Grant Application: ZAP1 Protocol Hardening and Zaino Integration

Community Grants Applications
1

GitHub Issue: ZAP1 Protocol Hardening and Zaino Integration · Issue #258 · ZcashCommunityGrants/zcashcommunitygrants · GitHub
Applicant: Frontier Compute / LiquidLV DAO LLC (Wyoming)
Project Lead: zk_nd3r
Requested Amount: $18,000 USD over 3 months
Category: Infrastructure
Repository: GitHub - Frontier-Compute/zap1: On-chain attestation protocol for Zcash. BLAKE2b Merkle tree anchored to Orchard transactions. 21 event types. Verified on 5 chains. · GitHub (MIT)

The problem

Zcash has no standard for structured data in shielded memos. If you need private payments with public verifiability, you invent a custom binary format or write plaintext. Wallets and explorers cannot parse either without application-specific code. ZIP 302 defines the container but not application-layer payload types.

The solution

ZAP1 is a production-tested attestation protocol for Zcash. Open-source, MIT-licensed. Structured memo envelope, deterministic BLAKE2b hash construction with operator-configurable domain separation, Merkle tree commitment, on-chain anchoring. Application-agnostic. Operators register their own event types and personalization strings. Verification needs only the proof bundle and chain access.

Verify the claims

git clone GitHub - Frontier-Compute/zap1: On-chain attestation protocol for Zcash. BLAKE2b Merkle tree anchored to Orchard transactions. 21 event types. Verified on 5 chains. · GitHub && cd zap1 && bash scripts/evaluate.sh

14 end-to-end checks against live mainnet. Or run python3 conformance/check.py (14 protocol checks) and python3 conformance/check_api.py (21 API schema checks).

Full walkthrough: zap1/EVALUATOR_QUICKSTART.md at main · Frontier-Compute/zap1 · GitHub

What already exists

All shipped before this application:

One production deployment is live on mainnet. The grant funds the protocol layer, not the
deployment.

What the grant funds

Milestone 1: Protocol hardening + FROST design - 4 weeks, $6,000
Acceptance: in a clean-room reproduction using only the published spec and vectors (no reference implementation code). FROST migration doc published. spec v3.0 finalized.

Milestone 2: Anchor hardening + operator tooling - 4 weeks, $5,000
Acceptance: retry/alerting working, operator runbook tested against fresh deployment.

Milestone 3: Zaino scanner integration - 4 weeks, $7,000
Acceptance: Zaino-backed scanner validated, or working adapter plus integration guide published and tested against recorded compact-block data.

Total: $18,000 / 3 months. Tranche-based. Each milestone evaluated before payment.

Who benefits

Any Zcash application that needs structured on-chain commitments: mining operators, staking services, merchant platforms, DAO governance, Crosslink validators. The verification SDK, memo decoder, and scanner pattern are reusable.

Related

Full details in the GitHub issue linked above.

2 Likes
What are you building on Zcash?
Zcash Community Grants Meeting Minutes 4/13/2026
2

Mainnet TX signed via 2PC-MPC and broadcast on Zcash:

https://blockchair.com/zcash/transaction/9ced54f695258ca0ead4e7188ad6e1eee489dbf8c7b89571e27ddca793bf239b

ZIP 244 v5 sighash computed in TypeScript, verified byte-for-byte against librustzcash. BLAKE2b with 16 Zcash-specific personalizations. The full key never existed whole.

ZAP1 protocol running continuously. 39 leaves, 4 mainnet anchors, 21 event types. Health check: curl https://pay.frontiercompute.io/health returns sync_lag: 0. Six containers, Zebra 4.3.0, zero downtime since deploy. Embedded Orchard wallet builds and broadcasts anchor TXs without external wallet dependencies.

Zcash Merkle roots verifiable on 5 chains (Ethereum mainnet, Arbitrum, Base, Hyperliquid, NEAR). The ETH mainnet verifier uses the EIP-152 BLAKE2b precompile at address 0x09, running Zcash-native cryptographic verification natively inside the EVM. Contract:
Address: 0x12db453A...e807057C1 | Etherscan .

Tested Zebra PR #10170 (precompute coinbase) against our s-nomp pool on mainnet. GBT returns a valid template, no regressions in the response format pool software expects. Results posted on the PR.

npm: 2,300 downloads/week across 7 packages. zcash-mcp merged into GitHub - punkpeye/awesome-mcp-servers: A collection of MCP servers. · GitHub (84K stars). Cross-platform conformance suite with 39 test vectors for memo parsing.

All code MIT licensed. 24 public repos: Frontier Compute · GitHub . No cloud dependencies. Anyone can clone and run.

1 Like
3

Progress update, April 11.

Since the original application and the Apr 7 mainnet TX post, here is what shipped. Numbers from earlier posts are corrected below.

