Encrypted block sales for token foundations. Bidders compete with sealed prices, the chain clears a fair settlement, losing bids stay encrypted on Ethereum forever — independently re-verifiable by anyone with an Etherscan link, no account.
Live app · Headline sealed-auction proof · Reviewer replay path · Demo script · Launch QA
Zerith is a private auction protocol on Ethereum, powered by Fhenix Fully Homomorphic Encryption. Token foundations post a sale; bidders submit sealed prices; the chain runs the auction on encrypted handles using FHE.gt, FHE.max, and FHE.select; only the winning bid is ever revealed. Losing bids stay encrypted on-chain forever — including from us.
The receipt is on Etherscan. The mechanism is in the contract. The privacy claim is enforceable today by anyone with a block explorer.
flowchart LR
B["Bidder<br/>submits price"] --> E["Browser<br/>encrypts via cofhejs"]
E --> F["Fhenix Threshold<br/>Network co-signs"]
F --> C["Sealed handle<br/>posted to Ethereum"]
C --> X["FHE.gt + FHE.max<br/>+ FHE.select on ciphertext"]
X --> R["Winner revealed<br/>(TN signature on-chain)"]
R --> P["Losing bids:<br/>encrypted forever"]
classDef ink fill:#0a0a0a,stroke:#000,color:#fafaf7
classDef green fill:#dcfce7,stroke:#16a34a,color:#14532d
class B,P green
class E,F,C,X,R ink
| Landing · live | Sealed auction · live |
|---|---|
 |
 |
| Encrypted payroll | Cross-contract privacy audit |
 |
 |
Captured live from https://zerith-fi.vercel.app. Full mobile + desktop sweep in verification-evidence/ (40 PNGs).
Two ways to verify the headline claim — neither requires installing anything if you only need the proof.
The headline claim is "losing bids in a sealed auction stay encrypted forever, even from us." Here is that claim as a single transaction anyone can inspect right now:
Sealed auction · 3 bidders bid 500 / 800 / 1200 CDEX (all encrypted)
revealWinner tx → 0x98a1c650b8f992dacba8580ac25aa1c1960bde1d37fa490697a9a143014fafc7
Winner revealed: 1200 (burner3) — exactly what burner3 bid.
Losing bids: still encrypted handles in bids[0][burner1/burner2] on-chain.
Never `FHE.allowGlobal`'d — undecryptable forever.
Open the tx on Sepolia Etherscan. Inspect the input data. Read the SealedAuction contract source. The losing bids are mathematically inaccessible.
# 1 · Clone + install
git clone https://github.com/Ritik200238/zerith.git && cd zerith
npm install
# 2 · Verify all 26 deployed contracts respond on Sepolia
npx hardhat run tasks/launch-day-check.ts --network ethSepolia
# → 26 contracts confirmed live · addresses match deployed-addresses.json
# 3 · Run the full Hardhat test suite (40+ unit tests, all 20 contracts)
npm test
# → 40+ tests passing across 20 contract suitesTo run a fresh encrypted auction on Sepolia from a new burner wallet:
# 4 · Generate a funded burner (sends 0.03 Sepolia ETH from deployer)
npx hardhat run tasks/create-burner.ts --network ethSepolia
# 5 · Run the e2e sealed-auction verification script
npx hardhat run tasks/verify-auction-e2e.ts --network ethSepolia
# → posts encrypted bid, prints tx hash on chain, asserts encBalance changedOr just open https://zerith-fi.vercel.app, click Try Instantly (in-browser burner, no MetaMask needed, ~5 second setup), and run a real Sepolia auction through the UI.
Every transaction below is a real Sepolia receipt at submission time. No mocks. Click any tx hash for the Etherscan trace.
