Hinkal is a zk-protocol designed for institutional use that facilitates discreet on-chain transactions. It allows for the creation of shielded addresses and enables liquid funds and retail users to transact on major decentralized applications (dApps) without concealing the origin, destination, and value of the transactions. ^[1]

Overview

Hinkal allows the acceptance of ETH/ERC-20 tokens as deposits. These tokens can subsequently be swapped, staked, yield-farmed, transferred, or withdrawn without associating them with the original deposit address. Users are provided with a shielded address where their tokens are stored post-deposit. ^[2]

Hinkal employs zkSNARKs to facilitate discreet transactions, enabling users to verify the validity of a transaction without disclosing key details such as the origin and destination addresses or the transaction amount. To manage overhead gas fees and slippage, Hinkal utilizes stealth addresses. The token amounts involved are determined prior to transaction submission, with the user covering the transaction costs. Stealth addresses are generated before the transaction swap, allowing the protocol to execute the transaction, cover the associated costs, and return any difference between the expected and actual cost to the user’s shielded address. ^[2]

Hinkal is available on the Ethereum, Arbitrum, Optimism, Base, Polygon, BNB Chain, and Avalanche mainnets. ^[3]

Supported wallets include Metamask, Coinbase Wallet, and any injected wallet like Rabby. It also integrates WalletConnect, enabling users with compatible wallets, including those used by institutional investors, to interact with Hinkal. ^[4]

Transactions

Hinkal facilitates discreet transactions on major dApps. The team has integrated Odos, Uniswap, 1inch, Curve, Convex, Beefy, Lido, and Pendle. ^[5]

Deposits

For depositing, users can choose any amount of ETH or ERC-20 token. Deposits convert ERC tokens into a token commitment of the same value, associated with the Hinkal public key of the intended commitment owner. Successful deposits store the commitment in the Merkle Tree smart contract. Hinkal does not charge commissions for deposits. ^[6]

Swaps

Hinkal Swaps enable users to discreetly exchange ERC-20 tokens using relayers and APIs from Odos, Uniswap, and 1inch. When a user initiates a swap, they generate a zk-proof confirming their eligibility to exchange assets. The swap transaction appears to come from the relayer's address to the Hinkal Pool smart contract. Hinkal Pool then executes the swap using Odos, Uniswap, or 1inch’s Smart Contract. If the swap fails, the transaction is reverted, preventing additional commitments or nullifiers. The protocol's UTXO-based model requires the swapped amount to be known during zk-proof generation, but the number of other swap transactions in the current block remains unknown, resulting in varying slippage for users and relayers. ^[7]

Staking, Yield Farming and Trading

Hinkal Yield Farming allows users to deposit tokens in liquidity pools, stake those tokens for rewards, and discreetly unstake and withdraw tokens using Relayers. Currently, Hinkal supports Curve, Convex, Lido, and Beefy pools, with plans to add more in the future. ^[8]

When users want to interact with a liquidity pool, they generate zk-proof to confirm eligibility for the action. To claim rewards, they generate zk-proof demonstrating entitlement to a specific amount of funds. The relayer then executes the transaction. ^[8]

During the transaction, Hinkal Pool calls Curve, Convex, Lido, or Beefy’s Smart Contract. If the operation fails, the entire transaction is reverted, preventing additional commitments and nullifiers from being created. ^[8]

Similar to Yield Farming, Hinkal allows users to execute Yield Trading strategies discreetly by integrating Pendle. Pendle's Smart Contract handles all transaction logic for token swaps, mints, redeems, and reward claims via the External Action contract. YT tokens, being interest-bearing, are first wrapped and then stored in the Hinkal Pool smart contract. ^[8]

As the protocol follows a UTXO-based model for commitments and nullifiers, the amount of reward the user wishes to claim must be known during zk-proof generation. However, at the time of transaction submission, the number of other transactions in the current block remains unknown. ^[8]

Technology

Keys and Shielded Addresses

Each Hinkal account consists of two main components: the viewing keypair and the spending keypair. The viewing keypair is used to decrypt the commitments owned by the user, while the spending keypair is used to transfer notes from the associated account to other accounts. ^[9]

The viewing key is used to scan the blockchain for UTXOs or commitments belonging to its owner. Once decrypted, these can be used in proof generation alongside the spending key. The spending key, on the other hand, is used to prove ownership of those UTXOs, enabling the user to spend them. It also participates in proof generation. Hinkal accounts are created from Ethereum accounts by having the user sign a message, from which the Hinkal keys are derived. This process ensures that anyone with access to their Ethereum account can access their Hinkal account by signing a message. ^[9]

Nullifiers and Commitments

Each time a user performs a transaction with Hinkal, the browser wallet computes a Zero Knowledge Proof (ZKP) and creates or nullifies a commitment. A commitment is a cryptographic technique that allows a user to commit to a chosen value while keeping it hidden from others, with the ability to reveal the value later. Commitments are created and spent during deposits, transfers, and swaps. A nullifier is generated through a one-way hash function of a commitment and a shielded private key. When a transaction is made, a commitment is nullified and recorded on-chain. This mechanism ensures that commitments cannot be reused. ^[10]

Use Cases

Use cases include: ^[11]
Institutional Use Cases

1. Discreet On-Chain Strategies: Institutions can implement on-chain strategies without market visibility, preventing copytrading and frontrunning, and protecting LPs' interests.
2. Discreet Liquidation of Tokens: Venture capitalists and protocol treasuries can liquidate tokens discreetly, with tokens sent directly to shielded addresses, concealing both recipient and liquidator identities.
3. Payments/Transfers: Facilitates secure and private payments and transfers.
4. Asset Security: Enhanced security for substantial asset holdings, reducing the risk of targeting by hackers.

Retail Use Cases

1. Token Reception for Teams: Teams can receive tokens directly to shielded addresses, ensuring privacy.
2. Yield-Farming Privacy: Yield-farmers can obfuscate wallet connections, maintaining privacy in their activities.
3. Payments/Transfers: Enables secure and private payments and transfers.
4. Asset Security: Protects individual asset holders from being targeted by hackers.

Funding

Hinkal was developed at Stanford, with investment support from Draper Associates, SALT, Psalion, No Limit Holdings, PEER VC, Aquanow, Draper Dragon, NGC Ventures, Orange DAO, Web3.com Ventures, Quantstamp, Superblock, and individual investors from Animoca, Menlo Ventures, and Bitfury. ^[12]