Universal Private Pool
Privacy layer for any ERC20 token — shared anonymity pool with SNARK and post-quantum STARK proofs, stealth addresses, and compliance-ready ASP verification.
UPP — Universal Private Pool
@permissionless-technologies/upp-sdk
UPP is a privacy pool for any ERC-20 token. It solves a practical problem for institutions and developers: on-chain activity is fully public by default, making it impossible to transact confidentially on Ethereum. UPP wraps deposits in a shared Merkle tree — shielded transfers are cryptographically private, while compliance proofs can be generated on demand for regulated workflows.
UPP is a general protocol, not a product. It doesn't enforce rules about which tokens are supported or who can participate — that's up to the integrating platform. Every new integration contributes to a shared anonymity set, making privacy stronger for all users of the pool.
npm install @permissionless-technologies/upp-sdkWho Benefits
| Audience | Benefit |
|---|---|
| Users | Private balances, private transfers, protection from front-running and MEV |
| Institutions | Compliant private transactions via UPC, selective disclosure through viewing keys |
| Protocol developers | Drop-in privacy for any ERC20 via SDK — no custom contracts needed |
| Wallets | Privacy as a built-in feature (shield button next to send) |
| DEXes | Private swap orders that hide position size |
What It Can Do
- Multi-token privacy — All ERC20 tokens share one pool, one Merkle tree, one anonymity set. More users = more privacy for everyone.
- Dual proof system — PLONK SNARKs over BLS12-381 for everyday transfers (~200K gas, 128-bit security, EIP-2537 precompiles), Circle STARKs for post-quantum secure vault (~20M gas). Both coexist.
- Flexible operations — Shield, transfer, merge, split, withdraw.
- Stealth addresses — Hash-based ownership (Poseidon, no BabyJubJub curve), bech32m encoded. Recipients don't need to publish their address.
- Viewing keys — Per-transaction granular audit access. Share with auditors without compromising all transactions.
- Ragequit — Original depositors can always withdraw to their own address, even if all ASPs refuse.
- Merge-and-claim — Consolidate multiple received notes. Merger becomes the new compliance origin (bona fide purchaser).
What It Can't Do (By Design)
- Cannot provide privacy for ETH directly (ERC20 wrapper needed)
- Cannot hide the fact that you interacted with the pool (shielding/unshielding is visible on-chain)
- Cannot guarantee privacy if the anonymity set is small (needs adoption)
Differentiators
| Feature | UPP | Privacy Pools | Railgun | Tornado Cash |
|---|---|---|---|---|
| Multi-token | Single pool for all ERC20s | Per-token pools | Per-token | Fixed denominations |
| Compliance | On-chain ASP enforcement | ASP (similar) | PPOI (weaker) | None |
| Viewing keys | Per-transaction | No | Limited | No |
| Merge notes | Yes (2-in-1) | No | Limited | No |
| Post-quantum | STARK vault option | No | No | No |
| Fees | 0% | 0% | 0.5% round-trip | 0% |
| License | AGPL-3.0 | Apache 2.0 | UNLICENSED | GPL |
| SDK stack | viem/wagmi | N/A | ethers.js | N/A |
Quick Start
Quickstart
Install, shield, and transfer in under 5 minutes.
Core Concepts
Notes, stealth addresses, viewing keys, ASP compliance.
SDK Reference
Full API for createUPPClient, React hooks, and the note indexer.
STARK Vault
Post-quantum secure vault — field arithmetic, FRI, DEEP quotients.
Reusable Primitives
The following UPP components can be used independently:
| Primitive | Use Case |
|---|---|
| Stealth address generation | Any protocol needing recipient privacy |
| Note encryption/decryption (AES-GCM) | Any confidential data exchange |
| LeanIMT Merkle tree | Any Merkle membership proof |
| Poseidon hash wrapper | Any ZK application |
| Circle STARK verifier (Solidity) | Any Stwo-compatible prover |
UPP depends on @permissionless-technologies/upc-sdk for the ASP compliance layer.