| Want to see | Open this |
|---|---|
| Sealed auction · losers stay encrypted forever (THE claim) | 0x98a1c650…fafc7 |
| Payroll · 3 recipients, each decrypts only own amount, TN rejects cross-account | b1 · b2 · b3 |
| OTC request → quote → accept (status flips to MATCHED) | accept tx |
| Vickrey second-price · encrypted bid posted | 0x9642ec83… |
| Dutch · encrypted purchase amount at decayed price | 0xa72a2bfd… |
| Batch · encrypted buyOrder, FHE clearing price | 0x44414962… |
| Overflow · encrypted commitment, pro-rata when over | 0xe112e977… |
| Treasury · vault deposit with FHE.allowTransient fix | 0x44f7b79b… |
| Treasury · withdraw with zero-replacement guard | 0xad53c0ac… |
| Proof-of-Reserves · cross-contract FHE.gte vs threshold | 0xec68150d… |
| Encrypted streaming · rate handle stored | 0xef4f35ea… |
| Confidential multisig · encrypted threshold | 0x6346c75d… |
| Freelance · 2 encrypted bids, FHE.lt picks lowest | post tx |
| Org + OrderBook + AllowlistGate triple | orderbook |
| Burner wallet that submitted everything above | 0x492a…a3e0 |
| Live product surface | https://zerith-fi.vercel.app |
| Full verification log (34 txs, every claim) | PHASE-2-VERIFICATION-LOG.md |
| Launch-day QA results | LAUNCH-QA-RESULTS.md |
Sepolia faucet: https://sepoliafaucet.com — ~0.05 ETH covers an afternoon of demo runs. The embedded burner on the live site (Try Instantly) handles funding for you.
Token foundations sit on roughly $30B+ in concentrated treasury positions (DeepDAO, 2025 estimate across the top 100 DAOs). When they sell, they leak. Every public token sale by Optimism, dYdX, Polygon, and others has measurably moved its own price during execution — typically 5–20% of notional in slippage and front-running, paid to MEV searchers who watched the order flow land.
Public chains broadcast every number. A sealed bid on Ethereum is not actually sealed. A foundation's reserve price is not actually reserved. A bidder's competitor sees every counter-quote in the mempool before it confirms. This is the cost of using a transparent ledger for finance that needs confidentiality — and it is structural, not solvable by better wallets.
Zerith fixes the structural problem with Fully Homomorphic Encryption. Bids, prices, counter-quotes, treasury balances, payroll amounts — all encrypted client-side, processed on-chain as ciphertext via Fhenix's CoFHE coprocessor, settled with one revealed result and zero leaked detail. The same primitive that hides a winning auction bid hides a salary, a balance, an OTC quote, a multisig threshold.
Target user. The finance lead at a token foundation diversifying their treasury. The market maker bidding on a foundation block sale. The DAO operations manager running payroll across 50 contributors. Anyone whose work demands settlement on a public chain and confidentiality of the numbers.
flowchart TB
subgraph Surface["Surface"]
UI["Next.js 16 app<br/>zerith-fi.vercel.app"]
Burner["Embedded burner<br/>5-second onboarding"]
SDK["@sigil/sdk<br/>(typed client)"]
end
subgraph Runtime["Browser runtime"]
Enc["cofhejs encrypt<br/>WASM + ZK proof"]
Tx["TxFlowDrawer<br/>4-step state machine"]
Lens["Privacy Lens<br/>3-perspective viewer"]
end
subgraph Fhenix["Fhenix CoFHE coprocessor"]
TN["Threshold Network<br/>operator quorum"]
Lib["FHE.sol library<br/>gt · max · select · add · sub"]
Decrypt["FHE.publishDecryptResult<br/>TN co-signed reveal"]
end
subgraph Chain["Ethereum Sepolia · 26 contracts"]
SA["SealedAuction"]
VA["VickreyAuction"]
DA["DutchAuction"]
BA["BatchAuction"]
OS["OverflowSale"]
PP["PrivatePayments"]
OTC["OTCBoard"]
SV["SettlementVault"]
Plus["+ 18 more"]
end
UI --> Enc
Burner --> Enc
SDK --> Enc
Enc --> TN
TN --> Lib
Lib --> SA
Lib --> VA
Lib --> DA
Lib --> BA
Lib --> OS
Lib --> PP
Lib --> OTC
Lib --> SV
Lib --> Plus
SA --> Decrypt
VA --> Decrypt
Decrypt --> Tx
Tx --> Lens
The five-step verification chain — encrypt client-side → TN co-sign → submit ciphertext → FHE compute → TN reveal only the winning result — is the load-bearing claim. Every encrypted feature collapses to this same pattern. Step 4 is what makes "losing bids stay encrypted forever" enforceable on-chain rather than a marketing claim.
