GETTING STARTED · PROTOCOL v1.01

The Sovereign Identity Engine

IdentiFI is a Stateless Possession Validation Protocol — a sovereign cryptographic engine that enables operators to prove unified control over a cluster of EVM wallets without exposing private keys, linking addresses on public explorers, or relying on any centralized infrastructure.

The protocol operates entirely in volatile memory. There are no databases, no server-side logs, no persistent metadata. Every session terminates with a full cryptographic purge. What remains is only the off-chain proof of an authorized operation — nothing else.

Built on Rust (compiled to WebAssembly for client-side execution) and natively integrated with Uniswap v4 Hooks, IdentiFI represents a new class of DeFi infrastructure: a privacy-preserving authority layer where validation is sovereign, execution is local, and the chain sees only what it needs to see.

CORE PRINCIPLE

Identity is treated as a session event, not a persistent state. You cryptographically prove control of your wallet cluster — the Genesis Node authenticating every Strand via EIP-191 — without a single on-chain address ever being publicly linked to another.

This document is the protocol's technical overview. It describes the system architecture, security guarantees, and economic model at a level intended for engineering review, audit evaluation, and institutional due diligence.

What You'll Find Here

  • The Problem — Why current DeFi identity models structurally fail operators.
  • Core Architecture — Three-layer execution model with strict isolation guarantees.
  • Execution Flow — End-to-end lifecycle of an authorized operation.
  • Stateless Reconciliation — How on-chain attribution works without databases.
  • Security Model — Cryptographic and architectural guarantees.
  • Economic Model — The 33/3 Yield Engine and distribution mechanics.
  • SDK & Adapters — Integration surface for third-party dApps.
  • Active Deployments — Live contracts on Unichain Sepolia testnet.

The Problem

Current DeFi identity and authorization models operate under a fundamental contradiction: they force operators to choose between functionality and privacy. Every multi-wallet operator exposes their authority surface through public on-chain linkage, centralized KYC registries, or trust-based attestations. There is no third option.

IdentiFI does not patch these problems. It eliminates the architecture that causes them.

CONSTRAINTSTATUS QUOIDENTIFI RESOLUTION
Multi-Wallet OwnershipRequires public on-chain linking or centralized registries. Every transaction builds a queryable graph of your authority surface.Cryptographic cluster proof with zero public linkage. Strands never appear in any network call.
Session PersistenceCookies, databases, JWT tokens — all traceable. Session state survives across operations and can be subpoenaed, leaked, or exploited.Volatile memory only. Full purge on termination via The Purge Protocol.
Authority VerificationTrust-based (centralized KYC, oracle attestations, custodial approvals). Single point of compromise.Trustless, client-forged EIP-191 proofs. Cryptographic verification, not trust.
Privacy in DeFi SwapsFull transaction graph exposure on block explorers. Anyone can reconstruct your strategy from public data.Blinded authority payloads via Hook integration. The chain sees an authorized operation — nothing more.
Infrastructure DependencyServer-side validation, API keys, uptime risk. Backend outage = protocol halt.100% client-side execution via WASM. No servers required. No API keys to leak.

THE STRUCTURAL ISSUE

Every high-value operator in DeFi faces the same structural vulnerability: their capital is distributed across multiple wallets, but proving control of those wallets requires public linkage. One leaked signature. One compromised explorer. Your entire cluster is mapped.

Core Architecture

The IdentiFI engine operates on a three-layer execution model. Each layer is isolated by design, ensuring that no single component holds enough state to reconstruct a user's identity or transaction intent. Compromise of one layer is insufficient to authorize an operation.

LAYER I · CLIENT-SIDE (WASM RUNTIME)
Genesis Node
Primary identity — root of the cluster
X-Core Engine
Rust / WebAssembly — proof forge
Strand Synchronization
EIP-191 signature binding per wallet
Master Signal
Blinded authority proof
LAYER II & III · ON-CHAIN SETTLEMENT
IdentiFI Hook
Uniswap v4 — beforeSwap validator
JobberUniversal Router
Optimized trade settlement
Treasury Contract
0.066% fee aggregation + yield
↓ Stateless Payload · hookData (160 bytes compressed) · No public linkage ↓

Layer I — Client-Side Proof Forging

The X-Core Engine is the protocol's computational nucleus. Written in Rust and compiled to WebAssembly, it executes entirely within the user's browser runtime. No on-chain calls are made during proof generation. The engine is sealed — its internal logic is not exposed to the DOM, and side-channel leakage is architecturally prevented by the WASM sandbox.

