Shielded Slippage

Shielded slippage is the difference between the expected price of a trade and the executed price that occurs within a private transaction. It protects the trader's exact execution price and trade size from being revealed on-chain, unlike transparent Automated Market Makers (AMMs) where all slippage is public. This is achieved by performing the price calculation and swap execution inside a zero-knowledge proof (ZKP) or other privacy-preserving environment before submitting a single, private transaction to the network.

• Privacy Benefit: Hides the trader's specific price impact and the exact size of their order from front-runners and analysts.
• Mechanism: The user's intended trade parameters are encrypted or committed to; the protocol computes the slippage privately and generates a proof of correct execution.

A cryptographic method that allows one party (the prover) to prove to another (the verifier) that a statement is true without revealing any information beyond the validity of the statement itself. In DeFi privacy, ZKPs are the core technology for shielded transactions and private computations.

• zk-SNARKs & zk-STARKs: Two prevalent ZKP systems used to create succinct proofs of transaction validity without revealing details.
• Application: Used to prove that a private swap was executed correctly according to the pool's rules, that a user has sufficient (hidden) balance, or that a transaction is valid, all without exposing the underlying data.

Cryptographic commitments allow a user to bind themselves to a secret value (like an amount or asset type) by publishing a disguised hash, called a commitment, which can later be revealed and verified. This is a fundamental building block for privacy-preserving ledgers.

• How it works: To hide an asset amount v, a user generates a commitment C = Hash(v, r) where r is a secret random blinding factor, and posts C to the blockchain.
• Later Verification: The user can reveal v and r to prove that C was a valid commitment to that amount without having exposed it initially. This enables hidden balances and confidential transactions.

A secure, isolated area within a main processor (CPU) that guarantees code and data loaded inside are protected with respect to confidentiality and integrity. In blockchain privacy, TEEs (like Intel SGX) act as a black box for executing sensitive operations.

• Privacy Mechanism: User transaction data is encrypted, sent into the TEE, decrypted and processed inside the secure enclave, and only the encrypted result or a validity proof is output.
• Use Case: Enables private smart contract execution and order matching for decentralized exchanges by keeping all state changes and computations confidential from the node operator and the network.

A form of encryption that allows computations to be performed directly on ciphertext, generating an encrypted result which, when decrypted, matches the result of the operations as if they had been performed on the plaintext. It enables private computation on encrypted data.

• Partial vs. Fully: Fully Homomorphic Encryption (FHE) allows arbitrary computations (addition and multiplication), while partially homomorphic schemes support one operation.
• Blockchain Application: Could allow a decentralized network to process transactions (e.g., calculate swap outputs) on encrypted user balances and trade orders without ever decrypting them, providing strong privacy guarantees.

Two complementary techniques primarily used for obfuscating transaction origin and destination on privacy-focused blockchains like Monero.

• Ring Signatures: Allow a user to sign a transaction on behalf of a group (ring), making it cryptographically provable that a member of the group signed, but impossible to determine which one. This provides sender ambiguity.
• Stealth Addresses: Automatically generate a unique, one-time public address for each transaction recipient. Only the sender and receiver can determine the link between this stealth address and the receiver's main address, providing receiver privacy. Together, they break the linkability of transactions on a public ledger.

Shielded slippage works by obfuscating the transaction's true slippage tolerance from public view until after block inclusion. Instead of broadcasting a clear maximum price, users submit a transaction with a commitment (like a hash) that contains the hidden parameters. The actual slippage limit is only revealed and validated during execution, preventing opportunistic bots from exploiting the visible information.

This is a direct countermeasure to Maximal Extractable Value (MEV) attacks, particularly sandwich attacks. In a standard swap, a bot sees a user's high slippage tolerance, front-runs the trade to buy the asset, and then sells it back to the user at a worse price. Shielded slippage makes this impossible because the attacker cannot determine if the trade is profitable to exploit before it's too late to act.

Common technical implementations include:

• Commit-Reveal Schemes: The user submits a transaction with a hash commitment of their parameters. A follow-up transaction reveals the actual data.
• Encrypted Mempools: Transactions are encrypted while in the public mempool and only decrypted by validators for execution.
• Private RPC Channels: Transactions are sent directly to trusted builders or validators via private channels, bypassing the public mempool entirely.

While enhancing privacy, shielded slippage introduces new trust considerations:

• Validator/Builder Trust: Users must trust that the block builder or validator will not itself exploit the private information.
• Protocol Complexity: Increases smart contract complexity and gas costs for the commit-reveal process.
• Latency: Can introduce slight execution delays, potentially missing the best market price if the reveal phase is slow.

Shielded slippage interacts closely with other MEV mitigation techniques:

• Fair Sequencing: Validators order transactions fairly, often used alongside shielding.
• Flashbots Protect & MEV-Share: Services that offer private transaction bundling to hide intent.
• Threshold Encryption: A cryptographic method where a group of validators must collaborate to decrypt a transaction, preventing any single entity from seeing it prematurely.

Aztec Connect was a pioneering zk-rollup that enabled private access to Ethereum DeFi. It implemented shielded slippage via batch processing and note encryption. Users submitted private intent to a rollup provider, who aggregated many requests into a single, public DEX transaction. The provider's public slippage was visible, but the cost attribution to any individual user's trade within the batch remained completely hidden.

A core cryptographic primitive for shielded slippage is the batch auction. Protocols like Penumbra use this to collect multiple trade orders over a period (e.g., one block), settle them simultaneously at a single clearing price, and only publish the net change to liquidity pools. This prevents external observers from deducing any single user's order size or direction, as the market impact is shared and anonymized across the entire batch.