Five primitives integrated. We do not claim anything we have not shipped.
| Primitive | Where Zerith uses it | User-visible value | Source |
|---|---|---|---|
| Fhenix CoFHE coprocessor | Every encrypted contract imports @fhenixprotocol/cofhe-contracts/FHE.sol. 22+ distinct FHE operations across the codebase (gt, max, select, add, sub, lt, gte, allowThis, allowTransient, allowSender, decrypt, publishDecryptResult, etc.). |
The chain runs operations on ciphertext without ever materializing the plaintext. | contracts/features/ |
| Threshold Network | Encrypted handle submission goes through the TN for co-signing before it lands on Ethereum. Decryption requires client.decryptForTx().withoutPermit().execute() against the TN to fetch operator signatures. |
A reveal cannot be faked by a single party — operator quorum is enforced. | proven via reveal tx 0x98a1c650… |
| cofhejs / @cofhe/sdk | Browser-side encryption WASM. Generates the ZK proof that proves the ciphertext was constructed correctly without revealing the plaintext. Used in every handleBid / handleCreateSplit / handleQuote flow. |
The user encrypts on their own device. The plaintext never leaves the browser. | frontend/src/hooks/useEncrypt.ts |
| EIP-1193 burner signer | New-user onboarding generates a fresh ethers.Wallet, the backend funds it from a Sepolia hot wallet, the browser uses it as the active signer. No MetaMask. |
A foundation finance lead can try the product in 5 seconds without installing a wallet extension. | frontend/src/app/api/burner/create/route.ts |
Per-user FHE.allow ACLs |
Every encrypted handle is owned by a specific address via FHE.allowThis() + FHE.allow(handle, user). Cross-account decryption is rejected by the TN. |
Burner1 cannot decrypt burner2's salary, even though both handles live on the same contract. | proven via payroll claim txs b1 · b2 · b3 |
Refreshed 2026-05-24 against the live chain and the repo.
| Metric | Value | Where to look |
|---|---|---|
| Contracts deployed (Ethereum Sepolia) | 26 | deployed-addresses.json |
| Solidity sources | 32 files (incl. interfaces + libraries) | find contracts -name "*.sol" |
| Hardhat unit-test suites | 20 | test/unit/ |
| End-to-end Sepolia transactions verified | 34 | PHASE-2-VERIFICATION-LOG.md |
| Distinct FHE operations used | 22+ | grep FHE\\. in contracts/ |
| Auction mechanisms | 5 (Sealed · Vickrey · Dutch · Batch · Overflow) | contracts/features/ |
| DAO finance primitives | 8 (Treasury · Payments · OTC · Streaming · Multisig · Org · OrderBook · Allowlist) | contracts/features/ |
| Frontend routes (mobile-clean) | 28 | verification-evidence/mobile/ |
| P0 bugs caught + fixed during QA | 6 | LAUNCH-QA-RESULTS.md §G |
| Onboarding time (Try Instantly → first bid) | ~5 seconds | embedded burner + faucet |
| Networks | Ethereum Sepolia (live) · Arbitrum Sepolia (queued for v1.1) | chainIds 11155111 + 421614 |
Tested on a clean macOS or Linux machine. Around five minutes including npm install.
node --version # v20.x or v22.x
npm --version # 10.xThe fastest path is the live site:
# Open Try Instantly on https://zerith-fi.vercel.app — burner is funded, faucet works.
# Submit a sealed bid through the UI. The TxFlowDrawer walks through:
# Encrypt locally → Submit to FHE network → Confirm on Ethereum → Sealed forevergit clone https://github.com/Ritik200238/zerith.git && cd zerith
npm install
cp .env.example .env
# Fill: PRIVATE_KEY (any Sepolia-funded wallet), SEPOLIA_RPC_URL
# Compile + test
npm run compile
npm test # 40+ tests passing
# Verify all live contracts respond
npx hardhat run tasks/launch-day-check.ts --network ethSepolia
# Generate a burner, fund it, run the headline sealed auction e2e
npx hardhat run tasks/create-burner.ts --network ethSepolia
npx hardhat run tasks/verify-auction-e2e.ts --network ethSepolia
# → 3 burners bid 500/800/1200 · close · reveal winner · losing bids encrypted forevercd frontend
npm install
cp .env.example .env.local
# Fill: BURNER_FUNDER_PRIVATE_KEY (the hot wallet that funds demo burners),
# SEPOLIA_RPC_URL (defaults to publicnode if unset)
npm run dev
# → http://localhost:3000npm run deploy:sepolia # deploys all 26 contracts
npx hardhat run tasks/seed-state.ts --network ethSepolia
cd frontend && npm run copy-abis # syncs ABIs from /artifacts to the frontend| Ethereum Sepolia | Arbitrum Sepolia | |
|---|---|---|
| Chain ID | 11155111 |
421614 |
| RPC | https://ethereum-sepolia-rpc.publicnode.com |
https://sepolia-rollup.arbitrum.io/rpc |
| Explorer | https://sepolia.etherscan.io |
https://sepolia.arbiscan.io |
| Faucet | https://sepoliafaucet.com (free, no auth) | https://faucet.quicknode.com/arbitrum/sepolia |
| Status | Live — 26 contracts, 34 verified txs | Queued for v1.1 — same contracts, redeploy script ready |
- Deployer — the wallet that owns every contract and funds demo burners. Set in
.envasPRIVATE_KEY. Single-key ownership today; will move to a Safe multisig before mainnet (acknowledged gap, see Shipped vs queued). - Burner used in the 34 verified txs —
0x492a…a3e0. Generated bytasks/create-burner.ts, funded with 0.03 Sepolia ETH. State persisted to.burner-wallet.json(gitignored). - Multi-bidder burners —
.multibid-burners.json(gitignored). Three burners that bid 500/800/1200 in the headline sealed-auction reveal.
