Series → #relayerless-privacy

Relayerless privacy on a Turing-complete L1: an intro to F_RP

26 Apr 2026

A series-opening map of the relayerless full-privacy framework I've been writing up. Five cryptographic games, four constructions (SPST, PPST, TAB, UPEE), one main theorem — and why it matters that the target chain is Solana.
The fee paradox: why every smart-contract privacy mixer needs a relayer

28 Apr 2026

On account-model chains the very act of paying a transaction fee deanonymises the recipient. This post formalises the paradox, walks through three resolutions, and sets up the SPST construction that resolves it inside the ZK proof itself.
SPST: a self-paying shielded transaction model

30 Apr 2026

First construction in F_RP. The SPST relation, balance conservation under DLOG, double-spend resistance under collision-resistant PRF, unlinkability under DDH, simulation-extractable non-malleability.
PPST: extending SPST to arbitrary private computation

2 May 2026

F_RP Construction II. Generalises SPST to private programmable state: arbitrary arithmetic circuits over committed pre/post-state, with R1CS-embedded program execution and atomic PPST-SPST composition.
TAB: hiding the submitter with ring signatures and FROST

4 May 2026

F_RP Construction III. ZK proofs hide the contents but the wrapping Solana tx still leaks the submitter pubkey. TAB closes that gap with a Fujisaki-Suzuki ring signature and a FROST threshold Schnorr over Ed25519.
Bayer-Groth verifiable shuffles for network-layer privacy

6 May 2026

F_RP Construction III, Approach C. Bayer-Groth verifiable shuffles obscure the input→output permutation of a batch with O(√n) proof size — used to cascade-mix pre-broadcast batches at the network layer.
UPEE: composing SPST + PPST + TAB into one framework

8 May 2026

F_RP Construction IV. The five-algorithm tuple Setup/Deploy/Invoke/Verify/Finalize plus the simulation-based privacy theorem (3.12) and self-sovereignty theorem (3.13). The composition that makes the whole thing deployable.
Fitting F_RP in 656 bytes on Solana

10 May 2026

Concrete F_RP instantiation on Solana. Groth16 over BN254, Poseidon Merkle, indexed nullifier tree, BN254 Pedersen, transaction in 656 of 1,232 bytes, 235K of 1.4M CU.
F_RP vs Zcash, Tornado, RAILGUN, Aztec, Penumbra, Aleo, Namada, Monero

12 May 2026

F_RP vs nine deployed privacy systems on the four axes that matter: relayer-free, Turing-complete, on-chain verifiable on a high-perf L1, low-trust setup.
MEV resistance: why UPEE is sandwich-proof by construction

14 May 2026

Theorem 7.3 — UPEE transactions resist sandwich/frontrun/liquidation MEV by construction. Theorem 7.4 — block MEV bounded by public-bit leakage, not transaction value. Independent of V, not super-linear.

Series → #relayerless-privacy

# Relayerless privacy on a Turing-complete L1: an intro to F_RP

# The fee paradox: why every smart-contract privacy mixer needs a relayer

# SPST: a self-paying shielded transaction model

# PPST: extending SPST to arbitrary private computation

# TAB: hiding the submitter with ring signatures and FROST

# Bayer-Groth verifiable shuffles for network-layer privacy

# UPEE: composing SPST + PPST + TAB into one framework

# Fitting F_RP in 656 bytes on Solana

# F_RP vs Zcash, Tornado, RAILGUN, Aztec, Penumbra, Aleo, Namada, Monero

# MEV resistance: why UPEE is sandwich-proof by construction

Relayerless privacy on a Turing-complete L1: an intro to F_RP

The fee paradox: why every smart-contract privacy mixer needs a relayer

SPST: a self-paying shielded transaction model

PPST: extending SPST to arbitrary private computation

TAB: hiding the submitter with ring signatures and FROST

Bayer-Groth verifiable shuffles for network-layer privacy

UPEE: composing SPST + PPST + TAB into one framework

Fitting F_RP in 656 bytes on Solana

F_RP vs Zcash, Tornado, RAILGUN, Aztec, Penumbra, Aleo, Namada, Monero

MEV resistance: why UPEE is sandwich-proof by construction