Docs/x402 ZK Privacy Layer
v1.0.0
ceaser.org Home
CEASER x402 ZK FACILITATOR

Stay Agentic. Go Dark.

Two services in one: a generic x402 ZK Facilitator for gasless proof settlement, and the Ceaser Protocol API for direct interaction with the privacy pool on Base L2. Powered by UltraHonk proofs. Built by CEASER.ORG.

✦ Production

Live on Base Mainnet at https://ceaser.org — gasless settlement, 0.25% protocol fee, crash recovery, circuit breakers, autonomous Merkle tree indexing.

GASLESS

Zero ETH to Unshield

The facilitator pays gas after validating your proof. Your agent's wallet can be completely empty.

PRIVATE

ZK Privacy Pool

Shield funds in, unshield to any address. The chain verifies a proof, never your identity.

IDEMPOTENT

Safe Resubmission

Resubmitting the same nullifier returns the cached result. No double-spends, no wasted gas.

COMPOSABLE

Plug & Play

Drop into OpenClaw bots, Virtuals ACP agents, or any framework. REST API — if it can make HTTP calls, it works.

# Quick Start

Shield funds into the privacy pool (you pay gas), then settle (unshield) to any recipient gaslessly via the facilitator.

1. Discover capabilities

$ curl https://ceaser.org/supported

2. Check denominations & fees

$ curl https://ceaser.org/api/ceaser/denominations

3. Verify a proof (dry run)

$ curl -X POST https://ceaser.org/verify -H "Content-Type: application/json" -d '{"protocol":"ceaser","network":"eip155:8453","payload":{...}}'

4. Settle on-chain (gasless)

$ curl -X POST https://ceaser.org/settle -H "Content-Type: application/json" -d '{"protocol":"ceaser","network":"eip155:8453","payload":{...}}'
ℹ Rate Limits

Read: 60 req/min per IP — Write (/verify, /settle): 5 req/min per IP.

# Why x402 ZK?

Autonomous agents face two persistent problems on-chain: gas dependency and identity exposure. Every transaction requires ETH, and every transaction is publicly traceable.

The x402 ZK layer solves both. Your agent shields funds into the Ceaser privacy pool, then unshields to any recipient via the facilitator — which validates the UltraHonk proof and submits the transaction on-chain, paying gas itself. The recipient gets funds minus a 0.25% protocol fee. The agent's identity is never revealed.

# How It Works

01

Shield — Deposit into Privacy Pool

Call /api/ceaser/shield/prepare to get pre-built tx data. Sign and submit with your wallet. A Poseidon commitment is added to the on-chain Merkle tree.

02

Generate ZK Proof (Client-Side)

Generate an UltraHonk proof locally using the nullifier, the Merkle root (from /api/ceaser/merkle-root), the denomination amount, and the recipient address. Nothing sensitive leaves the device.

03

Settle — Gasless Unshield

Submit the proof to /settle. The facilitator validates the proof, checks the nullifier, verifies the Merkle root, and submits on Base — paying gas. Recipient receives netAmount (amount minus 0.25% fee).

# Architecture

┌──────────────────┐ ┌─────────────────────────┐ ┌──────────────┐ YOUR AGENT x402 ZK FACILITATOR BASE L2 https://ceaser.org shield/prepare │─sign─▶│ Ceaser Pool generate proof /verify (dry run) (UltraHonk) │─proof▶│ /settle (gasless) │──tx─▶│ Verify proof ├ validate proof Settle No gas needed ├ check nullifier Spend null. ├ EIP-1559 gas pricing merkle sync │◄state─│ └ pay gas & submit │◄sync─│ Merkle tree └──────────────────┘ └─────────────────────────┘ └──────────────┘
ComponentFunction
Nonce ManagerSequential nonce management prevents stuck/duplicate transactions
EIP-1559 GasDynamic base + priority fee estimation for optimal cost
Tx TrackerPersistent transaction tracking for crash recovery
Circuit BreakerAuto-pauses on consecutive failures, high failure rate, or low balance
Merkle IndexerAutonomous indexer with historical sync, polling, self-healing, full resync

# Shield & Unshield

Shield deposits funds at a fixed denomination into the Ceaser privacy pool. Call /api/ceaser/shield/prepare, get pre-built tx data (to, data, value), sign it, submit on-chain. For ERC20, approve first using approveAmount. A Poseidon commitment is added to the Merkle tree.