Deliverable status

Deliverable State Verify
ZAP1 API (mainnet) Live curl https://api.frontiercompute.cash/stats
Merkle anchor (block 3,301,151, 12 leaves, 9 types) Live curl https://api.frontiercompute.cash/health
EVM verifier contracts (ETH, Arb, Base, HL) Deployed Etherscan
NEAR anchor contract Deployed zap1-anchor.testnet
Sui Move verifier Deployed published package
FROST 2-of-3 threshold signing (Pallas, BLAKE2b-512) Implemented frost_signer.rs
Billing API (4 tiers) Live curl https://frontiercompute.cash/tiers
ShieldedVault spec (5 properties) Draft v0.1.0, CC-BY-4.0 shieldedvault-spec
Scaffolder (npx create-shieldedvault) Published npm
GHSA (Zebra addr/addrv2 DoS) Filed, confirmed by ZF, patch coordinating GHSA-xr93-pcq3-pxf8 (under disclosure)
librustzcash sighash hardening PR open, mergeable #2278
Zaino UTXO materialization bug Issue open #974
x402 Zcash mechanism stub PR open (2 files, 75 lines) #1990
ZAP1 ZIP draft Open, converging toward ZIP 302 #1243

Clarifications on FROST and chain verification

FROST(Pallas, BLAKE2b-512) is implemented in frost_signer.rs using reddsa::frost::redpallas with frost-rerandomized. 2-of-3 threshold key generation, round 1/round 2 signing, and rerandomized Orchard SpendAuth signatures. The group public key maps to a Zcash unified address. Design doc and threat model: FROST_DESIGN.md. Anchor operations are migrating from single-key to threshold signing using this code.

EIP-152 BLAKE2b verification applies to the 4 EVM chains (Ethereum, Arbitrum, Base, Hyperliquid). NEAR uses a native BLAKE2b host function. Sui uses a Move implementation. The Merkle proof format is identical across all 6; the verification path differs by chain.

Corrections to earlier posts

Post 1 (Mar 31) said “21 event types” in the repo link title. Post 2 (Apr 7) said “39 leaves, 4 mainnet anchors, 21 event types, 2,300 dl/week.” Canonical counts are 1 anchor at block 3,301,151, 12 leaves, 9 tracked event types. Types 0x0A-0x0F are reserved for future use and marked as such in the README as of today. The earlier numbers reflected development iterations that were not cleaned up before posting. This is fixed going forward.

npm downloads

Package Downloads/month
@frontiercompute/zcash-ika 928
@frontiercompute/zcash-mcp 741
@frontiercompute/openclaw-zap1 682
@frontiercompute/zap1 430
Total 2,781

Verifiable: curl ``https://api.npmjs.org/downloads/point/last-month/@frontiercompute/zcash-ika. These are raw npm registry counts, not filtered for CI or self-installs.

Ecosystem engagement

  • GHSA on Zebra addr/addrv2 deserialization resource exhaustion. Confirmed by Conrado at ZF; patch coordinated and releasing. (GHSA-xr93-pcq3-pxf8, under coordinated disclosure.)
  • zcash/librustzcash#2278: transparent sighash hardening. Found while building FROST-signed anchor transactions.
  • zingolabs/zaino#974: UTXO materialization bug. Found while tracing the ZAP1 scanner through Zaino gRPC.
  • x402-foundation/x402#1990: Zcash shielded network mechanism stub (2 files, 75 additions). Not a full integration; the stub defines network config and payment proof types for future facilitator work.
  • zcash/zips#1243: ZAP1 ZIP draft, converging toward ZIP 302 compatibility.

What this enables for Zaino integration (grant scope)

Issue #974 and PR #2278 came from running the protocol on mainnet, not from speculative code review. The conformance suite at zap1/conformance has 14 protocol checks, 21 API schema checks, and hash vectors.

Next milestone: conformance test suite for ZAP1 memo parsing against Zaino’s memo handling, using the 12 leaves already anchored as ground truth vectors.

Mapping to grant milestones

  • M1 (Protocol hardening + FROST design): FROST signing on Pallas curve implemented with full threat model. Spec draft published. Conformance suite built (14 protocol + 21 API checks). Remaining: spec v3.0 finalization, FROST migration doc for operators.
  • M2 (Anchor hardening + operator tooling): Exponential backoff retry implemented and battle-tested (18 days of Signal monitoring logs show failure recovery). Remaining: operator runbook, alerting formalization.
  • M3 (Zaino scanner integration): Zaino gRPC validated on mainnet, issue #974 filed. Remaining: Zaino-backed scanner, integration guide.

All source code MIT licensed at github.com/Frontier-Compute. Live stats at api.frontiercompute.cash/stats.

4

Thank you for submitting your proposal. After careful consideration by the ZCG and a period for community comments on the forum, the committee has decided not to advance this proposal.

We genuinely appreciate the work and dedication you put into your application and hope you’ll continue to participate and contribute to the Zcash community.