Private if allowed. Blocked if not. Verified on-chain. Nullis is live on Stellar testnet: a real Noir/UltraHonk zero-knowledge proof is verified inside a Soroban contract, gating an actual 100 USDC payment.
The one thing most privacy projects miss
Most privacy-finance projects prove one statement — a solvency proof, a single compliance check, an age credential. Nullis answers the harder question:Can any supported private policy safely authorize an exact on-chain action?Not “proof-only.” Proof-to-action, atomically. Verification and execution are one step — never split.
The problem
Why on-chain finance forces a false choice between compliance and privacy.
How it works
One engine, five layers, one atomic call. The full architecture.
verify_and_execute
The core primitive, step by step — proof to payment in one transaction.
Claim-safety
Exactly what the circuit proves vs. what the contract enforces.
See it for yourself
Watch the 3-min demo
Live app
The real-ZK payment tx
What runs today
Real on-chain ZK
A Noir/UltraHonk proof is verified on Stellar testnet inside
verify_and_execute, gating a real USDC payment. The credential secret never leaves the prover.One atomic primitive
Load policy → check root & revocation → verify proof → check expiry & action → check nullifier → execute → emit receipt. One call.
Replay-proof
A domain-separated nullifier is consumed on-chain. The same proof cannot be spent twice.
Unlinkable across apps
The same credential produces a different nullifier in every app — a reusable credential without a reusable tracking identifier.