PikaPay - On-chain Privacy-Preserving Payroll , Leveraging Attestations to Verify Funds

Project Name: PikaPay
Project Track: Defi
Team Name: Team PikaPay
Team Member(s): @ferrari
Project Video: https://youtu.be/8yzATLRx9pg
Project Website: https://pikapayy.netlify.app/
Devpost Url : PikaPay | Devpost

Project Description :

PikaPay allows companies to optimize their on-chain payroll processes while safeguarding sensitive information. Utilizing attestations, it effectively tracks legitimate funds within a secure mixer pool. This approach facilitates seamless payroll transfers and gives employees the option to verify their funds’ source when regulatory scrutiny arises. When fund provenance is not an issue, PikaPay prioritizes privacy, enabling employees to receive payments without disclosing unnecessary details. This dual functionality positions PikaPay as a robust solution for modern payroll needs on the BTTC chain.

Project Goal :

The goal of PikaPay is to enable companies to securely pay employees on-chain while keeping transaction details private. By using attestations and a mixer pool, legitimate funds can be verified when needed, while maintaining privacy when the source of funds isn’t required. This ensures both transparency and privacy as needed.

Project Value

Integrating PikaPay with blockchain technology offers numerous benefits, including enhanced privacy through zero-knowledge proofs, greater transparency in fund tracking, and compliance with regulatory requirements. This ensures that both employers and employees can transact with confidence, knowing that fund legitimacy can be proven when necessary, all while protecting sensitive information.

Working of PikaPay

The PikaPay contract facilitates batch-based tokenized attestations on BTTC, allowing batch owners (employers) to pay their employees on-chain privately . Here’s how it works:

  1. Batch Creation: An employer deposits tokens to create a batch with an attestation (metadata) describing the source and purpose of the funds. The deposited tokens are represented by a fractionalized token contract.

  2. Ownership Transfer: The contract allows owners to internally transfer beneficial ownership using ZKPs to privately validate the balance and update commitments on-chain, thus ensuring privacy without revealing exact amounts or addresses publicly.

  3. Withdrawals: Beneficiaries can withdraw tokens either with or without attestation. If withdrawn with attestation, the withdrawal event includes metadata. If they want to remain anonymous, they can withdraw the funds without revealing the related attestation

  4. Finalization and Updates: Once all tokens in a specific group or batch are withdrawn, the batch is finalized. Batch owners can also update the attestation details, as long as the batch isn’t finalized.

  5. Additional transfers The beneficiaries who has received the fund can perform as many additional beneficial rights transfers as they want within the mixer pool.

Project Test Instructions:

Prerequisites

  1. Wallet Setup: Ensure you have a wallet that supports BTTC testnet and have any ERC20 token.

Steps:

1. Deposit Payroll Funds:

  • Log in to PikaPay on the BTTC testnet.
  • Fill the required field and then click on the deposit button to deposit your USDT into the mixer pool.
  • During the deposit process, sign an attestation . (this Include details about the source and purpose of the funds) , approve your tokens and confirm the transaction .
  • Go the transaction logs and ensure the batchId of the deposit, you will get batchId on alert message.

2. Transfer Beneficial Rights:

  • Fill the required fields like BatchId , amount and recipient address and click on the transfer button , (this will transfer portions of your beneficial rights both USDT and fractional attestation tokens to the intended recipient)

3. Withdraw Funds:

  • When ready to withdraw, beneficiaries can choose between:

    • Attested Withdrawal: Fill the required fields like batchId and amount of funds, to request an attested withdrawal verifying the source of the funds…
    • Anonymous Withdrawal: You can also withdraw privately without revealing the actual attestation.

Smart Contract links:

Project Milestones:

(Done) Milestone 1: Core Functionality Development (Days 1-5)

  • Develop smart contracts for payroll transactions.
  • Integrate the Ethereum Attestation Service and implement the mixer pool.
  • Deploy smart contracts and functional payroll pool.

(Done) Milestone 2: User Interface and Testing (Days 5-10)

  • Create a user-friendly frontend .
  • Connect the frontend to smart contracts and conduct usability testing.

(In Progress) Milestone 3: Implementing Zkp function (Days 10-15)

  • To implement zero knowledge proof privacy feature that will allow user to transfer the beneficiary right of the funds into mixing pool , also deploy the app on BTTC mainnet.
20 Likes

If I am correct, this is your second project submission in this hackaTron S7 and you are running the two projects in solo?
How will you ensure the smooth running of these projects post hackathon. Or are they going to be dumbed after the hackathon?

4 Likes

How does the integration of PikaPay with blockchain technology enhance privacy and transparency for transactions between employers and employees?

Welcome to hackathon S7
Knowing that security and privacy is very important in our activity, what steps have you put in place in ensuring that important information and payment are well secured from hackers.

