chaum — private payroll on Starknet
skip to disclosure demo
chaum
book a call

private payroll · starknet · strk20

Every amount private.
Every total provable.

Chaum pays your contributors on Starknet with per-recipient amounts hidden from each other and from the public — while you prove aggregate spend to auditors and each recipient proves their own income. An autonomous agent runs every cycle under hard on-chain limits. It never holds your funds, and it can only pay the people you approved.

Read the architecture

built on starknet · STRK20 · native account abstraction · erc-8004

fig. 01 — disbursement treasury → six recipients
TREASURY
DISBURSED THIS CYCLE: 142,800 USDC

selective disclosure

Same data. Three viewers.

The public sees only the total. The auditor proves the total without the split. Alice proves her pay and nothing else. One ledger, cryptographically different views.

What anyone watching the chain sees.

viewing key accepted

recipient amount
{{ row.idx }}
{{ row.handle }}
income-proof: ·export
{{ row.amountText }}
cycle total 142,800 USDC agg-proof:

mechanism

The agent proposes. The contract disposes.

01

Fund and set policy.

Deposit a cycle's funds and define the rules: your approved payee set, a cap per recipient, a cap per cycle, and how often cycles may run. The policy lives on-chain.

02

Delegate one key.

Grant the agent a session key scoped to a single function: run a disbursement. It cannot withdraw, cannot pay anyone outside your list, and cannot exceed your caps — the contract rejects everything else.

03

It pays, privately.

Each cycle, the agent commits to every amount, the contract verifies the amounts sum to the cycle total, and recipients are paid. Individual figures are hidden; the total is provable to anyone you authorize.

the boundary

Designed around its own compromise.

Assume the agent's key is stolen. The thief can do exactly one thing: pay the people you already approved, from the funds you already deposited, within the caps you already set, no more often than your cadence allows — every condition re-checked on-chain before a token moves. There is no code path that sends funds to anyone else, or back to anywhere but your own wallet. Pause or revoke the key in one transaction. Every cycle is recorded on-chain under an ERC-8004 agent identity.

compliance

Private to the public. Provable to the people who need it.

private

Per-recipient amounts — hidden from other recipients and from anyone watching the chain.

No salaries leaked, no comp benchmarking off your treasury, no copy-paying.

provable

Aggregate spend — provable to auditors without the split.

Each recipient's own income — provable for tax filing.

The compliance model traditional payroll already uses, on-chain, with no intermediary holding the money.

selective disclosure is math, not policy.

trajectory

Provable now. Fully shielded next.

V1 · NOW

Testnet. Private amounts via on-chain commitments, autonomous cycles under policy, the disclosure proofs above — live on Sepolia.

V2

STRK20 shielded transfers end-to-end, so the payments themselves are private on-chain, not only the amounts. Recurring schedules and alerting.

V3

Multi-asset treasuries, external review, and scale.

Put a private payroll on autopilot.

Building on STRK20 and paying contributors who'd rather their comp stayed private? Book a call, or leave an address for testnet access.

{{ formError }}

on the list · watch the repo