  • Genesis Node — The operator's primary wallet, the root of the identity cluster.
  • Strands — Secondary wallets bound to the Genesis Node via individual EIP-191 cryptographic signatures.
  • Master Signal — The final blinded authority payload, generated by cryptographically synchronizing all Strand signatures under the Genesis Node's sovereign key.

Layer II — On-Chain Validation (Hook Gatekeeper)

The IdentiFI Hook is deployed as a Uniswap v4 beforeSwap callback. It acts as a stateless gatekeeper: it receives the Master Signal via hookData, validates the cryptographic integrity of the proof, and either authorizes or reverts the operation. The Hook stores nothing. It validates and exits.

The Hook cannot settle trades. The Router cannot validate proofs. This is the Validator-Executor Split — architecturally enforced, not policy-based.

Layer III — Settlement & Treasury

Upon successful validation, the JobberUniversal router settles the trade with maximum gas efficiency. A fixed protocol fee of 0.066% is captured at the settlement layer and routed to the IdentiFITreasury contract for downstream distribution per the 33/3 Yield Engine.

GUARANTEE 01

Validator-Executor Split

The Hook validates but cannot settle. The Router settles but cannot validate. Neither holds state. Compromise of one component is insufficient.

GUARANTEE 02

Client-Side Sovereignty

Proof generation occurs exclusively in the operator's browser via the WASM binary. The protocol has no server component that touches cryptographic material.

GUARANTEE 03

Zero Persistence

No database, no cache, no local storage, no cookies. The system is incapable of retaining state beyond the active session. The Purge is the architecture.

Execution Flow

The end-to-end lifecycle of a single IdentiFI-authorized operation. Every step is deterministic. The outcome is always binary: authorized or reverted.

I
Operator → X-Core Engine

Initialize Genesis + Bind Strands

Operator initializes the X-Core Engine. The primary wallet (Genesis Node) is connected. Secondary wallets (Strands) are each individually bound via EIP-191 signature. All operations remain local to the WASM sandbox — no on-chain calls.

II
Engine (Local)

Forge Master Signal (Blinded Proof)

The X-Core Engine forges the Master Signal — a blinded authority proof derived from all Strand signatures synchronized under the Genesis Node key. Nonces are salted with recentBlockHash + validatorTimestamp to prevent replay. Internal payload is constrained to a minimum of 1,100 bytes, compressed to exactly 160 bytes on-chain.

III
Operator → Router

Submit Swap + hookData Broadcast

The operator submits the swap transaction to the JobberUniversal router, embedding the Master Signal as hookData. The payload is opaque to block explorers — no wallet linkage is exposed to passive observers.

IV
Hook · Gatekeeper

Validate Proof Integrity & Signature

The beforeSwap Hook receives the payload, reconstructs and validates the proof integrity and temporal binding. The Hook stores zero state from either path.

AUTHORIZED
Hook proceeds to settlement · 0.066% fee captured
UNAUTHORIZED
Revert — UNAUTHORIZED_AUTHORITY_SIGNAL
V
Engine · Local

Settlement + The Purge

The trade settles. A 0.066% fee is routed to the Treasury. Simultaneously, the X-Core Engine executes The Purge — all in-memory cryptographic material is irreversibly destroyed. Master Signal, Strand signatures, intermediate computation artifacts: all gone.

THE PURGE · All session state destroyed · Irreversible

THE PURGE IS NOT A FEATURE

Session termination triggers immediate, irreversible destruction of all in-memory cryptographic material. This includes the Master Signal, all Strand signatures, and any intermediate computation artifacts. This is not a feature toggle. It is the architecture.

Stateless Reconciliation Layer

Traditional protocols rely on databases to reconcile transactions and assign data. IdentiFI completely eliminates this dependency through Fractional Value Reconciliation — a deterministic, on-chain assignment mechanism to validate payment and generate the Master signal without needing to expose any wallet involved in the process.

FRACTIONAL SIGNATURES

Each transaction processed through the protocol receives a unique sub-decimal value attribution (e.g., 132.333333 USDC). This fractional component acts as a cryptographic pointer, enabling precise reconciliation against blockchain state without any off-chain storage.

