PrivacyShield

PrivacyShield solves the fundamental tradeoff in OTC crypto trading between privacy and trustlessness. Today, traders either trust a centralized desk (privacy but counterparty risk) or expose everything on-chain (trustless but no privacy). PrivacyShield uses CRE confidential compute to process encrypted trade details inside the DON without ever exposing them on-chain. Traders create Pedersen-style commitment hashes of trade parameters (seller, buyer, asset, amount, price, salt) and encrypt the actual details to the CRE workflow. Inside confidential compute, the workflow decrypts trades, verifies commitments, fetches consensus-verified pricing from Chainlink Data Feeds, and runs AI manipulation detection. Only the commitment hash and approval status appear on-chain - trade details never leave CRE.

CRE workflow in TypeScript using HTTP trigger, EVM client for Chainlink Data Feed reads and escrow contract writes. Crypto layer uses keccak256 commitment schemes (viem encodePacked), AES-GCM encryption for trade payloads, and AI validation scoring. Smart contracts in Solidity (Foundry) handle escrow, commitment verification, and CRE-authorized settlement. 24 crypto unit tests (Bun) + 10 contract tests (Forge). Stack: CRE SDK, TypeScript, Bun, Viem, Foundry, Solidity.