0xbow is a research and development organization focused on creating open-source infrastructure for compliant on-chain privacy within decentralized finance (DeFi). The organization's primary product is the Privacy Pools protocol, which enables users to transact privately while programmatically disassociating their funds from illicit sources. Incubated by NumberGroup, 0xbow aims to reconcile the demand for user privacy with global regulatory requirements through the use of zero-knowledge proofs and a novel concept called "Proof of Association." ^[1]​

Overview

0xbow addresses the challenge of privacy on public blockchains like Ethereum, where transaction histories and account balances are transparent by default, posing potential financial and personal risks to users. ^[2] The organization's approach is to provide a mechanism for private transactions that also incorporates a compliance layer. The central thesis is that users should be able to prove the legitimacy of their funds without revealing their entire transaction graph. ^[1]​

The project's vision is described as the DeFi sector's "response to the growing need for a balanced approach to privacy and regulatory compliance." ^[3] This is achieved through the Privacy Pools protocol, which uses a system of "Association Sets" curated by an "Association Set Provider" (ASP). This model allows users to generate a zero-knowledge proof demonstrating that their funds are part of a pool of compliant assets, thereby breaking the on-chain link to their deposit address while assuring counterparties of the funds' legitimate origin. ^{[4] [1]}​

The core technology developed by 0xbow is open-source and modular, allowing other privacy protocols, decentralized applications, and Layer 1 or Layer 2 ecosystems to integrate its compliance tools. The legal entity behind the project is 0XBOW LTD. ^[2]​

History

The 0xbow project's public presence began with the creation of its official X (formerly Twitter) account in October 2023. ^[3] The organization was incubated by NumberGroup, an entity supporting development in the blockchain space. ^[1]​

A significant technical milestone for the project was the completion of a trusted setup ceremony, a cryptographic process required to generate secure parameters for the protocol's zero-knowledge proofs. The ceremony concluded with 514 unique contributors, enhancing the security and decentralization of the system's foundation. ^[1]​

The core development on the privacy-pools-core repository saw significant activity throughout 2025.

• In January 2025, work was committed for implementing a basic relayer and interfaces for Groth16 proofs.
• By February 2025, the project's software development kit (SDK) was established under the 0xbow namespace.
• On April 1, 2025, mainnet deployment addresses were added to the project's documentation, signaling preparations for a live launch on the Ethereum mainnet.
• A major protocol upgrade to the entrypoint contract was committed on May 21, 2025, with a sign-off from Ameen Soleimani.
• Further feature enhancements, including multi-hop swaps and reduced fees, were introduced in a commit on July 22, 2025.
• The project tagged version v1.1.1 as its latest release on September 2, 2025. ^[4]

Technology and Architecture

The 0xbow ecosystem is built around the Privacy Pools protocol, which combines zero-knowledge proofs, smart contracts, and an off-chain compliance component to facilitate private and compliant transactions.

Core Concepts

Privacy Pools

​Privacy Pools are smart contracts that accept deposits from multiple users into a common pool of funds. Users can later withdraw their assets to a new, unlinked address. The protocol breaks the deterministic on-chain link between the deposit and withdrawal addresses, providing transactional privacy. Unlike traditional mixers that combine all funds into a single anonymity set, Privacy Pools use Association Sets to allow users to selectively associate with compliant peers. ^[1]​

Proof of Association

Proof of Association is the core compliance primitive of the 0xbow system. It is a cryptographic proof that a user can generate to demonstrate that their deposited funds belong to a pre-vetted "Association Set" of compliant transactions. This allows the user to prove they are not co-mingling funds with illicit actors without revealing which specific deposit in the set is theirs, thus preserving privacy while providing a signal of compliance. ^[1]​

Association Set Provider (ASP)

The Association Set Provider (ASP) is the primary compliance engine within the Privacy Pools ecosystem. An ASP is an off-chain entity responsible for monitoring deposits, performing "Know Your Transaction" (KYT) screening, and curating one or more Association Sets of approved deposits. Because the ASP tool is open-source and modular, any entity—such as a compliance firm, a DAO, or an exchange—can run its own ASP to enforce a specific set of compliance rules. This allows for programmable and jurisdiction-aware compliance. ^{[2] [1]}​

Technical Mechanism

The protocol operates on a three-step deposit, vet, and withdraw model.

1. Deposit: A user deposits assets (such as ETH or an ERC20 token) into a Privacy Pool smart contract. This action is public on the blockchain.
2. Vetting: The ASP monitors new deposits in real-time. It uses KYT analytics and other screening methods to determine if the source of funds is legitimate. If a deposit is approved, it is added to the compliant Association Set.
3. Withdrawal: To withdraw, the user generates a zero-knowledge proof. This proof cryptographically validates two things: that the user is the owner of a valid deposit in the pool, and that their deposit is included in the ASP's approved Association Set. The user submits this proof to the smart contract, which verifies it and authorizes the withdrawal to a new address. This process confirms compliance without linking the withdrawal back to the original deposit. ^{[1] [2]}

System Architecture

The Privacy Pools protocol is designed with a three-layer architecture to separate on-chain logic, privacy-preserving cryptography, and compliance functions.

