A simple payment app that works on Solana with Private Ephemeral Rollup (PER).
A Private Ephemeral Rollup (PER) is a variant of MagicBlock Ephemeral Rollup (ER), that runs the validator inside a Trusted Execution Environment (TEE), specifically Intel Trust Domain Extension (TDX), to provide privacy and auditability.
PER operators can configure a middleware that enables user-specific READ/WRITE permissions on Solana account level:
- Fine-grained Privacy Control on individual Solana accounts and account groups
- Simple Authentication via Session Keys after signing challenge with private key
- Customizable Permissions are stored, enforced, modifiable through on-chain permission program and metadata accounts.
For operators:
- Configure READ/WRITE permission settings through on-chain Permission Program
- Manage groups for role-based access control
- Apply permissions to specific program instructions and on individual accounts
For users:
- Deposit token amount into deposit account on Solana
- Delegate deposit account to private ephemeral rollup
- Make a private transfer to any address on private ephemeral rollup
- Undelegate and withdraw token amount into deposit account on Solana
User Authentication Flow:
- User signs a challenge using their private key for authentication.
- Middleware verifies the signature and then generates a session key.
- PER authorize subsequent READ/WRITE requests based on validity of the session key.
A Private Ephemeral Rollup ensures only permissioned users can view and debit an account’s balance, while still allowing anyone to credit it.
A typical interaction will go as follows (illustrated below):
For operators:
- Payment provider configures on-chain READ/WRITE permission settings for internal team, merchants (clients) and users.
- Payment provider creates on-chain roles on PER such as internal team group and merchant-specific groups.
- Payment provider enables READ permissions on delegated accounts for specific roles, while users retain READ/WRITE permission on their own delegated accounts.
For users:
- Bob deposits 100 USDC into his deposit account on Solana
- Bob conceals his deposit account by delegating to PER
- Bob makes a private transfer to Alice on PER
- Alice can continue receiving and sending transfers privately on PER until she decides to undelegate and reveal her balance on Solana.
NOTE: this program is for demonstration purposes and can be further tailored to the developer's needs.
A crypto payments provider can enable private payments for its clients (e.g. merchants). These transactions are executed on the blockchain and compatible to Solana. Users can make payments from Solana to the provider's PER, who can then settle payments to the merchant privately. Any subsequent payment can happen directly on the PER.
Benefits:
- No information is leaked regarding which merchant the user is buying from
- Reduced fees for merchants as the transfers are executed using an Ephemeral Rollup
- Using on-ramps and abstracted wallets can make the transactions even more seamless and cheap for the user
yarn install
cd frontend
yarn installcd frontend
yarn devThe program is already deployed on devnet.
- Create a test token account
- Identify as a user
- Add the address of the recipient
- Transfer an amount of token
Clicking the transfer button automatically handles creating deposits, depositing the amount, delegating and making the private transfer.
You must have a MagicBlock validator and a test validator running locally:
- In MagicBlock validator's repo:
cargo run -- --remote-url http://localhost:8899 --remote-ws-url ws://localhost:8900 --rpc-addr 0.0.0.0 --rpc-port 7799 solana-test-validator
anchor test --skip-local-validator