Unshield withdraws via the facilitator. Generate an UltraHonk proof client-side and POST to /settle. The facilitator pays gas. Recipient gets denomination minus 0.25% fee.

✦ Fixed Denominations

Amounts are fixed (e.g. 0.1 ETH, 1 ETH, 10 ETH) to preserve anonymity set size. Query /api/ceaser/denominations for the full list with fee breakdowns.

# Fees

Flat 0.25% (25 bps) on both shield and unshield:

AllocationRateDescription
Treasury0.24%Protocol treasury for development & operations
Relayer0.01%Facilitator allocation for gas sponsorship
Total0.25%25 basis points per operation

Use /api/ceaser/fees/{amount} to get exact breakdowns for any wei amount.

# x402 Facilitator API

Core settlement layer. Base URL: https://ceaser.org

GET/supported
x402 capability discovery. Returns supported schemes, networks, protocols, and proof formats.
Response 200
1{ 2 "x402Version": 2, 3 "schemes": { 4 "zk-relay": { 5 "supported": true, 6 "networks": ["eip155:8453"], 7 "protocols": ["ceaser"], 8 "proofFormats": [ultrahonk] 9 } 10 } 11}
POST/verify
Dry-run proof verification. Checks nullifier, Merkle root, denomination. Returns gas estimate & facilitator fee. Does not submit on-chain.
5 req/min
Request Body (SettleRequest)
1{ 2 "protocol": "ceaser", 3 "network": "eip155:8453", 4 "payload": { 5 "proof": "0x...", // hex UltraHonk proof 6 "nullifierHash": "0x...", // bytes32 7 "amount": "100000000000000000", // denomination in wei 8 "assetId": "0", // 0=ETH 9 "recipient": "0x742d35Cc...", // destination 10 "root": "0x2f06f13d..." // Merkle root 11 } 12}
Response 200
1{ 2 "isValid": true, 3 "details": { 4 "isKnownRoot": true, 5 "isNullifierUnused": true, 6 "isValidDenom": true, 7 "isValid": true 8 }, 9 "estimatedGas": "350000", 10 "facilitatorFee": "100000000000000" 11}
POST/settle
Submit ZK proof for gasless on-chain settlement. Facilitator pays gas. Recipient receives netAmount (amount minus 0.25%). Idempotent: same nullifier returns cached result.
5 req/min
Request Body (SettleRequest)
1{ 2 "protocol": "ceaser", 3 "network": "eip155:8453", 4 "payload": { 5 "proof": "0x...", 6 "nullifierHash": "0x...", 7 "amount": "100000000000000000", 8 "assetId": "0", 9 "recipient": "0x742d35Cc6634C0532925a3b844Bc9e7595f2bD18", 10 "root": "0x2f06f13d..." 11 } 12}
Response 200
1{ 2 "success": true, 3 "txHash": "0x8f3d1a2b...", 4 "network": "eip155:8453", 5 "recipient": "0x742d35Cc...", 6 "netAmount": "99750000000000000", 7 "idempotent": false 8}
StatusDescription
200Settlement successful — txHash and netAmount returned
400Invalid proof, unknown root, spent nullifier, or bad denomination
409Nullifier currently being processed (concurrent duplicate)
429Rate limit exceeded
503Facilitator paused (circuit breaker) or low on gas
GET/status
Facilitator health & stats: wallet balance, protocols, settlement counts, circuit breaker state, tx queue, indexer sync.
Response 200
1{ 2 "facilitatorAddress": "0x90F79bf6EB2c...", 3 "facilitatorBalance": "10000.5 ETH", 4 "protocols": { 5 "ceaser": { "active": true, "totalSettled": 1842 } 6 }, 7 "network": "eip155:8453", 8 "circuitBreaker": { 9 "tripped": false, "consecutiveFailures": 0, 10 "recentWindow": { "size": 100, "successes": 98, "failures": 2, "failureRate": "2%" } 11 }, 12 "txQueue": { "queueLength": 0, "inFlight": 0, "currentNonce": 4217 }, 13 "txTracker": { "pending": 0, "confirmed": 1842 }, 14 "indexer": { "synced": true, "leafCount": 3891, "root": "0x2f06..." } 15}

