Requested Grant Amount (USD)
$240,000
Category: Infrastructure
Project Summary
The Unified Address Policy Engine (UAPE) is a standardized enforcement layer that enables wallets and services to define, apply, and guarantee privacy-preserving rules for Unified Address usage in Zcash. By moving privacy guarantees from advisory behavior to deterministic enforcement, UAPE ensures consistent, privacy-by-default handling of Unified Addresses across the ecosystem without requiring any consensus changes.
UAPE operates entirely at the wallet and service layer, integrating into address handling and transaction construction prior to signing or broadcast. This allows strong privacy guarantees to be enforced uniformly while remaining fully compatible with existing Zcash protocol rules and cryptographic primitives.
Project Description
Unified Addresses were introduced to simplify address handling and promote shielded usage across the Zcash ecosystem. However, in their current form, Unified Addresses lack a standardized enforcement mechanism. Wallets and services may interpret them differently, leading to inconsistent behavior and unintended privacy degradation for users.
UAPE introduces a formal, wallet-agnostic policy framework that converts Unified Addresses from passive indicators into enforceable privacy guarantees. Policies explicitly define acceptable address usage and transaction flows, such as:
-
Requiring shielded-only receipt
-
Rejecting transparent funds
-
Enforcing Unified Address recipients
The project delivers a written policy specification and a production-grade reference implementation, along with integration examples and documentation. Enforcement occurs before transaction signing or broadcast, ensuring consistent and auditable behavior without modifying consensus rules.
Proposed Problem
Unified Addresses are a core component of Zcash’s long-term privacy roadmap, but the absence of a shared enforcement layer results in several issues:
-
Accidental privacy degradation when wallets or services accept or produce transparent funds without clear intent
-
Divergent wallet behavior and inconsistent UX due to differing interpretations of Unified Address handling
-
Inability for services such as exchanges and custodians to formally assert, audit, or prove privacy guarantees
-
Unified Addresses functioning as optional hints rather than enforceable policy
These limitations reduce the effectiveness of Unified Addresses as a privacy primitive.
Proposed Solution
UAPE introduces a declarative policy layer that allows wallets and services to define explicit privacy rules for Unified Address usage and enforce them deterministically.
Policies can express requirements such as:
-
Rejecting transparent inbound funds
-
Enforcing shielded-only receipt and spending
-
Requiring Unified Address recipients
Policy evaluation occurs during address handling and transaction construction, prior to signing or broadcast. This ensures violations are detected early and handled consistently across implementations.
No consensus or cryptographic changes are required, enabling incremental adoption with minimal ecosystem risk.
Solution Format
The solution is delivered as a combination of specification, software, and documentation:
-
Unified Address Policy Specification
Defines policy primitives, deterministic evaluation rules, failure semantics, and privacy guarantees. Designed for ZIP-style discussion and long-term maintenance. -
Open-Source Reference Policy Engine
A Rust-based implementation that enforces the specification and can be reused across wallets and services without custom enforcement logic. -
Integration Examples
Wallet and service examples demonstrating real-world usage patterns and adoption paths. -
Developer Documentation and Best Practices
Covers configuration, integration guidance, error handling, and recommended default policies.
Dependencies
The project builds on existing Zcash ecosystem components:
-
Existing Zcash Unified Address specifications
-
Zcash wallet libraries for integration examples and validation
-
Community review via the Zcash Community Forum throughout the specification and refinement process
Technical Approach
The project follows a specification-first design to minimize integration risk and ensure clarity.
-
A formal policy model defines:
-
Policy primitives
-
Address and pool constraints
-
Deterministic evaluation order
-
Privacy and metadata minimization guarantees
-
-
The specification is published early and refined through community and maintainer feedback.
-
A Rust-based reference implementation integrates into transaction construction pipelines, enforcing policies before any transaction is signed or broadcast.
-
Correctness is ensured through:
-
Unit tests
-
Integration tests
-
Fuzz-based validation to uncover edge cases and subtle failure modes
-
Upstream Merge Opportunities
The project is designed for upstream adoption.
Target Repositories
-
librustzcash -
Zcash wallet SDK repositories
Planned Changes
-
Introduction of a reusable policy enforcement layer
-
No modifications to consensus rules or cryptographic primitives
Upstream merge consideration begins after the reference implementation has stabilized and undergone review.
Timeline
Specification drafting, community review, and reference implementation proceed in parallel with early coordination from ecosystem maintainers.
Upstream merge consideration is planned after implementation and test stabilization.
Costs
-
Hardware / Software Costs (USD): $0
-
Service Costs (USD): $0
-
Compensation Costs (USD): $240,000
Compensation Justification
The project requires approximately 2,400 engineering hours delivered by senior protocol engineers with deep experience in correctness-critical blockchain systems. For work of this nature, including protocol specification, deterministic policy design, fuzz-based validation, and low-level wallet integration, the team’s standard commercial rate is approximately USD 300 per hour.
For the purpose of this ecosystem-focused grant, the team is applying a significantly discounted community rate of USD 100 per hour, representing a reduction of more than 65 percent from standard market pricing.
This discount reflects a strong commitment to the Zcash ecosystem and is enabled by the team’s prior investment in high-assurance protocol engineering. This includes direct work on Polkadot JAM protocol research and tooling, such as low-latency (5ms) fuzzing frameworks and correctness infrastructure referenced in the Polkadot Gray Paper. The same expertise directly applies to the specification-first design, deterministic enforcement, and correctness guarantees required for this project.
At standard commercial rates, protocol and specification work of comparable depth, assurance level, and testing rigor would substantially exceed the requested budget. The proposed compensation therefore represents high-assurance protocol engineering delivered at a heavily subsidized, community-oriented rate for the benefit of the Zcash ecosystem.
This compensation covers:
-
Policy and specification design
-
Reference implementation development
-
Wallet and service integrations
-
Testing, fuzzing, and edge-case validation
-
Documentation and ecosystem coordination
Total Budget (USD): $240,000
Previous Funding: No
Other Funding Sources: No
Implementation Risks
-
Policy over-complexity that could hinder adoption
-
Divergence in wallet integration approaches
-
Edge cases in transaction construction and address handling
Mitigations
-
Specification-first process with early review
-
Continuous community and maintainer feedback
-
Comprehensive unit, integration, and fuzz-based testing
Success Metrics
-
Publication of a complete Unified Address Policy specification
-
Availability of a working open-source policy engine
-
Successful wallet and service integration examples
-
Positive feedback and adoption signals from ecosystem developers
Startup Funding (USD)
$240,000
Milestones
Milestone 1
Amount (USD): $40,000
Expected Completion Date: 2026-01-31
Deliverables
-
Project kickoff and planning
-
Public repository setup
-
Initial policy model outline
-
Architecture and design notes
Milestone 2
Amount (USD): $50,000
Expected Completion Date: 2026-02-28
Deliverables
-
Unified Address policy model
-
Draft policy specification
-
Initial public documentation
Milestone 3
Amount (USD): $50,000
Expected Completion Date: 2026-03-31
Deliverables
-
ZIP-style specification draft
-
Defined failure semantics
-
Explicit privacy guarantees
Milestone 4
Amount (USD): $62,000
Expected Completion Date: 2026-04-30
Deliverables
-
Open-source reference policy engine
-
Unit and integration test suite
Milestone 5
Amount (USD): $38,000
Expected Completion Date: 2026-05-31
Deliverables
-
Wallet and service integration examples
-
Developer documentation
-
Final technical report