PRIVACY-PRESERVING ACCOUNTING

Public explorers display only standard ERC-20 transfers. The fractional attribution is invisible to passive observers, preventing metadata linkage and transaction graph analysis. The accounting is fully verifiable by any third party inspecting the chain.

REDUNDANT RPC MESH

Signal availability is maintained through triple-node redundancy — 3 independent RPC endpoints per network across 5 major EVM chains. This architecture ensures operational continuity even during infrastructure degradation events.

NO OFF-CHAIN STORAGE

The protocol cannot reconstruct session data, attribution logs, or user behavior from blockchain state alone. The on-chain footprint is indistinguishable from any standard ERC-20 transfer to passive observers.

How It Works

The reconciliation mechanism is simple by design: rather than maintaining a separate database that maps user identities to transactions, IdentiFI encodes attribution data directly into the sub-decimal precision of token transfers.

RESULT

The protocol has zero need for a backend database, no need for user accounts, no need for KYC. This is privacy by architecture, not by policy.

Security Model

IdentiFI's security posture is grounded in engineering discipline, not obscurity. Every guarantee described below is a direct consequence of the system's architectural constraints — not policy, not compliance theater, not marketing copy.

Cryptographic Guarantees

MECHANISMIMPLEMENTATIONTHREAT MITIGATED
EIP-191 Signed ProofsEach Strand produces a standard Ethereum personal signature binding it to the Genesis Node. Forged authority claims are computationally infeasible without the corresponding private key.Forged authority claims
Temporal BindingProofs are anchored to strict temporal windows derived from on-chain block state. Every signal has a provable time-of-forging. Stale signals are cryptographically invalid.Replay attacks
Nonce SaltingOne-time nonces derived from recentBlockHash + validatorTimestamp. Each Master Signal is unique and bound to its forging window.Signal interception & reuse
Proof Size EnforcementMaster Signal payloads are constrained to strict byte boundaries by the WASM engine. Undersized or oversized payloads are rejected before reaching the Hook.Injection & overflow attacks
Memory IsolationAll cryptographic operations execute within the WASM sandbox — no DOM access, no network I/O during proof generation. Side-channel leakage is architecturally prevented.Side-channel leakage

Architectural Guarantees

ZERO PERSISTENCE

No database, no cache, no local storage, no cookies. The system is incapable of retaining state beyond the active session. This is not a configuration — it is a constraint.

CLIENT-SIDE SOVEREIGNTY

Proof generation occurs exclusively in the operator's browser. The protocol has no server component that touches cryptographic material. The user owns the entire validation pipeline.

VALIDATOR-EXECUTOR SEPARATION

The on-chain Hook (validator) and Router (executor) are architecturally decoupled. The Hook cannot settle trades; the Router cannot validate proofs. Neither holds state.

THE PURGE PROTOCOL

Session termination triggers immediate, irreversible destruction of all in-memory cryptographic material. Master Signal, Strand signatures, intermediate computation artifacts — all destroyed in a single atomic operation.

What We Don't Do

Equally important as what the protocol does is what it explicitly does not do. The following are architectural impossibilities, not policy decisions:

EXPLICIT DENIALS

  • We do not rely on trusted third parties, oracles, or off-chain attestation services of any kind.
  • We do not store, transmit, or log any user-identifying information at any layer of the stack.
  • We do not expose internal proof-generation logic. The WASM binary is a compiled, sealed execution unit.
  • We do not maintain session state, JWT tokens, or any other persistent authentication artifact.
  • We do not require KYC, account creation, email verification, or any identifying user input.
  • We do not run any backend infrastructure that could be subpoenaed, hacked, or shut down.

Threat Model Summary

An attacker attempting to compromise an IdentiFI operation would need to simultaneously:

  1. Obtain the private key of the Genesis Node (or enough Strands to forge a valid proof).
  2. Defeat the WASM sandbox to extract in-memory cryptographic material.
  3. Reproduce a valid temporal binding within the active nonce window.
  4. Intercept a Master Signal mid-broadcast and replay it within milliseconds — before the next block is mined.

Each of these attacks is independently difficult. Their combination is computationally infeasible under realistic threat models.

