This guide provides comprehensive instructions for testing and deploying the Confidential ERC-3643 (UCEF3643) token implementation.
This implementation combines the privacy-preserving features of UCEF (Unopinionated Confidential ERC-20 Framework) with the compliance and identity verification capabilities of ERC-3643. While ERC-3643 provides robust regulatory compliance through identity verification and transfer restrictions, UCEF adds a layer of programmable confidentiality to protect sensitive financial data.
Key benefits of this integration:
- Programmable Privacy: Leverages UCEF's unopinionated approach to implement confidential balances and transactions while maintaining ERC-3643's compliance features
- Regulatory Compliance: Preserves all ERC-3643 compliance mechanisms including identity verification and transfer restrictions
- Flexible Implementation: Maintains cryptographic agnosticism while enforcing privacy using standard Solidity constructs
- Enhanced Security: Combines identity-based access controls with confidential transaction capabilities
This hybrid approach ensures that regulated entities can benefit from privacy-preserving features while maintaining full compliance with regulatory requirements.
The UCEF3643 token implementation includes:
- ERC-3643 compliance
- UCEF privacy
- Identity verification
- Compliance checks
- Token freezing capabilities
- Transfer restrictions
- Agent management
The UCEF3643 token implements a privacy-preserving event system that replaces standard ERC-20 events with private events that only authorized addresses can view.
Instead of emitting standard events like Transfer or Approval, the contract emits PrivateEvent with:
- allowedViewers: Array of addresses authorized to view the event
- eventType: Hash of the original event signature (e.g.,
Transfer(address,address,uint256)) - payload: ABI-encoded event arguments
EVENT_TYPE_TRANSFER: Private transfer eventsEVENT_TYPE_APPROVAL: Private approval eventsEVENT_TYPE_TOKENS_FROZEN: Private token freezing eventsEVENT_TYPE_TOKENS_UNFROZEN: Private token unfreezing events
Private events are only visible to:
- Affected addresses: The
fromandtoaddresses in transfers - Auditor: The designated auditor address (if set)
- Event participants: Owners and spenders in approval events
The contract includes an auditor role that can be set by agents:
function setAuditor(address _auditor) external onlyAgentThe auditor receives access to all private events for compliance and monitoring purposes.
- Confidential transfers: Transfer amounts and participants are only visible to involved parties
- Private approvals: Allowance changes are only visible to owner and spender
- Regulatory compliance: Auditors can monitor activity while maintaining user privacy
- Selective disclosure: Events are only visible to authorized viewers
This approach maintains full ERC-3643 compliance while adding programmable privacy through the private events system.
- Node.js (v14 or higher)
- pnpm (recommended)
- Hardhat
- Access to Silent Data credentials (for Silent Data deployment)
The token implementation is located in the contracts/ucef-3643.sol file. The root directory includes:
- Test fixtures
- Deployment script (scripts/deploy-suite.ts)
- Ignition module (ignition/modules/UCEF3643.ts)
-
Clone the repository:
git clone <repository-url> cd confidential-erc-3643
-
Install dependencies:
pnpm install
-
Compile contracts:
pnpm compile
-
Run all tests:
pnpm test
-
Start local Hardhat node:
pnpm chain
-
Configure environment:
Create a
.envfile in the root directory:PRIVATE_KEY=<deployer_private_key>
-
Deploy using Ignition:
pnpm deploy:module UCEF3643
-
Configure environment:
Create a
.envfile with Silent Data credentials:PRIVATE_KEY=<deployer_private_key> RPC_URL=<silent_data_rpc_url> CHAIN_ID=<silent_data_chain_id>
-
Deploy to Silent Data:
pnpm deploy:module UCEF3643 silentdata
| Module Name | Description |
|---|---|
| UCEF3643 | Basic UCEF3643 token deployment without initialization |
| UCEF3643Init | UCEF3643 token deployment with mock registry/compliance and initialization |
| UCEF3643Proxy | UCEF3643 token deployment with proxy pattern for upgradability |
The deployment script (scripts/deploy-suite.ts) deploys the complete T-REX suite including:
- ClaimTopicsRegistry
- TrustedIssuersRegistry
- IdentityRegistryStorage
- IdentityRegistry
- ModularCompliance
- TREXImplementationAuthority
- Token implementation (UCEF3643)
To use the deployment script:
pnpm script deploy-suiteTo use the deployment script with Silent Data network:
pnpm script deploy-suite silentdataThe script will output the deployment addresses to the a file DeploymentOutput.json in the out directory. It's possible to export the private keys of the accounts by prepending the EXPORT_PRIVATE_KEYS environment variable set to true.
EXPORT_PRIVATE_KEYS=true pnpm script deploy-suiteIf you encounter issues:
-
Clean build artifacts:
pnpm clean
-
Recompile contracts:
pnpm compile
-
Verify environment configuration
-
Check network connectivity
-
Ensure sufficient funds for deployment
- Always test thoroughly on local network before deployment
- Keep private keys and API credentials secure
- Back up deployment addresses and transaction hashes
- Monitor gas prices for optimal deployment timing
- Ensure all required contracts are properly deployed in the correct order
- Make changes to contracts
- Run tests to verify changes
- Deploy to local network for testing
- Deploy to testnet if required
- Deploy to production network
- Verify all contract interactions
- Implement proper access controls
- Test all security-critical functions
- Review compliance requirements
- Monitor for potential vulnerabilities
This project is licensed under the MIT License - see the LICENSE file for details.