SECLO - Privacy-Preserving Blockchain Payroll with Chainlink CRE

SECLO solves the fundamental conflict between blockchain transparency and employee privacy using Chainlink CRE's Confidential HTTP. Employee data (names, departments, salary limits) is fetched from an external API in a secure compute environment and never exposed on-chain. Only authorization decisions and payment amounts are recorded on the blockchain.

The system uses CRE as an orchestration layer that:

1. Receives payroll batch requests via HTTP trigger
2. Fetches employee registry via Confidential HTTP from a secure backend
3. Validates each payment against employee authorization and spending limits
4. Executes approved transactions while rejecting policy violations

Key innovations:

• Confidential HTTP keeps PII (Personally Identifiable Information) off-chain
• Automated compliance enforcement with no manual intervention
• AI-powered natural language interface for non-technical users
• Real-time policy validation with selective enforcement
• Tested on Tenderly Virtual TestNets for production-ready deployment

SECLO demonstrates meaningful CRE integration by solving real-world privacy and compliance challenges in blockchain payroll systems, making it suitable for enterprises that need both transparency and data protection.

Technology Stack:

• Chainlink CRE (Compute Runtime Environment) - Orchestration layer
• Confidential HTTP - Secure off-chain data fetching
• Go (WASM) - CRE workflow logic and policy enforcement
• Solidity - Smart contracts (PayrollConsumer, ERC20 token)
• Node.js/Express - Backend API and employee registry
• React/TypeScript - Frontend interface
• Wagmi + Reown AppKit - Wallet connectivity
• Google Gemini AI - Natural language processing
• Tenderly Virtual TestNets - Testing and deployment
• SQLite - Batch and transaction storage

Architecture:

1. Frontend: React app with AI interface and CSV upload
2. Backend: Express API serving employee registry via Confidential HTTP
3. CRE Workflow: Go-based WASM module that orchestrates:
     - HTTP trigger for payroll requests
     - Confidential HTTP calls to fetch employee data
     - Policy validation logic
     - Smart contract interaction
4. Smart Contracts: PayrollConsumer contract on Hoodi testnet
5. Database: SQLite for batch tracking and audit trails

The CRE workflow acts as a secure bridge between off-chain employee data and on-chain payment execution, ensuring privacy while maintaining blockchain transparency.