| Operation | Gas (approx) | Notes |
|---|---|---|
Faucet (ConfidentialToken.faucet()) |
80k | mints 1000 CDEX to encrypted balance |
| Treasury deposit | 250k | includes setOperator + FHE.allowTransient fix |
| Sealed auction bid (encrypted) | 350k | InEuint128 + Fhenix TN co-sign |
| Sealed auction reveal | 400k | TN signature verification on-chain |
| Encrypted payroll claim (per recipient) | 200k | with cross-account ACL check |
Verifying an existing receipt on Etherscan costs the reviewer nothing.
Zerith is one product positioning-wise. The code is fourteen interlocking primitives. We make this distinction visible so a serious reviewer is not confused.
| Surface | Tier | Where it lives in the UI |
|---|---|---|
| Encrypted Block Sales (Sealed · Vickrey · Dutch · Batch · Overflow) | Wedge — production-ready | Sidebar: "Block Sales" |
| Treasury (vault deposits/withdraws, encrypted balances, Proof of Reserves) | Production-ready | Sidebar: "Treasury" |
| Audit (privacy schema for every contract, live counts) | Production-ready | Sidebar: "Audit" |
| Encrypted Payments / Payroll | Secondary — works end-to-end | /more → Payments |
| OTC Desk (encrypted request/quote/accept) | Secondary — works end-to-end | /more → OTC |
| Encrypted Trade / OrderBook | Secondary — works end-to-end | /more → Trade |
| Encrypted Streaming · Multisig · Org · Reputation · Agent · Activity | Secondary — pages live, less polished | /more |
| Encrypted Freelance · Escrow · Allowlist · Wrapper · Royalty · Raffle · Vesting · Limits · Referrals · Portfolio | Built · routes alive · not in nav | direct URL only |
The primary nav surfaces only the wedge + trust pages. Everything else is reachable from /more but does not compete with the wedge for a first-time visitor's attention.
- 26 deployed contracts, every address in
deployed-addresses.json, redeployed 2026-05-18 with theFHE.allowTransient(amount, token)vault fix - 5 auction mechanisms — Sealed, Vickrey, Dutch, Batch, Overflow — each with a verified e2e tx on Sepolia
- 8 DAO finance primitives — Treasury, Payments, OTC, Streaming, Multisig, Organization, OrderBook, AllowlistGate
- Embedded burner wallet —
/api/burner/createroute generates + funds a fresh burner in ~5 seconds; persists to localStorage; export-key modal in the navbar - TxFlowDrawer — 4-step state machine UI (encrypt → submit → confirm → sealed) wired into every encrypted-write flow, so FHE latency feels intentional instead of broken
- Privacy Lens — every page renders from three perspectives (me · counterparty · observer), default-on so the privacy claim is visible from first paint
- Editorial UI — 28 routes mobile-clean, dashed-border design system, no AI-slop placeholders
- 40+ Hardhat unit tests across 20 contract suites, all passing
- 34 end-to-end Sepolia transactions verified through real burner wallets, full log in PHASE-2-VERIFICATION-LOG.md
- Arbitrum Sepolia deployment. Same contracts, redeploy script is ready (
npm run deploy:arb-sepolia). Will land before mainnet target. - USDC settlement. Foundations sell tokens for stables. Today every auction settles in CDEX (the protocol's test token). Adding USDC as an alternate payment token is a contract-side change behind a
paymentTokenWhitelist. - Institutional KYC gate. Foundations cannot let unknown wallets bid on $50M sales. Will integrate Coinbase Verified Onchain or Privado ID as a per-auction allowlist source.
- Safe-multisig protocol ownership. Single-deployer ownership today. Pre-mainnet move to 2-of-3 Safe.
