Project Documentation / 工程文档
A bilingual engineering document for the deployed confidential qualified-yield marketplace demo.
Privyields is a confidential qualified-yield marketplace demo. It shows how a user can prove eligibility, allocate encrypted capital to a yield product, receive encrypted reward accounting, decrypt their own reward locally, and claim confidential cUSDC.
The project is intentionally split into two privacy layers: ZK is used for qualification, while Zama FHE is used for allocation and reward state.
MockUSDC is the public demo asset used for funding and approvals.
ConfidentialUSDC wraps public USDC into a confidential fungible token rail.
MockQualifiedInvestorRegistry stores the demo proof commitment and qualified wallet state.
YieldProductMarket holds the product list, APR data, and vault relationship.
ConfidentialYieldVault receives encrypted deposits, tracks encrypted principal and rewards, and pays encrypted cUSDC claims.
The user submits a demo asset-threshold proof commitment for assets greater than or equal to 1,000,000 USDC.
The user mints mock USDC, approves the wrapper, and wraps public USDC into cUSDC.
The frontend encrypts the deposit amount with the Zama Relayer SDK and calls confidentialTransferAndCall on cUSDC.
The vault receives the encrypted amount through the callback, records encrypted principal, accrues encrypted rewards from the published APR, and lets the user request decrypt access.
The user decrypts their own reward handle through the relayer SDK and claims encrypted cUSDC.
The web app is a Next.js operating console. It exposes wallet connection, qualification, market selection, mint and wrap controls, encrypted deposit, APR publishing, reward decrypt, and reward claim actions.
The deployed production app runs behind Caddy at https://privyields.xyz/ and proxies to a Next production server on 127.0.0.1:3000.
The current deployment script syncs the repository to the server, installs dependencies with npm ci, compiles contracts, starts a local Hardhat demo chain, deploys contracts, writes .env.local, builds Next.js, and starts next start.
This is a production Next.js runtime, not next dev. It is not yet a pure static artifact upload. A static export path would require changing the frontend to output an out/ directory and adjusting Caddy back to file_server.
NEXT_PUBLIC_MOCK_USDC, NEXT_PUBLIC_CUSDC, NEXT_PUBLIC_MARKET, NEXT_PUBLIC_VAULT, and NEXT_PUBLIC_QUALIFICATION_REGISTRY are written after contract deployment and embedded into the Next build.
For Sepolia deployments, Hardhat variables must include MNEMONIC and INFURA_API_KEY.
The current qualification registry is a demo mock, not a production verifier.
The local-server deployment is useful for a controlled demo, but browser wallets cannot reach a private 127.0.0.1 RPC unless the user uses an SSH tunnel or the RPC is intentionally exposed for a short demo.
The production-ready path should use a real ZK verifier, live Zama-compatible network configuration, stronger role management, monitoring, and a clear custody model for yield strategies.
Privyields 是一个隐私合格投资收益市场 demo。它展示用户如何证明自己满足准入门槛,在不公开配置金额的情况下把资金投向收益产品,并在本地解密自己的收益结果。
项目把隐私拆成两层:ZK 用于资格证明,Zama FHE 用于加密配置金额、加密本金和加密收益记账。
MockUSDC 是 demo 里的公开资产,用于铸造、授权和包装。
ConfidentialUSDC 把公开 USDC 包装成 confidential fungible token,也就是 cUSDC。
MockQualifiedInvestorRegistry 保存 demo proof commitment,并记录钱包是否通过资格验证。
YieldProductMarket 管理收益产品列表、APR 数据和 vault 关系。
ConfidentialYieldVault 接收加密存款,记录加密本金和加密收益,并支持用户提取加密 cUSDC。
用户提交一个 demo 资产门槛证明 commitment,声明资产大于等于 1,000,000 USDC,但不披露具体资产数额。
用户铸造 mock USDC,授权 wrapper,然后把公开 USDC 包装为 cUSDC。
前端使用 Zama Relayer SDK 加密存款金额,并调用 cUSDC 的 confidentialTransferAndCall。
Vault 在 callback 中收到加密金额,记录加密本金,根据产品 APR 计提加密收益,并允许用户请求 reward decrypt 权限。
用户通过 relayer SDK 解密自己的 reward handle,并提取加密 cUSDC。
前端是一个 Next.js 控制台,包含钱包连接、资格证明、产品选择、mint/approve/wrap、加密存款、APR 发布、收益解密和收益提取。
线上访问地址是 https://privyields.xyz/。Caddy 负责 HTTPS 入口,并反向代理到服务器上的 Next production server:127.0.0.1:3000。
当前部署脚本会把仓库同步到服务器,在服务器上执行 npm ci、编译合约、启动本地 Hardhat demo 链、部署合约、写入 .env.local、构建 Next.js,然后用 next start 启动生产服务。
这不是 next dev,而是 Next.js production runtime。它也不是纯静态发布产物上传。如果要改成纯静态部署,需要让 Next 输出 out/ 目录,并把 Caddy 改回 file_server。
NEXT_PUBLIC_MOCK_USDC、NEXT_PUBLIC_CUSDC、NEXT_PUBLIC_MARKET、NEXT_PUBLIC_VAULT、NEXT_PUBLIC_QUALIFICATION_REGISTRY 会在合约部署后写入,并在 Next build 时嵌入前端。
如果部署到 Sepolia,需要配置 Hardhat vars:MNEMONIC 和 INFURA_API_KEY。
当前 qualification registry 是 mock,不是生产级 verifier。
server-local 部署适合可控 demo,但浏览器钱包无法直接访问服务器本机的 127.0.0.1 RPC,除非用户使用 SSH tunnel,或短时间有意暴露 RPC。
生产化路线需要接入真实 ZK verifier、真实 Zama 兼容网络配置、更严格的角色权限、监控告警,以及清晰的收益策略资金托管模型。