Project Summary Project Sentinel is a privacy firewall for Zcash that leverages the CipherScan API to automatically detect and quarantine malicious transparent dust, providing Zodl users with real-time identity protection.
The Problem Dusting attacks on transparent addresses remain a primary way for bad actors to “unmask” Zcash users. If a user accidentally includes a tiny “poisoned” transaction when moving funds to the shielded pool, their privacy is compromised. Currently, most wallets have no way to auto-filter these tracking tokens.
The Solution We are building a “Security Guard” for Zodl:
A Risk-Scoring API: Powered by the newly funded CipherScan data, this API flags suspicious transactions in milliseconds.
A Rust Middleware: A plug-and-play module for wallet developers (Zodl, YWallet) to automatically “freeze” dust.
Privacy Health Dashboard: A simple web tool where users can scan their public addresses for tracking attempts.
Budget & Team
Total Request: $9,990
Team: 2 Developers (Rust & API Specialists)
Duration: 2 Months
Milestones: 3 (Brain, API, Wallet Demo)
Why Project Sentinel? By building on top of the community’s recent investment in CipherScan and targeting the new Zodl wallet, we are maximizing the impact of Zcash’s current technology stack (Z3). We believe privacy should be automatic, not something you have to study for.
opened 09:05AM - 26 Feb 26 UTC
### Terms and Conditions
- [x] I agree to the [Grant Agreement](https://9ba4718… c-5c73-47c3-a024-4fc4e5278803.usrfiles.com/ugd/9ba471_f81ef4e4b5f040038350270590eb2e42.pdf) terms if funded
- [x] I agree to [Provide KYC information](https://9ba4718c-5c73-47c3-a024-4fc4e5278803.usrfiles.com/ugd/9ba471_7d9e73d16b584a61bae92282b208efc4.pdf) if funded above $50,000 USD
- [x] I agree to disclose conflicts of interest
- [x] I agree to adhere to the [Code of Conduct](https://forum.zcashcommunity.com/t/zcg-code-of-conduct/41787) and [Communication Guidelines](https://forum.zcashcommunity.com/t/zcg-communication-guidelines/44284)
- [x] I understand all milestone deliverables will be validated and accepted by their intended users or their representatives, who will confirm that the deliverables meet the required quality, functionality, and usability for each user story.
- [x] I agree that for any new open-source software, I will create a `CONTRIBUTING.md` file that reflects the high standards of Zcash development, using the [`librustzcash` style guides](https://github.com/zcash/librustzcash/blob/main/CONTRIBUTING.md#styleguides) as a primary reference.
- [x] I understand when contributing to existing Zcash code, I am required to adhere to the project specific contribution guidelines, paying close attention to any [merge](https://github.com/zcash/librustzcash/blob/main/CONTRIBUTING.md#merge-workflow), [branch](https://github.com/zcash/librustzcash/blob/main/CONTRIBUTING.md#branch-history), [pull request](https://github.com/zcash/librustzcash/blob/main/CONTRIBUTING.md#pull-request-review), and [commit](https://github.com/zcash/librustzcash/blob/main/CONTRIBUTING.md#commit-messages) guidelines as exemplified in the `librustzcash` repository.
- [x] I agree to post request details on the [Community Forum](https://forum.zcashcommunity.com/c/grants/33)
- [x] I understand it is my responsibility to post a link to this issue on the [Zcash Community Forums](https://forum.zcashcommunity.com/c/grants/33) after this application has been submitted so the community can give input. I understand this is required in order for ZCG to discuss and vote on this grant application.
### Application Owners (@Octocat, @Octocat1)
sidelaw
### Organization Name
David
### How did you learn about Zcash Community Grants
Forum
### Requested Grant Amount (USD)
9990
### Category
Infrastructure
### Project Lead
```project-lead.yaml
David Len (Sidelaw)
Project manager & Coordinator
Bio/Background: He specializes in the coordination between technical milestones and the operational needs of the project.
```
### Additional Team Members
```team-members.yaml
Role: Senior Rust Systems Engineers
Bio/Background:: Wasif is a specialized Rust developer with a focus on Confidential Computing and Multi-Party Computation (MPC). His portfolio includes building Anchor-powered Solana programs and high-performance Rust web services for managing cryptographic keys and blockchain transactions.