What measures have you put in place to prevent unauthorized person from gaining access or manipulate the system.

Welcome to the Hackathon of season 7, please you have plenty area marked as coming soon update it, thank you

1 Like

Welcome to season7. When will you update those?

Yeh yeh! working on it :slight_smile:

Yep, you got it! Its my second submission for HackaTron S7, and I’m flying solo.
Don’t worry, I won’t let them gather dust! I’ve got big plans post-hackathon. I’m all about user feedback and updates, so these projects are here to stay!

1 Like

Welcome to Hackathon Season 7, word on the streets is; you have to update your project submission.

1 Like

Welcome to Grand hackathon S7
Just seeing that Alot still needs to be updated

2 Likes

Integrating PikaPay with blockchain technology enhances privacy and transparency in several ways:

  1. Privacy Through Zero-Knowledge Proofs: Employees can receive payments without revealing sensitive information, ensuring their financial details remain confidential.
  2. Transparent Fund Tracking: Blockchain provides a transparent ledger that tracks transactions, allowing both employers and employees to verify fund legitimacy without compromising privacy.
  3. Attestation Mechanism: By using attestations, PikaPay can confirm the source of funds when needed, ensuring compliance without exposing unnecessary details.
2 Likes

Hello … Dear @ferrari
I read you answer and understand it.
Thanks for replying with detailed

1 Like

Step-by-Step Explanation of pikapay working through example :

1. Employer Sets Up:

  • Example: The organization, Tron Dao Forum, wants to pay its employees through PikaPay.
  • Tron Dao Forum logs into PikaPay on the BTTC testnet and ensures it has some USDT for payroll.

2. Depositing Payroll Funds:

  • Tron Dao Forum fills in details about the funds, like the purpose (employee salaries) and their organization name.
  • They deposit the USDT into a mixer pool.
  • During the deposit, they create an attestation (a digital note) that explains the source and purpose of the funds.

3. Minting Fractional Attestation Tokens:

  • After depositing, a special token called a fractional attestation token is automatically created.
  • If Tron Dao Forum deposited 1,000 USDT, they receive 1,000 fractional tokens.

4. Transferring Beneficial Rights:

  • Tron Dao Forum goes to their transaction logs and finds the batch ID for their deposit.
  • They fill in the necessary fields to transfer portions of their rights to their employees (e.g., Employee A gets rights to 100 USDT and its corresponding fractional tokens).
  • This transfer keeps details private, thanks to zkp.
  • Employees like Employee A can also choose to transfer their beneficial rights to other employees if needed within the mixer pool.

5. Withdrawing Funds:

  • When employees want to take their money out, they have two options (though currently, only one is available):
    • Attested Withdrawal: They can request to withdraw USDT and receive their fractional tokens, proving the source of the funds.
    • Anonymous Withdrawal: (Not available right now) They could withdraw their amount privately without revealing the attestation ( This feature is currently under development ) .

Example in Action

  • Tron Dao Forum deposits 1,000 USDT into PikaPay.
  • An attestation is created to show the funds are for salaries.
  • They receive 1,000 fractional tokens for the deposit.
  • Employee A gets rights to 100 USDT and corresponding tokens.
  • When ready to withdraw, Employee A can request an attested withdrawal to receive the tokens and prove where the funds came from , or they can choose to withdraw it anonymously.

Key Features

  • Privacy: Employees can receive payments without revealing sensitive details.
  • Transparency: The system allows employers to prove fund legitimacy if needed.
  • Compliance: Helps meet regulatory requirements while keeping transactions confidential.
1 Like

Sweet . Let me know if you have any other doubts :slight_smile:

@ferrari I am testing this project. Could you please send some test USDT to this address for testing?
0x8626f6940E2eb28930eFb4CeF49B2d1F2C9C1199

thanks.

2 Likes

done :slight_smile: let me know if you got that?

@ferrari
I have received the USDT, thanks, but I’m encountering an issue when trying to deposit during testing. It appears that the transaction cannot estimate gas properly, which might be due to insufficient error handling in the smart contract. The error message reads: ‘Error depositing funds: Cannot estimate gas; transaction may fail or manual gas limit adjustment may be required.’ The reason provided is ‘execution reverted’. It looks like the smart contract needs improvements in handling errors for this scenario.

2 Likes

Oops i have send you the wrong tokens :slight_smile: sadly let me send you the correct one. And you try again then tell me

2 Likes

everything is working fine from my side :slight_smile:

Bittorent Chain Transaction Hash (Txhash) Details | BTTCScan I have send you 50 usdt here Lets try again and let me know :wink:

If you face any problem try watching the demo video :slight_smile:

2 Likes

@ferrari this time deposit was successful. But I did not get the batchId, did not get any alert. In the logs which field is actually a batchId?