Economic Model — The 33/3 Yield Engine

IdentiFI operates on a Pure Utility Economy. There is no native token. There is no speculation vector. Protocol revenue is generated exclusively through usage fees and redistributed to validated participants in real assets — USDC, quarterly, on-chain.

Revenue Streams

The protocol captures value through three primary channels:

→ CHANNEL 01

IdentiFI Core (Generator)

Premium proof generation and advanced cluster management features exposed through the sovereign portal. Direct revenue from power users.

→ CHANNEL 02

SDK Integration Fees

Fee-sharing agreements with partner dApps that utilize the IdentiFI Authority Layer for swap gating, cross-pool authorization, or cluster management.

→ CHANNEL 03

Hook Settlement Fees

Automated fee capture from every swap routed through IdentiFI-enabled Uniswap v4 pools. Fixed at 0.066% per swap, captured at the settlement layer.

The 33/3 Distribution Model

Gross protocol revenue (sum of all three channels) is split according to a deterministic, on-chain distribution model:

33/3 YIELD ENGINE · GROSS PROTOCOL REVENUE (Core + SDK + Hook Settlement Fees)
Distribution Pool (Quarterly)
33%
Protocol Treasury (R&D + Operations)
67%
50%
VALIDATED SWAPPERS
50%
LIQUIDITY PROVIDERS
100%
USDC SETTLEMENT

Distribution Mechanics

Every aspect of the distribution process is engineered to preserve the protocol's privacy and anti-sybil guarantees:

QUARTERLY EPOCHS

Revenue distribution occurs on a fixed 3-month cycle, ensuring sustainable and predictable yield for validated participants. No ad-hoc distributions. No governance votes required.

ANTI-SYBIL ENFORCEMENT

Only operators validated through the X-Core Engine are eligible for distribution. The same stateless proof mechanism that gates swaps also gates yield claims — preventing bot farms and sybil attacks on the reward pool.

REAL ASSET SETTLEMENT

All distributions are denominated and settled in USDC. No synthetic tokens, no vesting, no governance theater. You claim, you receive.

PRIVACY-PRESERVING CLAIMS

The claim process maintains the Master Signal's integrity. There is no linkage between the reward transaction and the operator's cluster identity. Your treasury remains opaque.

SPECULATION VECTOR: NONE

Because there is no native token, there is no token to speculate on, no liquidity pools to manipulate, no governance to capture. The protocol's economic value is fully derived from utility — fees paid for validated operations.

SDK & Adapter Architecture

IdentiFI is evolving from a Uniswap v4-focused protocol into a Universal Authority Layer. The X-Core Engine remains agnostic to execution destination — its sole function is the cryptographic forge and validation of authority proofs.

Integration Capabilities

CAPABILITYTECHNICAL SPECIFICATION
WASM Proof ValidationClient-side verification at native speed. Zero network latency. The engine never makes outbound calls during proof generation.
Universal Authority LayerCross-pool liquidity authorization without fund movement or wallet linking. The X-Core is the only source of truth for cluster authority.
SkinWalker ProtocolInstant cryptographic signature rotation on cluster compromise detection. Operators can rotate their authority proofs without moving funds or changing addresses.
Hook-Native SettlementDirect integration with Uniswap v4 beforeSwap lifecycle for atomic validation. Single-transaction settlement with built-in authority gating.
TypeScript SDKStrongly-typed wrapper layer for third-party integration safety. Adapters are versioned and pinned.

Expansion Roadmap

→ 01

X-Core WASM

The computational nucleus remains agnostic to destination. Maintained in Rust/WASM for maximum performance and security. The TypeScript SDK layer adds strong typing and third-party integration safety without compromising the engine's isolation.

→ 02

Adapter Pattern

Polymorphic payload system supporting both Uniswap v4 (Hook-Native) and Standard (Router-Wrapper) modes. New DEXs and L2s require only a new adapter — the cryptographic engine never changes.

→ 03

Dataless UX

No database on the protocol side. Partner dApps can store sealed/blinded Master Signals as "convenience vaults" without access to contents — eliminating friction without compromising privacy.

Adapter Modes

The SDK supports two execution modes. The choice depends on whether the target DEX supports Hooks:

MODE STANDARD · ROUTER-WRAPPER

V3 & Legacy DEX Compatibility

The Master Signal is encapsulated in a structure compatible with JobberUniversal or any custom router wrapper. Authority validation occurs before routing, with full revert-on-failure semantics.

