How It Works

Overview

The Offshore Cash protocol works in three steps:

1. Deposit — Send funds to the MainPool with a cryptographic commitment
2. Wait — Your deposit joins the privacy set
3. Withdraw — Generate a ZK proof and withdraw to any address

Step 1: Deposit

When you deposit, the protocol:

1. Generates a random secret and nullifier
2. Computes a commitment = Poseidon(secret, nullifier)
3. Computes a leaf = Poseidon(commitment, token, amount)
4. Inserts the leaf into the Merkle tree
5. Returns a note containing your secret (save this!)

Note format: offshore-eth-{amount}-{secret}

WARNING

Save your note! It's the only way to withdraw your funds. If you lose it, your deposit is permanently locked.

Step 2: The Privacy Set

Every deposit is added to the same Merkle tree. The larger the tree, the bigger the privacy set — meaning more possible depositors a withdrawal could correspond to.

Step 3: Withdraw

To withdraw, you (or a relayer on your behalf):

1. Reconstruct the Merkle proof for your deposit leaf
2. Generate a ZK-SNARK proof that you know the secret for a valid deposit
3. Submit the proof to the MainPool contract
4. Receive funds at your chosen address

The ZK proof proves:

• ✅ You know a valid secret/nullifier pair
• ✅ The corresponding leaf exists in the Merkle tree
• ✅ The nullifier hasn't been used before (no double-spend)
• ❌ It does NOT reveal which deposit is yours