Nordic Shield has a live on-chain proof on Zcash

Community Collaborations
1

The first mainnet anchor for Nordic Shield is already mined.

  • txid: 98e1d6a01614c464c237f982d9dc2138c5f8aa08342f67b867a18a4ce998af9a
  • block: 3,286,631
  • root: 024e36515ea30efc15a0a7962dd8f677455938079430b9eab174f46a4328a07a

Verification path:

This is not a roadmap item. It is already deployed on mainnet.

The claim is straightforward: every state change in the participant lifecycle is committed to Zcash. Payments, ownership assignment, contract anchoring, deployment, monthly hosting, annual shield renewal, transfers, exits, and Merkle root commitments now all exist as protocol event types in the live stack.

What is live

Running today:

  • zec-pay scanner on mainnet
  • Zebra 4.3.0 at chain tip
  • S-NOMP live and accepting stratum connections
  • GET /stats
  • GET /lifecycle/{wallet_hash}
  • POST /event

The current anchored leaves are:

  • PROGRAM_ENTRY
  • OWNERSHIP_ATTEST

for serial Z15P-E2E-001, committed under the root above.

Lifecycle event types

Type Name Meaning
0x01 PROGRAM_ENTRY participant paid and entered the program
0x02 OWNERSHIP_ATTEST wallet hash linked to a machine serial
0x03 CONTRACT_ANCHOR hosting contract artifact committed by hash
0x04 DEPLOYMENT miner installed at facility
0x05 HOSTING_PAYMENT monthly hosting invoice paid
0x06 SHIELD_RENEWAL annual privacy shield renewed
0x07 TRANSFER ownership moved to a new wallet hash
0x08 EXIT participant exit or hardware release recorded
0x09 MERKLE_ROOT current lifecycle tree root anchored to Zcash

This is the part I think is new for Zcash: not just an on-chain payment receipt, but a full lifecycle commitment layer for a real-world program.

How to verify

  1. Open Nordic Shield Verification .
  2. Read the leaf hash, proof path, root, txid, and block height.
  3. Recompute the leaf from the wallet hash and, where applicable, serial number.
  4. Walk the Merkle proof.
  5. Confirm the derived root matches 024e36515ea30efc15a0a7962dd8f677455938079430b9eab174f46a4328a07a.
  6. Check txid 98e1d6a01614c464c237f982d9dc2138c5f8aa08342f67b867a18a4ce998af9a in a Zcash explorer or local tooling.
  7. Confirm the transaction is mined in block 3,286,631.

If you want to ignore the website entirely, use the public repo and verifier script.

Why this matters

Hosted mining programs normally depend on opaque operator records. A participant pays, gets updates in chat, and has limited ability to verify ownership, deployment status, billing history, or exit state without trusting the operator database.

Zcash can do better than that.

Shielded memos plus Merkle commitments make it possible to keep participant identity off-chain while still exposing a public audit layer. That is what Nordic Shield is using now.

The commercial program is straightforward:

  • Z15 Pro Cohort 0 ships mid-April
  • state of the art hosting facility in Norway
  • all-in hosting starts at $0.10/kWh effective, targeting $0.09/kWh for Cohort 3 as aggregate volume scales
  • Cohort 1 target is 10 slots by mid May

But the technical point is broader than one program. This is an open-source pattern for any Zcash-native operator that wants private payments plus public verifiability.

What’s next

  • anchor automation is already live, roots commit automatically every 10 events or 24 hours
  • integrate Zaino for compact-block scanner portability
  • ship a WebZjs in-browser verification widget (no server trust required)
  • add FROST threshold signing for anchor operations when upstream tooling stabilizes
  • continue committing the full participant lifecycle as hardware arrives mid-April

If anyone wants to review the protocol surface, the repo is here:

If anyone wants to challenge the proof model, even better. The point of shipping it this way is that the claims are checkable.