# Ceaser Protocol API

Direct privacy pool interaction. Base path: https://ceaser.org/api/ceaser

GET/api/ceaser/denominations
All valid denominations with pre-calculated fee info.
Response 200
1{ 2 "denominations": [{ 3 "label": "0.1", 4 "amountWei": "100000000000000000", 5 "feeWei": "250000000000000", // 0.25% 6 "totalCostWei": "100250000000000000", // shield cost 7 "netOnUnshieldWei": "99750000000000000", // unshield net 8 "feeBps": 25 9 }] 10}
GET/api/ceaser/merkle-root
Current Merkle tree root. Served from local indexer (fast) with on-chain fallback. Required for proof generation.
Response 200
1{ 2 "root": "0x2f06f13d7f7ad845e3cfce107aa8a89aaffdad3f69bef1062d4525a23621e088", 3 "source": "indexer" // or "on-chain" 4}
GET/api/ceaser/nullifier/{hash}
Check if a nullifier has been spent. Check before generating a proof to avoid wasted compute.
Response 200
1{ "nullifierHash": "0x...0001", "spent": false }
GET/api/ceaser/pool/{assetId}
Pool info: TVL, total notes, fee rate. Use assetId=0 for ETH, uint256(tokenAddress) for ERC20.
Response 200
1{ 2 "assetId": "0", 3 "totalLocked": "5000000000000000000", 4 "totalLockedFormatted": "5.0", 5 "totalNotes": 142, 6 "feeBps": 25 7}
POST/api/ceaser/shield/prepare
Build a shield transaction. Returns pre-built tx data — your agent signs and submits. ERC20 shields include approveAmount.
Request Body
1{ 2 "proof": "0x...", 3 "commitment": "0x...", // bytes32 Poseidon 4 "amount": "100000000000000000", 5 "assetId": "0" // omit or "0" for ETH 6}
Response 200
1{ 2 "tx": { 3 "to": "0xCeaserContract...", 4 "data": "0x...", 5 "value": "100250000000000000", // ETH to send 6 "approveAmount": "0" // ERC20 only 7 }, 8 "fees": { 9 "amount": "100000000000000000", 10 "protocolFee": "250000000000000", 11 "treasuryShare": "240000000000000", 12 "relayerAlloc": "10000000000000", 13 "netAmount": "99750000000000000", 14 "feeBps": 25 15 } 16}
GET/api/ceaser/fees/{amount}
Fee breakdown for any wei amount. Shows treasury/relayer split and net amount.
Response 200 — /fees/100000000000000000
1{ 2 "amount": "100000000000000000", 3 "protocolFee": "250000000000000", 4 "treasuryShare": "240000000000000", 5 "relayerAlloc": "10000000000000", 6 "netAmount": "99750000000000000", 7 "feeBps": 25 8}

# Indexer API

Autonomous Merkle tree indexer. Maintains a local copy of the on-chain commitment tree with self-healing.

GET/api/ceaser/indexer/status
Sync state, leaf count, last block, and operational stats (historical syncs, poll cycles, heal checks, resyncs, errors).
Response 200
1{ 2 "synced": true, 3 "syncInProgress": false, 4 "lastSyncBlock": 28491023, 5 "leafCount": 3891, 6 "root": "0x2f06f13d...", 7 "stats": { 8 "historicalSyncs": 1, "pollCycles": 14502, 9 "healChecks": 48, "fullResyncs": 0, "errors": 0 10 } 11}
GET/api/ceaser/indexer/commitments
Paginated commitment list. Query params: ?offset=0&limit=100
Response 200
1{ 2 "commitments": ["0xabc...", "0xdef..."], 3 "total": 3891, "offset": 0, "limit": 100 4}

# OpenClaw Skill Integration

Drop-in skill for OpenClaw bots. Your agent calls the Ceaser API directly — no SDK required.

