Products Solutions Why Haycen About Us Resources
Get Started
TECHNOLOGY OVERVIEW

Haycen Money Privacy Architecture

A privacy-preserving stablecoin built on Avalanche, combining zero-knowledge proofs, elliptic curve encryption, and on-chain compliance tooling for confidential transactions without sacrificing regulatory requirements.

lock Explore the Cryptography Contact Our Experts
INTRODUCTION

Privacy Without Compromise

Haycen Money (hm) is a privacy-preserving stablecoin built on Avalanche. It combines zero-knowledge proofs, elliptic curve encryption, and on-chain compliance tooling to enable confidential transactions without sacrificing regulatory requirements.

Traditional stablecoins like USDC store balances in plaintext — anyone can look up how much any address holds. Haycen Money encrypts all balances and transaction amounts on-chain. When you send hm to someone, neither the amount you sent nor your resulting balance is visible to the public.

But encryption alone isn’t enough. The contract still needs to verify that senders have sufficient funds, that mint amounts are valid, and that the math adds up — all without ever seeing the actual numbers. This is where zero-knowledge proofs come in.

enhanced_encryption
On-Chain Encryption

All balances and amounts encrypted using BabyJubJub elliptic curve

verified_user
Zero-Knowledge Proofs

Groth16 zk-SNARKs verify correctness without revealing values

gavel
Compliance Built-In

PCT auditor encryption for authorised regulatory access

CRYPTOGRAPHIC FOUNDATIONS

Zero-Knowledge Proofs (Groth16)

A zero-knowledge proof lets you prove a statement is true without revealing the underlying data. Haycen Money uses Groth16, a well-established zk-SNARK (Zero-Knowledge Succinct Non-Interactive Argument of Knowledge) proving system.

When a user wants to mint, transfer, or burn tokens, they generate a proof locally on their device. This proof mathematically guarantees — for example — that the sender has enough balance to cover a transfer, without revealing the balance or the amount. The smart contract then verifies this proof on-chain in constant time.

Proof Circuits

Haycen Money uses four distinct proof circuits:

  • Registration — Proves ownership of a cryptographic key pair when registering to use the system.
  • Mint — Proves that a confidential mint operation is valid, using a nullifier to prevent double-minting.
  • Transfer — Proves the sender has sufficient encrypted balance to cover the transfer amount.
  • Burn — Proves that the amount being burned does not exceed the user’s encrypted balance.

Trusted Setup

Groth16 requires a one-time trusted setup ceremony to generate the cryptographic parameters used by each circuit. This is a two-phase process:

Phase 1 — Powers of Tau (shared across all circuits)

Haycen Money’s underlying circuits use parameters from the Hermez (iden3) Powers of Tau ceremony — a public, multi-party computation with hundreds of participants. The security guarantee is straightforward: as long as at least one participant was honest, the parameters are secure. This phase produces the shared alpha, beta, and gamma values used by all verifier contracts.

Phase 2 — Circuit-specific setup (unique per circuit)

Each circuit (mint, transfer, burn, registration) undergoes its own Phase 2, which encodes the circuit’s specific constraints into proving and verification keys. This produces the delta values — the circuit-specific component that differs between each verifier contract.

The result: each verifier contract has hardcoded cryptographic constants. The shared constants (alpha, beta, gamma) come from the public Hermez ceremony. The unique constants (delta) come from the circuit-specific Phase 2. No party holds a secret key that could forge proofs — that is the entire point of the ceremony.

These parameters can be independently verified:

snarkjs zkey verify <circuit>.r1cs powersOfTau28_hez_final_15.ptau <circuit>.zkey
hub
4 Proof Circuits

Registration, Mint, Transfer, and Burn — each with dedicated on-chain verifiers

Hermez Ceremony

Public multi-party computation with hundreds of participants ensuring no single party holds secret keys

ENCRYPTION

Elliptic Curve Encryption (BabyJubJub + EGCT)

Balances are encrypted using the BabyJubJub elliptic curve — a curve specifically designed for efficient computation inside zk-SNARK circuits. Each user registers a BabyJubJub public key, which becomes their encryption key for the system.

Encrypted amounts are stored on-chain as EGCT (ElGamal Ciphertext) structures — pairs of elliptic curve points. This encryption scheme is partially homomorphic, meaning the contract can add encrypted values together without decrypting them. When you receive a transfer, the contract adds the encrypted amount directly to your encrypted balance. Only the holder of the corresponding private key can decrypt and read their actual balance.

COMPLIANCE

Auditor Compliance (PCT)

Every operation includes a Partially Commutative Threshold (PCT) value encrypted to a designated auditor’s public key. This gives authorised auditors the ability to decrypt transaction metadata for compliance and regulatory purposes — without exposing that information to the public or requiring users to reveal their balances.

When an auditor’s public key is set, the contract validates that it lies on the BabyJubJub curve before storing it. An off-curve key would silently produce unrecoverable PCT ciphertext — this on-chain check prevents that failure mode.

