Why Privacy Matters
Standard on-chain payments are fully transparent. Every transaction is visible on a block explorer, linking wallet addresses to payment amounts and counterparties. For AI agents making high-frequency API payments, or businesses settling invoices on-chain, this transparency can expose:- Spending patterns that reveal business strategy or usage volumes
- Wallet balances that make addresses targets for social engineering
- Counterparty relationships that leak partnership or vendor information
How It Works
Incognito mode has three operations:Shield
Deposit tokens from your visible wallet into the b402 privacy pool. Once shielded, tokens are no longer associated with your public address.Transact
Send tokens privately within the privacy pool. The sender, recipient, and amount are hidden behind zero-knowledge proofs. Neither party’s address appears in the transaction.Unshield
Withdraw tokens from the privacy pool back to a visible wallet address. This is typically the final step when the recipient needs tokens in a standard wallet.Integration with b402
You do not need to interact with privacy pool contracts directly. The b402 Facilitator handles the complexity:- Shield and unshield operations are built as ERC-4337 UserOperations via the Facilitator’s incognito endpoints
- Gas is sponsored by the paymaster, so privacy operations are gasless
- The Facilitator signs paymaster data and submits to the bundler on your behalf
- Call
POST /wallet/incognito/verifywith your wallet address and operation type - Sign the returned
userOpHashwith your owner key - Call
POST /wallet/incognito/settlewith the signed UserOp
Supported Tokens
Whitelisted tokens on the target chain can be shielded. See Network & Token Support for the current token list per chain.Learn More
- Incognito Verify API - Build an unsigned incognito UserOp
- Incognito Settle API - Submit a signed incognito UserOp
- Privacy Deep Dive - Commitments, nullifiers, and Merkle tree internals