- Formal security audit. Conversation started with the standard audit firms (Spearbit, Zellic, ChainSecurity). 6–10 week lead time.
- First foundation design partner pilot. Real foundation, real treasury slice, real case study. The artifact that turns the next 10 conversations from "what is this?" into "how do I sign up?"
We do not pretend these are done. They are the work between "shippable testnet protocol" and "mainnet revenue."
26 contracts deployed 2026-05-18 with the vault ACL fix (FHE.allowTransient(amount, token) before confidentialTransferFrom). Every address verified on Etherscan; full address book in deployed-addresses.json.
Two contracts kept as carry-overs from the prior deploy because they're not affected by the vault fix:
| Contract | Address | Note |
|---|---|---|
ConfidentialWrapper |
0x7Cb515093392Af34cF14c654dbA666422420Df42 |
wrapper points at the new token via constructor arg |
EncryptedRaffle |
0xEADb49571BCA5188d9AEe0DB7b7154eD118Af1b1 |
doesn't touch the vault |
- Receipts are independently verifiable on Etherscan. No account, no wallet, no Zerith server. The headline sealed-auction tx
0x98a1c650…is a public record. Read the input data, read the contract source, see the losing bids that nobody can decrypt. - The honest tier is structural. Production-ready surfaces (Block Sales, Treasury, Audit) are in primary nav. Everything else lives on
/morewith a "secondary" label. We do not let breadth dilute the wedge. - Try Instantly is a 5-second onramp. Click one button on the live site, a fresh burner is generated server-side, funded from a Sepolia hot wallet, and active as your signer. No MetaMask. No faucet hunting. No network-switch friction.
- TxFlowDrawer makes FHE latency feel intentional. Encryption + threshold network co-sign + Ethereum confirmation legitimately takes 15–40 seconds. The drawer narrates exactly which cryptographic step is running, so users stop assuming the page is broken.
- Privacy Lens is default-on. First paint shows the chain as an observer sees it (ciphertext hashes, 🔒 sealed values). The toggle to switch into your-own-perspective is right there, but the privacy claim is the default reality, not an opt-in feature.
- Cross-account decryption is enforced by the TN, not by hope. Burner1 attempting to decrypt burner2's salary is rejected by the threshold network. Proven on Sepolia with the three payroll claim transactions.
https://zerith-fi.vercel.app is the canonical product surface. The repo also ships an early TypeScript SDK and a set of Hardhat tasks for headless replay.
npx hardhat run tasks/launch-day-check.ts --network ethSepolia # 26 contracts respond
npx hardhat run tasks/create-burner.ts --network ethSepolia # new burner + 0.03 ETH
npx hardhat run tasks/verify-auction-e2e.ts --network ethSepolia # headline sealed auction
npx hardhat run tasks/verify-payroll-e2e.ts --network ethSepolia # 3-recipient encrypted split
npx hardhat run tasks/verify-otc-e2e.ts --network ethSepolia # request → quote → accept
npx hardhat run tasks/verify-multisig-e2e.ts --network ethSepolia # encrypted threshold// packages/sdk (currently published as @sigil/sdk; will move to @zerith/sdk)
import { SigilClient } from "@sigil/sdk";
import { ethers } from "ethers";
const wallet = new ethers.Wallet(privateKey, provider);
const sigil = await SigilClient.init({ signer: wallet, network: "ethSepolia" });
// Post a sealed bid programmatically
const tx = await sigil.bid({ auctionId: 0, amount: 1200n });| Doc | Purpose |
|---|---|
| LAUNCH-QA-RESULTS.md | Canonical launch QA results — every claim mapped to a tx hash |
| LAUNCH-STATUS.md | One-page launch status (claims · evidence · open items) |
| PHASE-2-VERIFICATION-LOG.md | All 34 verified Sepolia transactions, organized by feature |
| DEMO-SCRIPT.md | 60-second demo runbook |
| PUNCH-LIST.md | Outstanding work items |
| LAUNCH-DAY-TEST.md | The acceptance test the protocol must pass on launch day |
| deployed-addresses.json | Source of truth for every live contract address |
Frontend-specific docs live under frontend/.
Code: MIT (see LICENSE — add if missing).
Open source at https://github.com/Ritik200238/zerith. Issues + PRs welcome. Security disclosures: open a GitHub issue marked security.
If you run treasury at a token foundation and want to see what an encrypted block sale looks like on your own asset, the live app and the headline tx are above. Pilot inquiries via DM to @zerithfi on X.
— Zerith — encrypted block sales for token foundations on Fhenix —