Backend & Infrastructure Engineer:
Bio/Background: Tom is a language-agnostic systems engineer with a specialization in building robust, scalable infrastructure from the ground up. He has extensive experience in high-performance computing, including optimizing AI/ML workflows (TensorFlow) and low-latency backend systems.
```
### Project Summary
Project Sentinel is a "privacy firewall" for Zcash that leverages the CipherScan API to automatically detect and quarantine malicious transparent dust. It provides wallets like Zodl with a real-time security API and Rust middleware to prevent users from accidentally deanonymizing themselves via poisoning attacks.
### Project Description
Project Sentinel is a decentralized "Privacy Firewall" designed to protect Zcash users from de-anonymization via dusting attacks. It provides a real-time Risk Scoring API and a Rust-based middleware that allows wallets to automatically identify and isolate suspicious, low-value transparent transactions (dust). By "quarantining" these transactions, Sentinel ensures that users do not accidentally link their identity to malicious tracking clusters when moving funds into the shielded pool.
### Proposed Problem
In early 2026, Zcash users face an increasing threat of Dusting Attacks on transparent (t-addresses). Dusting Attacks are a primary vector for identity tracking. Scammers send microscopic amounts of ZEC to transparent (t-address) balances. Most wallets currently lack the intelligence to distinguish between legitimate small payments and "tracking dust." If a user spends this dust along with their shielded funds, they "poison" their own privacy. As Zcash moves toward the Z3 technology stack in 2026, there is a critical need for automated security tools that prevent these manual user errors.
### Proposed Solution
Sentinel solves this by providing an automated Quarantine Layer. Instead of requiring users to manually inspect every tiny transaction, Sentinel:
Analyzes incoming t-address transactions for "poison" patterns.
Provides a Risk Score via a public API.
Offers a code module for wallets to "lock" these funds, preventing them from being used in future transactions unless the user explicitly "cleanses" them.
### Solution Format
The project will be delivered in three parts:
A Public REST API: A high-speed endpoint for real-time risk checks.
A Rust Library (Crate): A developer-friendly module for integration into mobile and desktop wallets.
Web Dashboard: A "Privacy Health" portal where users can scan their public addresses for active poisoning.
### Dependencies
CipherScan Privacy API: Sentinel will utilize the newly funded CipherScan ($58,800 grant, Feb 2026) as its primary data source for privacy heuristics.
Blockfrost/Alchemy/Zebra: For redundant blockchain indexing to ensure 100% uptime.
librustzcash: To ensure native compatibility with the Zcash protocol.
### Technical Approach
Language: Built entirely in Rust for performance and safety.
Heuristics: Sentinel uses a weighted algorithm: (TX Amount) + (Address Age) + (CipherScan Risk Index) = Sentinel Score.
Privacy-First: The API will support Private Blinding—users/wallets can check hashes of transactions so the Sentinel server never knows which specific address is being protected.
### Upstream Merge Opportunities
Zodl (Zashi): Sentinel is designed to be merged into the Zodl mobile wallet to provide "Shielded-by-Default" dust protection.
YWallet: The Rust module will be open-sourced to integrated automated quarantine features.
Zebra: Logic from the detection engine can be contributed to the Zebra node to help indexers flag malicious clusters at the protocol level.
### Hardware/Software Costs (USD)
N/A
### Hardware/Software Justification
N/A
### Service Costs (USD)
1500
### Service Costs Justification
Reasoning: To build a reliable "Sentinel" guard, we cannot rely on free, rate-limited infrastructure.
CipherScan API Access: While CipherScan is open-source, high-frequency "Risk Scoring" for a public API requires a dedicated tier to ensure 99.9% uptime for wallet users.
Cloud Infrastructure: Hosting the Sentinel REST API on a secure, DDoS-protected environment (like AWS or DigitalOcean) to ensure that even during network spikes, users can still check their transaction safety.
Security Auditing Tools: One-time licensing for automated Rust security scanners to ensure the code we provide to the Zodl (Zashi) and YWallet teams is bug-free.
### Compensation Costs (USD)
$8,490
### Compensation Costs Justification
Total Amount: $8,490
Team: 2 Developers
Duration: 2 Months
3. Compensation Costs Justification
Rate: $2,122.50 per developer, per month.
Details: This is a "Community Value" rate. We are providing two specialized engineers at a significantly lower cost than market rates to demonstrate our commitment to the Zcash ecosystem.
