Confidential on-chain payroll for the modern workforce.
Pay contractors on Ethereum while keeping every salary amount, payee identity, and payment status fully encrypted on-chain — powered by Zama's Fully Homomorphic Encryption and ERC-7984 confidential tokens.
BlocPaie is an invoice-to-payment platform where companies create on-chain payroll vaults and pay contractors with sponsored, gasless transactions — no MetaMask, no gas fees, no exposed salaries.
- Privacy by default — salary amounts, payee addresses, and cheque statuses are stored as FHE ciphertexts. Nobody on-chain — including the contract itself — can read them in plaintext.
- Passkey-native — wallets are Porto smart accounts backed by WebAuthn passkeys. No seed phrases.
- Gasless — all transactions are sponsored via Ithaca Relay. Companies and contractors pay nothing in gas.
- Two vault modes — a transparent ERC-20 vault for compliance-first setups and a confidential vault for full privacy.
Company Contractor
│ │
├─ 1. Create vault (ERC-20 or Confidential) │
├─ 2. Deposit USDC / cUSDC │
├─ 3. Approve invoice │
├─ 4. Register cheque on-chain │
│ └─ Confidential: encrypted payee + amount
│ │
│ ┌────────────┤
│ │ 5. Execute cheque
│ │ USDC / cUSDC transferred
│ │ 6. Decrypt cUSDC balance (optional)
│ │ 7. Unwrap cUSDC → USDC (optional)
│ └────────────┤
├─ 8. Withdraw remaining funds │
| Data | ERC-20 Vault | Confidential Vault |
|---|---|---|
| Salary amount | Public | Encrypted (FHE) |
| Payee address | Public | Encrypted (FHE) |
| Cheque status | Public | Encrypted (FHE) |
| cUSDC balance | — | Holder only (Zama userDecrypt) |
The backend stores plaintext invoice metadata — amounts, contractor names, company details, and transaction history — so the dashboard can display information instantly without requiring the user to decrypt on-chain data on every page load. Decryption via Zama's KMS involves on-chain ACL grants and KMS round-trips; caching the results off-chain keeps the UX responsive.
The on-chain contracts never see plaintext. All sensitive values (salary amounts, payee addresses, cheque statuses) are FHE-encrypted client-side in the browser before any transaction is submitted. The backend is a UX layer — the vault contracts are the source of truth for all payments.
BlocPaie treats the blockchain not as a ledger of readable transactions, but as an immutable verifiability layer. Every salary registration, cheque execution, and cancellation is recorded on-chain with a cryptographic commitment — permanently timestamped and tamper-proof — without ever exposing the underlying amounts or identities.
This has meaningful implications for corporate audits and regulatory compliance. An auditor can independently verify:
- That a payment was made, and when
- That the on-chain commitment matches the invoice hash held by the company
- That no cheque was executed without prior registration
All of this is provable without decrypting a single salary figure. Zama's FHE ensures the sensitive details remain confidential while the blockchain guarantees the integrity of the record. As regulatory frameworks around blockchain-based payroll mature, this architecture positions BlocPaie to satisfy compliance requirements without compromising employee privacy.