1. Contract Layer

This is the on-chain foundation of the protocol, comprising Solidity smart contracts that manage user assets and protocol state. Key components include:

• Entrypoint Contract: An upgradeable smart contract that acts as a registry and orchestrator for the various privacy pools operated by different ASPs.
• Asset-Specific Privacy Pools: A separate contract is deployed for each asset type (e.g., one for ETH, another for USDC). These contracts hold the deposited funds and manage the Merkle tree of deposits for that specific asset. ^[2]

2. Zero-Knowledge (ZK) Layer

This layer contains the cryptographic circuits and verifiers that ensure transaction privacy and validity. The circuits are written in Circom. Components include:

• Commitment Circuit: Used during the deposit phase to securely register a user's deposit commitment.
• Withdrawal Circuit: The core circuit that enables private withdrawals by generating the required zero-knowledge proof of ownership and association set membership.
• LeanIMT Circuit: A specialized circuit for efficiently handling the protocol's Merkle tree operations.
• On-Chain Verifiers: Smart contracts that verify the proofs generated by the ZK circuits. A withdrawal is only processed if the corresponding proof is successfully validated on-chain. ^[2]

3. Association Set Provider (ASP) Layer

This is an off-chain layer that handles the compliance mechanism. The ASP maintains and publishes a set of approved deposit identifiers, allowing withdrawal proofs to reference this set. This design keeps the computationally intensive and potentially sensitive compliance screening off the blockchain while allowing its results to be used for on-chain enforcement. ^[2]​

Key Protocol Features

• Partial Withdrawals: Users are not restricted to withdrawing the exact amount they deposited. The protocol supports partial withdrawals of any amount up to the total deposited sum.
• Multi-Asset Support: The architecture is designed to support both a blockchain's native currency (e.g., ETH) and various ERC20 tokens.
• Non-Custodial: Users retain full control over their funds through cryptographic commitments. Protocol operators or ASPs never take custody of user assets.
• Ragequit Mechanism: A critical failsafe feature. If a user's deposit is not approved by an ASP and is therefore excluded from the compliant Association Set, the user can execute a "ragequit." This function allows them to publicly withdraw their exact deposited funds back to the original address. This action sacrifices privacy to ensure that users can always retrieve their assets, preventing censorship by the ASP. ^[2]
• Open-Source Codebase: The protocol is licensed under Apache-2.0 and is structured as a monorepo containing packages for its circuits, contracts, a reference relayer, and a TypeScript SDK for developers. The technology stack includes TypeScript (55.0%), Solidity (38.5%), JavaScript (5.3%), and Circom (1.0%). ^[4]

Products and Use Cases

0xbow's technology is packaged into several products and is intended for a wide range of users and integrators within the crypto ecosystem.

Tornado Cash Proof of Association (PoA) Tool

As a specific application of its technology, 0xbow built a tool for legitimate past users of the sanctioned Tornado Cash protocol. This tool allows a user to generate a cryptographic proof demonstrating that their withdrawal from Tornado Cash was not linked to funds associated with known illicit actors (e.g., the Lazarus Group). The proof can be generated without revealing the user's original deposit note or private on-chain history, serving as a privacy-preserving method for users to demonstrate compliance to exchanges or other entities. ^[1]​

Target Audience and Integrations

0xbow's infrastructure is designed for several key participants:

• Individual Users: People seeking to protect their financial privacy on public blockchains while remaining compliant with regulations.
• Privacy Protocols: Other privacy-focused projects can integrate the open-source ASP as a modular compliance layer for their own systems.
• L1 & L2 Ecosystems: Blockchain networks can deploy native instances of Privacy Pools to offer a built-in, compliant privacy solution to their users.
• Enterprises and Institutions: Financial institutions can use customized deployments of 0xbow's technology to meet stringent internal and external regulatory requirements for on-chain activities. ^[1]

People and Organization

Developer: 0xbow is the primary developer of the Privacy Pools protocol, operating under the legal entity 0XBOW LTD. ^[2]​

Incubator: The project was incubated by NumberGroup. ^[1]​

Key People and Supporters:The development of the privacy-pools-core repository on GitHub lists 17 contributors.

• Ameen Soleimani: A prominent figure in the Ethereum community and co-founder of SpankChain and MolochDAO, Soleimani is a notable contributor to the project, with his signature appearing on key commits. ^[4]
• Advisors: The project lists Taylor Monahan, Nic Bax, and Oleksandr Brezhniev as advisors.
• Advocates and Supporters: 0xbow's approach has been acknowledged by several key figures and organizations in the blockchain industry, including Ethereum founder Vitalik Buterin, Zaki Manian (co-founder of Sommelier), BanklessVC, and public.works. ^[1]