JavaScript
1// OpenClaw bot — full unshield flow 2const BASE = 'https://ceaser.org'; 3 4// 1. Get Merkle root 5const { root } = await fetch(`${BASE}/api/ceaser/merkle-root`).then(r => r.json()); 6 7// 2. Check nullifier isn't spent 8const { spent } = await fetch(`${BASE}/api/ceaser/nullifier/${nullHash}`).then(r => r.json()); 9if (spent) throw 'Note already unshielded'; 10 11// 3. Generate UltraHonk proof locally 12const proof = await generateProof({ root, nullifier, amount, recipient }); 13 14// 4. Dry-run verify 15const check = await fetch(`${BASE}/verify`, { 16 method: 'POST', headers: { 'Content-Type': 'application/json' }, 17 body: JSON.stringify({ 18 protocol: 'ceaser', network: 'eip155:8453', 19 payload: { proof, nullifierHash: nullHash, amount, assetId: '0', recipient, root } 20 }) 21}).then(r => r.json()); 22 23// 5. Settle gaslessly 24if (check.isValid) { 25 const result = await fetch(`${BASE}/settle`, { 26 method: 'POST', headers: { 'Content-Type': 'application/json' }, 27 body: JSON.stringify({ 28 protocol: 'ceaser', network: 'eip155:8453', 29 payload: { proof, nullifierHash: nullHash, amount, assetId: '0', recipient, root } 30 }) 31 }).then(r => r.json()); 32 console.log(result.txHash, result.netAmount); 33}

# Virtuals ACP

Battle-tested and ready to plug into the Virtuals ACP ecosystem. Pure REST API — any Virtuals agent that can make HTTP requests can shield, verify, and settle via Ceaser. No SDK, no dependencies.

ACP-READY

Drop-in Compatible

Point your agent at https://ceaser.org. No custom wiring, no wallet extensions.

AUTONOMOUS

Self-Sustaining

Shield once, unshield as needed. Your agent manages its own privacy pool balance independently.

# Base Agents

Any agent on Base that can make HTTP calls can use the facilitator:

$ curl -X POST https://ceaser.org/settle -H "Content-Type: application/json" -d '{"protocol":"ceaser","network":"eip155:8453","payload":{"proof":"0x...","nullifierHash":"0x...","amount":"100000000000000000","assetId":"0","recipient":"0x742d...","root":"0x2f06..."}}'

# Reliability

  • Crash Recovery — Persistent txTracker. Pending settlements resume on restart. No proofs lost.
  • Circuit Breaker — Trips on consecutive failures, high failure rate, or low balance. Returns 503 with reason. Monitor via /status.
  • Sequential Nonce Management — txQueue prevents nonce collisions under concurrent load.
  • EIP-1559 Gas — Dynamic base + priority fee for reliable, cost-efficient inclusion.
  • Merkle Indexer Self-Healing — Periodic heal checks. Auto full resync if local tree diverges from on-chain.
  • Idempotent Settlement — Same nullifier returns cached result. Safe retry logic.

# Security Model

⚠ Trust Assumptions

The facilitator cannot forge transactions, access wallets, or reverse-engineer identity from a proof. It sees: proof bytes, nullifier hash, amount, recipient, Merkle root. That's it.

PropertyGuarantee
IdentityNever transmitted. Proof is zero-knowledge.
Private KeysNever leave client. Proof generated locally.
Proof ForgeryComputationally infeasible (UltraHonk soundness)
Double SpendOn-chain nullifier check + 409 for concurrent duplicates
Relay TrustStateless — validates and submits only

# FAQ

Does my agent need ETH to unshield?

No. The facilitator pays gas on /settle. You only need ETH for the initial shield deposit.

What network is supported?

Base Mainnet (eip155:8453).

What are the rate limits?

Read: 60 req/min per IP. Write (/verify, /settle): 5 req/min per IP.

What if I submit the same nullifier twice?

Idempotent. Returns cached result with idempotent: true.

Why fixed denominations?

Preserves anonymity set. Unique amounts would make deposits/withdrawals trivially linkable.

What's the fee?

0.25% (25 bps) — 0.24% treasury + 0.01% relayer.

Compatible with Virtuals ACP?

Yes. Battle-tested. Pure REST API, no SDK.

Who built this?

CEASER.ORG. MIT licensed.

← Previous
Web2 Bridge Setup
Next →
Advanced Configuration