Developer A (Lead Rust Engineer): Focuses on the core "Quarantine" logic and integration with the librustzcash and Z3 stack.
Developer B (API & Frontend Engineer): Focuses on building the public REST API and the "Privacy Health" web dashboard.
This lean compensation structure allows us to move fast and deliver a working prototype in just 60 days.
### Total Budget (USD)
9990
### Previous Funding
Yes
### Previous Funding Details
_No response_
### Other Funding Sources
No
### Other Funding Sources Details
_No response_
### Implementation Risks
Data Dependency: Sentinel relies on CipherScan’s heuristics. If CipherScan's data is delayed, our risk scores could be outdated.
Mitigation: We will implement a "Safe-Fail" mode where if the data is unavailable, the wallet defaults to "Caution" for all transparent transactions under 0.01 ZEC.
API Latency: Checking every transaction against an external API could slow down the wallet experience.
Mitigation: We will use an asynchronous "Look-Ahead" cache to check transactions in the background before the user even opens their "History" tab.
### Potential Side Effects
False Positives: Legitimate small transactions (like "change" or test sends) might be flagged as dust.
Impact: This could cause temporary user anxiety. We will mitigate this by using a "Privacy Score" (0–100) rather than a simple "Scam/Not Scam" label.
Centralization: Relying on a single API (Sentinel) for safety.
Mitigation: The code will be 100% open-source, allowing any Zcash user to run their own "Sentinel Node" if they don't want to use our public endpoint.
### Success Metrics
Metric 1 (Adoption): Successful integration or a "Letter of Intent" from at least one major Zcash wallet (e.g., Zodl or YWallet) by Month 3.
Metric 2 (Detection): Correctly identifying 100% of known "Dusting Clusters" as identified by the community on the Zcash Forum.
Metric 3 (Efficiency): API response time of less than 200ms to ensure a seamless experience for mobile users.
Metric 4 (Community Use): At least 50 unique developers or users utilizing the "Privacy Health" web dashboard in the first 30 days of launch.
### Startup Funding (USD)
N/A
### Startup Funding Justification
N/A
### Milestone Details
```milestones.yaml
Project Sentinel: Zcash Dust Management & Privacy Guard
Milestone: 1
Amount (USD): $3,330
Expected Completion Date: 2026-03-26
User Stories:
"As a Zcash developer, I want a tool to identify 'poisoned' transparent cells, so that I can prevent privacy leaks in my app."
"As a security researcher, I want a logic module that integrates with CipherScan, so that I can leverage existing privacy data."
Deliverables: - Open-source Rust library (Crate) for dust detection.
Integration module for the CipherScan Privacy Score API.
Technical specification document for "Quarantine" logic.
Acceptance Criteria: Code is published on GitHub; unit tests pass for identifying known "dust" transaction patterns.
Milestone: 2
Amount (USD): $3,330
Expected Completion Date: 2026-04-10
User Stories:
"As a Zodl wallet user, I want my app to check transactions against a risk database, so that I don't accidentally link my identity to a scammer."
"As a wallet integrator, I want a high-speed REST API, so that I can perform risk checks without slowing down my app's UI."
Deliverables: - Public Sentinel REST API live (e.g., GET /check-risk/{txid}).
API Documentation (Swagger/OpenAPI).
Rate-limiting and security caching layer implementation.
Acceptance Criteria: API is reachable publicly and returns a risk score for a provided transaction ID within <200ms.
Milestone: 3
Amount (USD): $3,330
Expected Completion Date: 2026-04-26
User Stories:
"As a Zcash user, I want a visual dashboard, so that I can see if my public address has been 'poisoned' by dust."
"As a Zodl developer, I want a reference UI implementation, so that I can easily add a 'Freeze Dust' button to my wallet."
Deliverables: - Public Web Dashboard (Privacy Health Check).
UI/UX Reference implementation for Zodl/YWallet (Quarantine & Burn features).
Final project report and community presentation.
Acceptance Criteria: Web dashboard is functional; a video demo shows a wallet successfully identifying and "freezing" a dust transaction.
```
### Supporting Documents
```files.yaml
```
ZCG
March 2, 2026, 1:58pm
2
Thank you for submitting your proposal. After careful consideration by the ZCG and a period for community comments on the forum, the committee has decided not to advance this proposal.
We genuinely appreciate the work and dedication you put into your application and hope you’ll continue to participate and contribute to the Zcash community.