Hackathon Track: Private Payments ($15,000 Prize)
Offline, unlinkable SPL token transfers via Bluetooth mesh. Two phones in airplane mode can exchange value that settles on Solana with zero on-chain correlation between sender and receiver.
First stealth address implementation for Solana + First offline payment system for Solana
- Stealth Addresses: EIP-5564 adapted for ed25519/Solana - one-time addresses derived from receiver's meta-address
- Post-Quantum Security: Hybrid X25519 + ML-KEM 768 (NIST FIPS 203) using Apple CryptoKit
- Offline Mesh Payments: BLE mesh with store-and-forward and automatic settlement when online
- E2E Encrypted Chat: Double Ratchet with post-quantum hybridization over mesh
Sender derives a one-time stealth address from receiver's public meta-address. The transaction destination has zero on-chain link to the receiver's identity.
Receiver generates: M (spending) + V (viewing) → meta-address
Sender derives: P_stealth = M + SHA256(ECDH(r, V))*G
Include ephemeral R in memo → receiver scans and recovers
Optional ML-KEM 768 hybridization provides quantum resistance while maintaining classical security:
- Combined secret:
S = SHA256(S_classical || S_kyber) - 66% faster scanning than pure ECDH per arxiv.org/abs/2501.13733
- Uses Apple CryptoKit MLKEM768 (iOS 26+) - no external dependencies
- CoreBluetooth peer discovery and message relay
- TTL-based flooding with message deduplication
- Store-and-forward queue for offline peers
- Automatic settlement when connectivity restored
- Double Ratchet protocol (Signal-style)
- Post-quantum hybridization (X3DH + ML-KEM)
- Perfect forward secrecy and post-compromise security
- Works entirely over BLE mesh - no internet required
- Privacy Cash and ShadowWire protocol support
- WebView bridge for protocol interaction
- Automatic mixing with 1-5 hops before settlement
Interactive radar visualization showing nearby mesh peers with RSSI-based positioning and PQ capability indicators.
- Tap nearby peer on radar
- Request their meta-address (automatic)
- Enter amount and send
- Payment queued for mesh delivery
- Auto-settles when either device comes online
- Shield: Move SOL from main wallet to stealth addresses
- Unshield: Consolidate stealth payments back to main wallet
- Activity feed with PQ badges for quantum-resistant transactions
- iOS 26+ (required for CryptoKit MLKEM768)
- Xcode 16+
- Two iOS devices with Bluetooth for mesh testing
- Solana Devnet (automatic airdrop available)
git clone https://github.com/Spizzerp/smesh.git
cd smesh/MeshStealth
open MeshStealth.xcodeproj- Select your development team in Signing & Capabilities
- Build and run on two physical iOS devices
- Tap "Request Airdrop" to get devnet SOL
- Discover each other on the mesh radar
- Send a stealth payment!
cd MeshStealth/Packages/StealthCore
swift test┌─────────────────────────────────────────────────────────────┐
│ iOS App │
│ ┌─────────────┐ ┌─────────────┐ ┌─────────────────────┐ │
│ │ WalletView │ │ RadarView │ │ ChatView │ │
│ └──────┬──────┘ └──────┬──────┘ └──────────┬──────────┘ │
│ │ │ │ │
│ ┌──────┴────────────────┴─────────────────────┴──────────┐ │
│ │ ViewModels │ │
│ │ WalletViewModel │ MeshViewModel │ ChatViewModel │ │
│ └──────────────────────────┬──────────────────────────────┘ │
└─────────────────────────────┼────────────────────────────────┘
│
┌─────────────────────────────┼────────────────────────────────┐
│ StealthCore Package │
│ ┌──────────────────────────┴──────────────────────────────┐ │
│ │ MeshNetworkManager (Coordinator) │ │
│ └──────────────────────────┬──────────────────────────────┘ │
│ ┌───────────────────┼───────────────────┐ │
│ ▼ ▼ ▼ │
│ ┌─────────────┐ ┌─────────────┐ ┌─────────────────┐ │
│ │ BLEMeshSvc │ │ StealthWallet│ │ SettlementSvc │ │
│ │ (CoreBT) │ │ Manager │ │ (Auto-settle) │ │
│ └──────┬──────┘ └──────┬───────┘ └────────┬────────┘ │
│ │ │ │ │
│ ┌──────┴──────────────────┴─────────────────────┴────────┐ │
│ │ Crypto Layer │ │
│ │ SodiumWrapper │ MLKEMWrapper │ DoubleRatchetEngine │ │
│ └──────────────────────────┬──────────────────────────────┘ │
└─────────────────────────────┼────────────────────────────────┘
│
▼
┌─────────────────┐
│ Solana Devnet │
│ (Helius RPC) │
└─────────────────┘
import StealthCore
// Generate keypair with post-quantum support
let keyPair = try StealthKeyPair.generate(enablePostQuantum: true)
// Share meta-address via QR code
let metaAddress = keyPair.hybridMetaAddressString// Derive one-time address from meta-address
let result = try StealthAddressGenerator.generateStealthAddressAuto(
metaAddressString: recipientMetaAddress
)
// result.stealthAddress - transaction destination
// result.ephemeralPublicKey - include in memo
// result.isHybrid - whether PQ was usedlet scanner = StealthScanner(keyPair: myKeyPair)
// Scan transaction
if let payment = try scanner.scanTransaction(
stealthAddress: destination,
ephemeralPublicKey: memoData,
mlkemCiphertext: ciphertext // optional for hybrid
) {
// payment.spendingPrivateKey can sign from stealth address
}| Threat | Mitigation |
|---|---|
| Relay reads payment | Payload encrypted to recipient's viewing key (AES-256-GCM) |
| Relay modifies tx | Transaction pre-signed; tampering invalidates signature |
| Replay attack | Message IDs + deduplication cache (1-hour TTL) |
| Quantum adversary | Hybrid X25519 + ML-KEM 768 (NIST Level 3) |
| Key extraction | iOS Keychain with kSecAttrAccessibleWhenUnlockedThisDeviceOnly |
| Device compromise | Biometric auth for spending operations |
- Swift 5.9+ / iOS 26+ deployment target
- SwiftUI with MVVM architecture
- CoreBluetooth for BLE mesh networking
- CryptoKit for X25519, AES-256-GCM, SHA256, MLKEM768
- swift-sodium-full for ed25519 point arithmetic
- Solana.Swift for blockchain interaction
- EIP-5564: Stealth Addresses
- Post-Quantum Stealth Address Protocols
- NIST FIPS 203: ML-KEM Standard
- Apple CryptoKit MLKEM768
MIT License - see LICENSE for details.
Built for the Solana Private Payments Hackathon