes, /artifact/{is_tee},/proof). The server never sees decrypted notes or UFVKs, only the domain-separated alternate nullifiers and transparent commitment hashes that are already public in the resulting proof.

Browser Execution Flow

  1. 1.

    Initialize WASM

    init() configures logging and prepares sqlite virtual tables. get_snapshot_metadata() exposes the baked-in SNAPSHOT, letting the UI show the exact height and Merkle roots before any wallet file is touched.

  2. 2.

    Deserialize Wallet Bytes

    load_processed_input(dbBytes) copies the uploaded SQLite file into an in-memory connection, invokes create_witness, runs verify_holdings, and returns a ProofInput with (a) the serialized SP1Stdin, (b) the raw HoldingsWitness, and (c) the already-verified ProcessedHoldings summary.

  3. 3.

    Run Local Safety Checks

    Before any upload occurs, the frontend queries /queue to ensure the prover capacity is available and /hashes to make sure none of the alternate nullifiers or transparent commitments were already claimed.

  4. 4.

    Upload Serialized Witness

    Request a presigned URL via /artifact/{is_tee} (validated to share the same tee_base_url). Then the browser PUTs the serialized SP1Stdin buffer and POSTs /proof with the artifact URI plus the user's Solana address for attribution.

  5. 5.

    Poll Proof Status

    Once the SP1 Reserved network fulfills the proof, the server downloads it, verifies it locally, records the public ProcessedHoldings bytes, and exposes them via /proof/:id for the frontend to retrieve.

Proof Service Endpoints

EndpointDescription
GET /queueCheck SP1 backlog
POST /hashesDedupe alt nullifiers
POST /artifact/{is_tee}Obtain presigned upload URL
POST /proofEnqueue SP1 request
GET /proof/:idPoll fulfillment

Witness Helpers

MethodDescription
ProofInput.snapshot()Inspect selected accounts & notes
ProofInput.processed()Already-verified totals and hash lists
ProofInput.stdin(internal) Serialized stream fed to SP1

Usage Snippets

Loading...

Need an offline sanity check? Run the same flow with the CLI instead of the browser:

Loading...