Best for: Uniswap v3, SushiSwap, PancakeSwap, and any DEX without native Hook support.

SCALABILITY PROPERTY

The X-Core Engine never needs to change. Adding a new DEX or chain requires only a new adapter. This is polymorphic payload architecture — the cryptographic truth is universal; only the transport differs.

Active Deployments

IdentiFI Protocol is fully deployed on the Unichain Sepolia L2 Testnet (Chain ID 1301) with all core components funded and operational. All addresses are independently verifiable on the Unichain Blockscout explorer.

CONTRACTADDRESS
Pool Hook (HOOK)0x1a74c207668D0BF33857a3A2Dc02fd7a911A4080
Router (JobberUniversal)0x86eB0886875Fd2028B92940B81aF7316bC69DbD4
Dynamic Faucet0x143985b680cf0A940Bc33278cbcA4F93399382AC
Mock USDT (mUSDT)0xE05454d256cE63ae75DF334ec6e0f1DC3e972E06
Mock USDC (mUSDC)0xD1F4C92Fa1436aB2D110a02Df56224Ed0A4f5860
Treasury (IdentiFITreasury)0x84D526430A9350310ccbbe4Abd739eDea929A4f1

Multi-Chain Strategy

IdentiFI's architecture is designed for horizontal scaling across EVM-compatible networks. The current production target is Unichain Sepolia for the Hookathon incubator evaluation; expansion to Ethereum mainnet, Arbitrum, Base, Optimism, and Polygon is part of the post-launch roadmap.

Each chain deployment is independent and isolated. There is no cross-chain state, no shared session data, no unified identity graph — by design. The cluster proof mechanism works identically on every chain, but the on-chain attribution and yield distribution are scoped per deployment.

Protocol Parameters

The following parameters are enforced at the contract and engine level. They are not configurable at runtime. Any deviation in deployed contracts constitutes a fork and is not endorsed by the IdentiFI engineering team.

PARAMETERVALUEENFORCEMENT LAYER
protocol_swap_fee0.066%Settlement Contract · JobberUniversal
yield_distribution_ratio33 / 67 (quarterly / treasury)IdentiFITreasury
distribution_split50 / 50 (swappers / LPs)IdentiFITreasury
proof_constraint_internal≥ 1,100 bytesX-Core Engine · WASM
proof_constraint_onchain160 bytesIdentiFI Hook · hookData
supported_networks5 EVM ChainsClient Config · Triple RPC
session_persistenceNONE (volatile memory only)Architecture · Enforced

IMMUTABLE BY DESIGN

The protocol fee, the yield split, the proof size constraints, and the zero-persistence rule are not configurable parameters — they are protocol invariants. Changing them requires a new contract deployment, not an admin key.

System Requirements

Minimum toolchain and runtime requirements for development, integration, and evaluation:

DEPENDENCYMINIMUM VERSIONPURPOSE
Node.js16+Development toolchain & build orchestration
Rust1.70+X-Core Engine compilation
wasm-packlatestRust → WebAssembly compilation target
Web3 WalletMetaMask / compatibleEIP-191 signature provider for Strand binding
BrowserWASM-compatibleChrome 90+, Firefox 89+, Safari 15+
RPC Endpoints3 per chainRedundancy for signal availability

License & Intellectual Property

IdentiFI Protocol is proprietary software. All source code, compiled binaries, cryptographic algorithms, and architectural designs are the exclusive intellectual property of the IdentiFI engineering team.

SOURCE CODE

Not licensed for redistribution, modification, or derivative works without explicit written authorization. Closed-source by design — the cryptographic primitives and proof forge logic are not public.

WASM BINARIES

Compiled, sealed execution units. Reverse engineering, decompilation, or binary analysis is strictly prohibited under the protocol terms. The WASM artifact is a black box by design.

DOCUMENTATION

This document is provided for technical evaluation purposes only. Reproduction, distribution, or republication requires written authorization from the IdentiFI engineering team.

INQUIRIES

For security disclosures, see SECURITY.md. For licensing inquiries, NDA evaluation, and SDK access, contact the IdentiFI engineering team directly via the channels listed in the footer.

NOTE: The information and parameters outlined in this session are subject to ongoing refinement and updates as the protocol evolves.