Skip to main content

Documentation Index

Fetch the complete documentation index at: https://docs.cloak.ag/llms.txt

Use this file to discover all available pages before exploring further.

Canonical data shape

Both Transact and TransactSwap use:
  • proof_bytes: 256-byte Groth16 proof
  • public_inputs: 264-byte packed blob
Public input layout:
  • root[32]
  • publicAmount[8] (signed LE)
  • extDataHash[32]
  • mintAddress[32]
  • nullifiers[64]
  • commitments[64]
  • chainNoteHash[32]

Deposit flow (publicAmount > 0)

  1. SDK creates output UTXOs and generates proof inputs.
  2. SDK resolves Merkle data from chain.
  3. Transaction is submitted (direct signer path for deposit variants).
  4. Program verifies proof and appends commitments to the tree.
  5. SDK resolves commitment index and persists local proof context.

Withdraw/transfer flow

  1. SDK builds 2-in/2-out witness and computes nullifiers.
  2. SDK optionally ensures viewing-key registration.
  3. SDK submits the proof + public inputs and the resulting on-chain transaction lands.
  4. Program rejects reused nullifiers and enforces amount/fee constraints.
  5. Client polls transaction status until completed or failed.

Swap flow

  1. SDK generates proof for withdraw-like step with swap params.
  2. TransactSwap (Tx1) opens SwapState.
  3. Settlement path (Tx2) executes the swap and validates output min amount.
  4. Status includes swap_phase, signatures, and error context.
  5. Timeout/close paths can reclaim state if settlement cannot complete.

Reliability behaviors

  • Stale root retries: SDK regenerates proofs when root history moved
  • Recovery operations: bots can withdraw indexed historical deposits