What I’m building: ZecPad — a privacy-first bonding-curve launchpad for Zcash
Short version: pump.fun-style token launches (create → instant liquidity → trade), but built around Zcash’s privacy
ethos instead of against it.
The problem
Zcash already has solid inscription tooling — Zecscriptions, Zinc, Zerdinals — but those are marketplaces (the
Ordinals/OpenSea model: mint, list, trade). What’s missing is a launchpad primitive: a deterministic bonding curve
that gives a token instant liquidity the moment it’s created, with no order book and nobody seeding a pool.
The other half is cultural. The Solana launchpad world runs on surveillance — wallet tracking, whale-watching feeds,
founder-doxxing. That’s the opposite of what Zcash is for. We want the fair-launch / instant-liquidity UX without the
panopticon.
Why Zcash specifically
- Shielded ZEC for payments → participation is private by default.
- Encrypted memos to carry buy/sell intent privately — which is exactly why the ZAP1 and memo-coordination posts above
caught my eye; structured memo conventions are what a trade-intent → settlement flow actually needs. - The honest framing for today’s design: “private participation, transparent supply.” Who bought/sold is never exposed
by us; the token ledger stays publicly verifiable. A fully-shielded ledger waits for ZSA.
The technical approach
Zcash has no VM, so a bonding curve can’t live “as code” on-chain. So:
- Meta-protocol (ZPAD-20): deploy / buy / sell / transfer ops written into transactions, with an indexer computing
state — same idea as BRC-20/Ordinals, but shaped for a launchpad rather than a marketplace. - Off-chain engine, on-chain settlement: price is computed by a deterministic engine; a curve-reserve holds ZEC in the
MVP (semi-custodial, reserve transparent = proof-of-reserves), with PCZT atomic swaps as the trustless endgame. - Wallets: Zcash has no MetaMask-style injected provider, so trades go to any wallet (Zashi, YWallet, Zingo,
Zecwallet, Keystone) as ZIP-321 payment requests + QR, with the intent in a shielded memo. We also derive real BIP-39
/ unified viewing keys in-browser for an embedded wallet. - Infra: zebrad reads the transparent ZPAD-20 ops (lightwalletd’s compact blocks strip transparent data, so the
indexer needs full blocks) + lightwalletd for wallet sync / broadcast / shielded payment detection + indexer +
Postgres.
Where it is now (honestly)
Working frontend + a real backend: the bonding-curve engine, a persistent trade log, real OHLC candles built from
actual trades, live updates over WebSocket. In-browser key derivation is real. On-chain settlement (indexer + node) is
the next milestone — the app is explicit about what’s live vs simulated. Testnet first, audit before any mainnet.
What I think is missing in the ecosystem
- No bonding-curve / instant-liquidity launch primitive on Zcash.
- No shared pattern for off-chain trading engines with verifiable on-chain settlement.
- PCZT tooling for one-sided / streaming settlement is still early.
- And the obvious one: ZSA for a fully-shielded fungible ledger can’t land soon enough.
What I’d want feedback on
- Is “transparent supply, shielded participation” the right MVP tradeoff, or worth waiting for ZSA before shipping a
token ledger at all? - Best path to trustless settlement for a one-sided curve trade — is PCZT the right tool, and are there working
patterns? - Indexer reliability: how are people handling reorgs / deterministic replay for meta-protocol state on Zcash?
- Standards: keep ZPAD-20 custom, or align the token layer with an existing standard (e.g. ZRC-20) for interop?
Happy to open-source the spec and compare notes — especially with anyone working on memo conventions (ZAP1) or memo-based coordination, since our settlement leans on exactly that.