Smart Contract Engineer at Wonderland.

Nov 2025 - Jul 2026

Privacy Pools v2 is a ZK proof-of-innocence DeFi protocol for private Ethereum payments. It extends the original deposit-and-withdraw privacy pool model into a private UTXO-style payment system: users can deposit assets, transfer notes privately inside the pool, and later withdraw without revealing the link between the deposit, internal transfers, and withdrawal.

The core idea is that every deposit creates a private note commitment and a hidden lineage label. The commitment goes on-chain, while the label is used to prove that the funds belong to an approved association set without publicly linking a transfer history back to the original deposit. Spending a note requires a zero-knowledge proof that the user owns the note, that it has not been spent before, that value is conserved, and that the note's label is accepted by the ASP compliance set.

The protocol supports private internal transfers, public withdrawals, relayed execution, key registration/rotation, multi-asset notes, recipient note discovery, and a ragequit escape hatch. ragequit lets users recover funds even if ASP approval is unavailable, sacrificing privacy instead of risking permanent loss of assets.

I worked from the technical design, reviewed it, and implemented the protocol with another engineer. My work covered the smart contract implementation, the testing suite, and security hardening before and after external audits.

Testing work included unit tests, integration tests, and fuzzing campaigns. After the audits, I helped work through the findings and implemented fixes to harden the protocol.