Private Withdrawal·Circuit 2 + Circuit 3 (ASP)

Private Withdrawal

Redeem your shielded note with dual ZK proofs. A withdrawal proof unlocks your funds; an ASP Merkle non-inclusion proof confirms sanctions compliance.

Input

Withdrawal Proof

ASP Proof

Transaction

Complete

Stellar Secret Key

Signs the transaction locally — never sent off device

Note Commitment (hex)

The 0x... commitment returned at deposit time

Nullifier (hex)

The nullifier from your deposit receipt — proves single-use

Recipient Address (G...)

Stellar public key that will receive the funds

Dual-proof withdrawal security model

① Withdrawal Proof

Circuit 2 proves you know the secret behind the commitment — unlocks funds

② ASP Proof

Circuit 3 proves Merkle non-inclusion: your address is NOT in the sanctions tree

③ Soroban Verify

Contract verifies both proofs and checks nullifier uniqueness before releasing

Withdrawal Proof Flow

Note Secret

Reveal preimage

→

Nullifier

Poseidon2(secret, 0)

→

Circuit 2

Withdrawal proof

→

ASP Merkle

Non-inclusion proof

→

Circuit 3

Sanctions clear

→

Soroban TX

withdraw(proof1, proof2)