r00t.fund

What is it?
R00t.fund is a private launchpad for regenerative projects — a protocol that lets communities fund land restoration, reforestation, and ecological recovery initiatives through privacy-preserving governance, with one critical twist: projects must independently prove their impact before they receive funding milestones.
It is built on Ethereum with Chainlink CRE (Compute Runtime Engine) as the backbone verification layer, using zero-knowledge proofs (ZK-SNARKs) to keep all financial activity private, and a network of 8 automated Chainlink CRE workflows to independently verify whether funded projects are actually healing the land.
The first real project running through the protocol is the Serra da Estrela Native Forest Restoration — a 9-hectare site in Portugal's Serra da Estrela Natural Park devastated by the September 2025 fires, where 2,550 native trees (oaks, chestnuts, hawthorns, strawberry trees) are being planned for replanting in Spring 2026.
The Problem
The money never reaches the ground. Studies consistently show that 60–80% of climate finance is consumed by intermediary costs before reaching actual implementation. In voluntary carbon markets, a credit sold for €25 might deliver €3–5 to the landowner who restored the soil. The rest disappears into brokers, certifiers, consultants, registry fees, and administrative overhead across a chain of people who never touched earth.
No one checks if anything actually happened. Carbon credit registries like Verra and Gold Standard rely on self-reported data from project developers with every incentive to overstate results. A 2023 investigation found that over 90% of Verra's rainforest offset credits likely represented no genuine carbon reductions. There is no independent oracle. No satellite feed anyone can query. No on-chain proof that a forest exists.
Privacy and compliance are treated as opposites. Privacy-preserving DeFi protocols operate in regulatory grey zones — unusable for institutional capital that must meet EU MiCA and CMVM requirements. Compliant platforms strip all privacy, exposing funders to front-running and competitive intelligence leaks. The institutions with capital to fund regeneration at scale can't use private protocols, and private protocols can't attract institutional capital.
Launchpads have no accountability. A project raises money and the relationship ends. There's no oracle checking whether the funded reforestation happened, no milestone-gated release, no automated consequence for failure.
How It Works
The protocol operates across five interconnected phases:

1. Launch — Private Governance A project proposer submits a regeneration proposal (coordinates, species lists, target outcomes, funding schedule) to LaunchpadGovernance. Community members vote using ZK-SNARK proofs — identity, vote weight, and voting direction all remain private. If the proposal passes, funding is committed to a ConfidentialFundingVault in escrow. Only World ID-verified humans (sybil-resistant via Worldcoin biometric proofs bridged by CRE Workflow 8) can create proposals — preventing governance spam attacks.
2. Fund — Zero-Knowledge AMM Capital flows through ZkAMMPair, a full-featured AMM where every operation is private: deposits enter via Poseidon hash commitments in a depth-24 Merkle tree, trades are executed without revealing address or size, and LP positions are held without exposing capital. Each governance-approved project gets its own token, tradeable on the ZkAMM with the same privacy guarantees. Short selling is available via R00TShorts with full collateral management.
3. Verify — Chainlink CRE as the Independent Auditor This is the core differentiator. Instead of trusting project teams to self-report, Chainlink's decentralized oracle network independently verifies whether each project actually met its goals, running 8 automated CRE workflows:

• W1 (Privacy) — Queries Verra VCS, Gold Standard, EU ETS, and Portuguese carbon registries to verify credit attribution and compute a composite impact score (0–1000)
• W2 (DeFi) — A Proof of Reserve data feed where TVL includes verified carbon credit value, not just ETH and tokens
• W3 (AI) — The core validator: fetches Copernicus Sentinel-2 satellite imagery (NDVI vegetation index), ISRIC SoilGrids soil carbon data, and Global Forest Watch canopy cover, then sends everything to Llama 3.3 70B (via Groq) for expert ecological assessment — outputting a regeneration verdict, carbon sequestration estimate, and confidence score
• W4 (Prediction Markets) — Environmental outcome markets ("Will project X achieve 50% NDVI recovery by Q4 2026?") settled automatically by CRE when satellite data confirms the answer
• W5 (Risk) — Real-time protocol health monitoring across all reserves and short positions, with automatic circuit breaker triggers if the system reaches critical thresholds
• W6 (Compliance) — Implements the Chainlink ACE (Anonymous Compliant Exchange) pattern, running compliance checks (sanctions, volume limits, jurisdiction rules) via address hashes — never raw addresses — so users get privacy AND regulatory compliance simultaneously
• W7 (Data Feed) — A dedicated AggregatorV3Interface-compatible on-chain feed for the Serra da Estrela project, publishing NDVI recovery, burn scar healing, tree survival estimates, and carbon sequestration weekly
• W8 (World ID) — Bridges World ID verification to any EVM chain by calling the Worldcoin cloud API off-chain and writing results on-chain, since the World ID Router only natively exists on Ethereum/Optimism/World Chain
  These workflows are not isolated — they form an interconnected verification network sharing on-chain state. W7's satellite data feeds into W3's AI assessment, which feeds into W1's carbon credit attribution, which feeds into W2's Proof of Reserve, which feeds into W5's health monitor.

4. Comply — Privacy With Regulation The Chainlink ACE pattern ensures institutional capital can participate without sacrificing the privacy that protects small landowners and local communities. Only hashed addresses enter the compliance layer. Once cleared, tokens are fully private via ZK-SNARK spend proofs with nullifier registries preventing double-spending. The protocol is designed for EU MiCA, Portuguese CMVM, and FATF compliance from the ground up.
5. Trade — Carbon Credits With Real Backing Verified projects generate carbon credit attestations that feed into the Portuguese Mercado Voluntário de Carbono and EU ETS. The RegenProofOfReserve feed includes these credits in the protocol's TVL, making reserves transparently backed by both crypto assets and audited environmental impact.
   What Makes It Different
   The key insight is that Chainlink CRE is not just an oracle for R00t.fund — it is the accountability mechanism that makes the entire launchpad trustworthy. Projects cannot claim impact without independent verification. Funding cannot be released without proof. Carbon credits cannot be attributed without multi-source environmental data consensus.
   This eliminates all four of the problems above:

• No intermediaries — Smart contracts send funds directly to project implementers. A landowner in Serra da Estrela receives the milestone payment, not a chain of middlemen
• Independent verification — The DON queries real satellite APIs, real soil databases, real carbon registries, and runs AI ecological assessment on the raw data. No self-reporting, no trust assumptions
• Privacy with compliance — ZK-SNARKs keep all transactions private while ACE PolicyEngine ensures regulatory compliance. Both institutional and individual capital can participate
• Milestone-gated accountability — If CRE cannot confirm that NDVI recovered, soil carbon increased, or trees survived — the next funding tranche stays locked
  Technical Scope
  The protocol is deployed in full on a Tenderly Virtual TestNet (Sepolia fork, Chain ID 73571) with 27+ smart contracts, 8 live CRE workflows, 10 Circom ZK circuits (Groth16), a React frontend with 27+ UI components, a 13-module TypeScript SDK, 6 autonomous trading agent strategies, a Ponder blockchain indexer, and 3 MCP servers. All 8 CRE workflows pass simulation against the Tenderly VNet.
  Fund what heals. Verify on-chain. Built on Chainlink. Rooted in the earth.

How It's Built
R00t.fund is a full-stack Web3 protocol spanning smart contracts, zero-knowledge cryptography, Chainlink CRE automation, a React frontend, and autonomous trading agents. Here's how each layer fits together:
Smart Contracts — Solidity + Foundry
The protocol's on-chain core is 27+ Solidity contracts (0.8.24) compiled and tested with Foundry. The architecture splits cleanly into three groups:

• Core AMM — ZkAMMPair holds all reserves and Merkle tree state; ZkAMMRouter is the user-facing entry point for buys, sells, swaps, and LP operations; ZkAMMAdmin handles timelocks (48h in production), emergency 2-of-3 multisig, and CRE callback authorization
• Protocol logic — LaunchpadGovernance for proposal/voting lifecycle; R00TShorts for short selling with collateral management; RootToken (ERC-20, 69M supply)
• CRE callback contracts — one per workflow: ConfidentialFundingVault, RegenProofOfReserve, AIAgentOrchestrator, RegenPredictionMarket, ProtocolHealthMonitor, CompliantPrivateVault, SerraEstrelaNativeForest, WorldIDGatekeeper
  Zero-Knowledge Proofs — Circom + Groth16
  The privacy layer uses a UTXO commitment model where every private balance is a Poseidon hash commitment stored in a depth-24 incremental Merkle tree (~16M leaves). There are 10 Circom circuits compiled with snarkjs to Groth16 proofs, covering every private operation: sell, transfer, merge, withdraw, addLiquidity, removeLiquidity, claimLPFees, swap, pledge, and vote. On-chain verifier contracts (one per circuit) validate proofs in Solidity. A nullifier registry with cross-pool coordination and cooldown periods prevents double-spending.
  Chainlink CRE Workflows — TypeScript
  Eight CRE workflows written in TypeScript using @chainlink/cre-sdk v1.0.9. Each workflow runs on a CronCapability schedule and follows the same pattern: read on-chain state via EVMClient.callContract, fetch external data via HTTPClient, compute a result, sign via runtime.report(), and write back on-chain via EVMClient.writeReport. Sensitive API keys (carbon registries, LLM, sanctions screening, environmental data) live in the CRE DON vault secrets — never in the workflow code. The 8 workflows share on-chain state through shared contract addresses, forming a verification network rather than 8 isolated demos.
  AI Integration — Llama 3.3 70B via Groq
  Workflow 3 (AI Land Regeneration Validator) is the most technically complex. It fetches real multi-source environmental data — Copernicus Sentinel-2 NDVI (B04/B08 bands), ISRIC SoilGrids soil organic carbon, and Global Forest Watch canopy cover — then sends the entire structured dataset as context to Llama 3.3 70B via the Groq API. The model returns a JSON verdict with verificationStatus, regenerationScore, estimatedCarbonSequestration, carbonCreditEligible, and a natural-language ecological explanation. If the LLM is unavailable, the workflow falls back to heuristic scoring so the system always produces a result.
  Privacy + Compliance Bridge — Chainlink ACE
  Workflow 6 implements the Chainlink ACE (Anonymous Compliant Exchange) pattern using the official @chainlink/policy-management PolicyEngine. Compliance checks (sanctions, volume limits, jurisdiction, KYC level) run against keccak256(address, salt) hashes — never raw addresses. If a transfer request passes, the CRE workflow calls authorizeAndBuy() on CompliantPrivateVault, which forwards ETH to ZkAMMRouter.buyPrivate() and gives the user a ZK commitment backed by real AMM-priced tokens. Denied requests get refunded. The on-chain layer never sees identity — only "authorized" or "denied."
  Frontend — React + TypeScript + Tailwind
  A React 18 app with 27+ UI components and 17 custom hooks covering ZK proof generation, privacy operations, and trading interfaces. Contract interaction is handled via Viem. Includes an IDKit widget for World ID verification (Workflow 8). Built with Vite.
  Indexing + SDK + Agents
• Ponder indexes all on-chain events for the frontend and API layer
• A 13-module TypeScript SDK (client, prover, crypto, merkle, etc.) abstracts all ZK and contract interactions for external integrators
• 6 autonomous trading agent strategies (momentum, mean-reversion, and others) run against the ZkAMM
• 3 MCP servers expose protocol state and operations to AI agent tooling
  Testing & Deployment — Tenderly Virtual TestNets
  The entire protocol is deployed on a Tenderly Virtual TestNet (Sepolia fork, Chain ID 73571). Tenderly's time manipulation (evm_increaseTime) allows testing timelock-gated CRE authorization without waiting 48 hours. 63 simulated CRE callback transactions across all 8 workflows demonstrate the full verification pipeline in the Tenderly explorer. All 8 workflows pass cre workflow simulate against the VNet.