This is the mechanism that bridges privacy with regulatory requirements: users transact confidentially, but authorised auditors retain the ability to verify amounts when legally required.

functions
Homomorphic

Encrypted values can be added together on-chain without decryption

admin_panel_settings
PCT Auditing

Designated auditors can decrypt transaction metadata without exposing it publicly

ARCHITECTURE

Smart Contract Architecture

Inheritance Model

Haycen Money is built on top of EncryptedERC, an open-source privacy protocol developed by Ava Labs. Rather than wrapping EncryptedERC as an external dependency, HaycenMoney directly inherits its building blocks:

  • TokenTracker — Token registration and metadata management.
  • EncryptedUserBalances — Encrypted balance storage, addition, and subtraction.
  • AuditorManager — Auditor public key management for compliance.
  • EncryptedMetadata — Encrypted metadata support for token operations.

This direct inheritance approach gives Haycen Money full control over the token lifecycle while leveraging battle-tested cryptographic primitives.

Standalone Token

Unlike wrapped privacy tokens that add a confidential layer on top of an existing ERC-20, Haycen Money operates as a standalone token. hm is minted and burned natively — there is no underlying public token to wrap or unwrap. This simplifies the trust model and eliminates an entire class of bridge-related risks.

Allowlist

All token operations — minting, transferring, and burning — require both the sender and recipient to be on an allowlist. This is managed through a dedicated AllowlistRegistry contract, providing a compliance gate that ensures only verified participants can interact with hm.

If a user is removed from the allowlist (e.g. for sanctions compliance), the contract owner can force-reset their encrypted balance via forceResetBalance(). This zeroes the on-chain ciphertext and invalidates all pending balance history — an irreversible compliance mechanism for de-listed addresses.

User Registration

Before participating in any token operation, users must register their BabyJubJub public key with the HaycenRegistrar contract. This registration is verified by a zk-SNARK proof confirming ownership of the corresponding private key. The registered public key is then used for all subsequent encrypted operations.

ACCESS CONTROL
Owner

Top-level authority. Assigns Admin, Master Minter, and Pauser. Two-step transfer.

Admin

Sets the auditor’s public key for compliance monitoring.

Master Minter

Configures minter addresses and per-minter operation limits.

Pauser

Emergency pause and unpause for all token operations.

Allowlist Manager

Controls permitted addresses. Batch capped at 200 per transaction.

Emergency Admin

Can reassign Allowlist Manager if key is lost or compromised.

Registrar Admin

Clears BabyJubJub key registrations for supervised recovery.

INFRASTRUCTURE

Deployment Infrastructure

Blockchain

Haycen Money is deployed on Avalanche C-Chain, an EVM-compatible blockchain offering high throughput and low transaction costs — both important for a system where each operation includes on-chain proof verification.

A full deployment consists of nine contracts:

  1. BabyJubJub — Library for elliptic curve operations, linked to contracts that need point arithmetic.
  2. RegistrationVerifier — Groth16 verifier for user registration proofs.
  3. MintVerifier — Groth16 verifier for confidential mint proofs.
  4. TransferVerifier — Groth16 verifier for private transfer proofs.
  5. BurnVerifier — Groth16 verifier for private burn proofs.
  6. WithdrawVerifier — Groth16 verifier inherited from EncryptedERC (not actively used in standalone mode).
  7. HaycenRegistrar — Manages user BabyJubJub public key registration with zk-SNARK proof verification.
  8. AllowlistRegistry — Manages the set of addresses permitted to interact with hm.
  9. HaycenMoney — The token contract itself, wiring everything together.
token
Avalanche C-Chain

EVM-compatible with high throughput for on-chain proof verification

deployed_code
9 Contracts

Full deployment with dedicated verifiers for each proof circuit

SUMMARY

Technology Stack at a Glance

Layer Technology Purpose
Balance Privacy BabyJubJub + EGCT Encryption Balances and amounts encrypted on-chain
Transaction Validity Groth16 zk-SNARKs Proves correctness without revealing values
Compliance PCT Auditor Encryption Authorised auditors can verify amounts
Access Control Allowlist + Role Hierarchy Only verified participants can transact
Trusted Setup Hermez Powers of Tau + Circuit Phase 2 Cryptographic parameters with no secret holders

The result is a stablecoin where transactions are confidential by default, verifiable by authorised parties, and secured by well-established cryptographic guarantees — deployed on Avalanche for the throughput and cost profile that on-chain proof verification demands.

Want to Learn More?

Speak with our team about how Haycen Money’s privacy architecture enables compliant confidential transactions for institutional use cases.

Contact Our Experts arrow_forward Technical Documentation library_books

Haycen does not provide services or products in jurisdictions where the provision of such requires a license and accordingly makes no offer of any kind (including with respect to digital assets and/or securities) to persons from such jurisdictions. By continuing to view this website, you acknowledge that you are doing so on your own accord, without any solicitation from Haycen.

Subscribe to Updates

Subscribing you to updates...

Validation Error