Stabletrust

Private payment infrastructure for EVM chains. Encrypt token balances and transfer amounts on-chain — invisible to block explorers, accessible only to the owner.


What is Stabletrust?

Stabletrust is a confidential payment layer for EVM chains. It wraps standard ERC-20 tokens in an encrypted balance system. Once tokens enter the confidential layer, their amounts are hidden on-chain and opaque to block explorers.

It uses twisted ElGamal homomorphic encryption and zero-knowledge proofs to enable private transfers without revealing balances or destinations. All cryptographic operations happen client-side via a WASM module bundled in the SDK.

The SDK ships two clients. Choose based on your privacy requirements.

Two clients

Comparison

FeatureConfidentialAnonymous
Identity on-chainWallet address visibleAccount ID only
Amount visibilityEncryptedEncrypted
GasUser paysRelay pays (except deposits)
InfrastructureDirect RPCFairycloak relay required
RecipientMust have a confidential accountAny account or public address
Best forEncrypted amounts, known senderFull sender anonymity

Installation

Both clients ship in the same package:

bash
npm install @fairblock/stabletrust ethers

Supported networks

Both clients share the same contract on every chain. Pass the chain ID and the address resolves automatically.

NetworkChain ID
Base Sepolia84532
Stable Testnet2201
Arc5042002
Ethereum Sepolia11155111
Arbitrum Sepolia421614
Tempo42431

Testnet only. Do not use with mainnet assets.

REST API

No SDK required. POST JSON to HTTPS endpoints. Designed for AI agents and server-side integrations where you need to avoid bundling WASM.

View API reference

Security

Private keys

Never log or expose private keys. Store them in environment variables or encrypted vaults. The ElGamal private key returned by the anonymous client is equally sensitive — treat it the same as a wallet key.

Network

Use HTTPS-only RPC endpoints. Verify the contract address against the table in this page before initializing, especially on custom deployments.

Recipients

Confirm the recipient has an initialized account before transferring. For the confidential client, check with getAccountInfo(). For the anonymous client, check with getAnonymousAccountInfo().

Error handling

Catch errors from all SDK methods. Never include private key values in error logs or telemetry. Implement retry logic for transient network failures.

Resources