4 Likes
Title: ZIP draft: structured memo envelope for on-chain attestation
2

Update: verification SDK, FROST design, and ZIP draft

Three things shipped since the original post:

nsm1-verify published, standalone Rust crate for NSM1 Merkle proof verification, with a WASM build for browser use. 22 passing tests against published vectors.

FROST threshold signing design, completed a Pallas key ceremony using a 2-of-3 threshold with frost-core + reddsa. Threat model and signing reference are now public. Live signing remains deferred pending upstream Orchard API stabilization.

ZIP draft submitted, structured memo protocol specification following the ZIP template. Review welcome:

The crate is live on crates.io now as well:

https://crates.io/crates/nsm1-verify

1 Like
3

Anchoring a full lifecycle commitment layer to Zcash mainnet is exactly the kind of building that makes the chain matter. The Merkle tree approach for participant events is clean.

Submitting a ZIP draft for the structured memo protocol is the right move. Standards work compounds.

1 Like
4

Two mainnet anchors confirmed for Nordic Shield.

Anchor 1 - Block 3,286,631 - 2 leaves - txid 98e1d6a01614c464c237f982d9dc2138c5f8aa08342f67b867a18a4ce998af9a
Anchor 2 - Block 3,290,002 - 12 leaves - txid ba63e44f…

Current state: 2 anchors, 12 leaves, 0 unanchored.

Verification:

This is not a roadmap item. It is deployed on mainnet.

What is live

Running today:

12 leaves across 9 event types:

  • 0x01 PROGRAM_ENTRY - participant paid and entered the program
  • 0x02 OWNERSHIP_ATTEST - wallet hash linked to a machine serial
  • 0x03 CONTRACT_ANCHOR - hosting contract artifact committed by hash
  • 0x04 DEPLOYMENT - miner installed at facility
  • 0x05 HOSTING_PAYMENT - monthly hosting invoice paid
  • 0x06 SHIELD_RENEWAL - annual privacy shield renewed
  • 0x07 TRANSFER - ownership moved to a new wallet hash
  • 0x08 EXIT - participant exit or hardware release recorded
  • 0x09 MERKLE_ROOT - current lifecycle tree root anchored to Zcash

Not just an on-chain payment receipt. A full lifecycle commitment layer for a real-world program.

How to verify

  1. Open the Nordic Shield Verification
  2. Read the leaf hash, proof path, root, txid, and block height
  3. Walk the Merkle proof (BLAKE2b with NordicShield_MRK personalization)
  4. Confirm the root matches the anchored root in /anchor/history
  5. Confirm the txid is mined at the stated block height

Or use the nsm1/EVALUATOR_QUICKSTART.md at main · Frontier-Compute/nsm1 · GitHub for a faster path. Or install the
crates.io: Rust Package Registry and verify programmatically.

Why this matters

Hosted mining programs depend on opaque operator records. A participant pays, gets updates in chat, and has limited ability to verify ownership,
deployment, billing, or exit without trusting the operator database.

Zcash can do better. Shielded memos plus Merkle commitments keep participant identity off-chain while exposing a public audit layer. That is what Nordic
Shield uses now.

The technical point is broader than one program. This is an open-source pattern (MIT license) for any Zcash-native operator that needs private payments
plus public verifiability - mining operators, staking services, merchant subscriptions, any program with participant lifecycle state.

What’s next

  • Protocol spec finalization (v3.0)
  • ZIP 302 compatibility - encode NSM1 attestation as a TVLV part type
  • Zaino compact-block scanner integration for portability
  • FROST threshold signing for anchor operations when upstream tooling stabilizes
  • Continue committing the full participant lifecycle as hardware arrives mid-April

The repo is here: GitHub - Frontier-Compute/nsm1: NSM1 structured memo protocol for Zcash. BLAKE2b Merkle commitments, Orchard shielded anchoring, verification SDK. Reference implementation. · GitHub

Challenge the proof model. The point of shipping it this way is that the claims are checkable.