| Repo | Description |
|---|---|
| contracts | Solidity smart contracts — ERC20Vault, ConfidentialVault, VaultFactory, cUSDC (ERC-7984). 88 tests. |
| backend | Express REST API — company/contractor identity registry, invoice lifecycle, vault transaction history. |
| frontend | Next.js dApp — company and contractor dashboards, Porto passkey auth, client-side FHE operations. |
| Layer | Technology |
|---|---|
| Chain | Ethereum Sepolia |
| Smart contracts | Solidity 0.8.28, OpenZeppelin 5, Zama fhEVM |
| Confidential token | ERC-7984 — cUSDC wrapping USDC |
| Wallet & auth | Porto (EIP-7702 smart accounts, WebAuthn passkeys) |
| Gas sponsorship | Ithaca Relay + Porto merchant route |
| FHE | Zama @zama-fhe/relayer-sdk |
| Frontend | Next.js 16, React 19, Wagmi 3, viem 2 |
| Backend | Node.js, Express 4, MongoDB, Mongoose, Zod |
| Contract | Address |
|---|---|
| VaultFactory | 0x619B322e1D722F86294B4d7dF92B42c89B3456aB |
| MockUSDC | 0xe89D1caF047aEc9F7f0F3623F799F3bc321fFc9c |
| ConfidentialUSDC (cUSDC) | 0x8a486Fa9c123ADc482d383f9fe8A48adaD7fBc17 |
| Item | What's missing today | What it would unlock |
|---|---|---|
| Event Indexer | The backend stores transactions only when the frontend explicitly POSTs after a confirmed tx. If the browser closes mid-flow or a tx lands without a frontend session, it's never recorded. | A background service listening to ChequeRegistered, ChequeExecuted, FundsDeposited etc. would keep the DB in sync regardless of client state — making the transaction history fully reliable and enabling real-time dashboard updates. |
| Merchant route sponsorship filter | sponsor() currently returns true for every incoming request — anyone who hits the endpoint can get arbitrary transactions sponsored. |
Allowlist the vault factory + vault + cUSDC contract addresses so only BlocPaie contract calls are sponsored. Eliminates gas-drain abuse. |
| Limitation | Detail | Resolved when |
|---|---|---|
| Ephemeral decrypt keypair | Zama's KMS validates userDecrypt requests via secp256k1 ECDSA signatures. Porto wallets use WebAuthn P-256 passkeys, which the KMS cannot verify directly. As a workaround, BlocPaie generates a short-lived secp256k1 keypair (decryptViewer) in the browser on every decrypt, grants it ACL access on-chain, uses it to sign the KMS request, then discards it. This costs an extra on-chain transaction and briefly materialises a secp256k1 private key in browser memory. |
Zama KMS adds EIP-1271 support — allowing the KMS to call isValidSignature on any smart contract wallet (Porto, Safe, Coinbase Smart Wallet, etc.) and authorise decryption via the wallet's own signature scheme directly, with no ephemeral key needed. |
| Item | Notes |
|---|---|
| ZK audit proofs | Current audit model is hash-based (off-chain invoice data matched against on-chain invoiceHash). A future tier using Zama's verifiable FHE or a ZK proof would let auditors cryptographically verify that the encrypted on-chain values match the committed hash — without decrypting anything. |
| ACL-based auditor access | Vault owners could call TFHE.allow(handle, auditorAddress) to grant a specific auditor read access to individual cheque handles, enabling targeted compliance review without exposing the full payroll. |
| Item | Notes |
|---|---|
| Bulk payroll | Register and execute multiple cheques in a single ERC-5792 wallet_sendCalls bundle. One passkey tap pays the entire team. |
| Recurring invoices | Auto-register a cheque every N days for a fixed retainer. Requires session keys (Porto wallet_grantPermissions) so the company doesn't tap every cycle. |
| Session keys / automation | All actions currently require a live passkey signature. Granting scoped session keys would allow scheduled payments and contractor self-service execution without a manual approval step each time. |
| Contractor invite links | Currently contractors register manually and share their ID out-of-band. A signed invite link would let companies onboard contractors in one click. |
| Push notifications | Notify contractors via email or push when an invoice is registered on-chain and ready to execute. |
| Multi-token support | USDC is the only supported token. EURC and DAI are in scope per spec — each requires a separate vault per token since the token is immutable at construction. |
| Multi-chain | Deploy to an L2 (Base, Arbitrum) once Zama coprocessor support is available there. Lower gas for ERC-20 vaults even today. |
| Accounting integrations | CSV export is the floor. Native QuickBooks / Xero sync via invoice metadata would close the loop for finance teams. |
| Fiat on/offramp | Currently crypto in, crypto out. The most impactful upgrade would be on the offramp side: when a contractor executes a cheque, the USDC settlement could be automatically converted and pushed to their bank account — no exchange account, no manual withdrawal. Integrating a provider like Stripe Treasury, Bridge, or MoonPay at the point of cheque execution would make BlocPaie a true end-to-end payroll system where the contractor simply taps "Execute" and the salary lands in their bank. On the deposit side, a fiat-to-USDC on-ramp would remove the crypto-native prerequisite for companies funding their vault. |
