Onchain Expenses

Anonymous Expense Processing with Transparent Insight: A Trustless Reimbursement System for DAOs

This project introduces a privacy-preserving, trustless expense submission and indexing system tailored for decentralised organisations. Built on iExec infrastructure, the system empowers DAO contributors to submit expenses anonymously while ensuring transparent, auditable, and bias-resistant reimbursement flows.

Users begin by uploading OCR-scanned expense receipts via a frontend interface. The app extracts key metadata (e.g., item names and total cost), sanitizes the data, and then encrypts it using iExec’s DataProtector SDK. This process yields a protectedDataId, which acts as a secure handle to the encrypted data.

The frontend then triggers an iExec iApp task. Within a Trusted Execution Environment (TEE), the iApp uses its private key—the only secret it holds—to decrypt the data via DataProtector. This design ensures end-to-end privacy and eliminates any need for trust in centralised intermediaries. Once decrypted, the iApp uses ethers.js to sign a transaction (without involving Ethereum) and submits the validated expense data to the Polkadot Asset Hub testnet—a substrate-based blockchain chosen for its interoperability and low-cost execution.

To support queryability and long-term transparency, all expense data is also indexed on the OriginTrail decentralized knowledge graph, creating a composable, censorship-resistant data layer. This makes it easy to inspect and analyze the financial flows of an organisation without needing to scrape block explorers or dig through spreadsheets.

A key feature of the system is its ability to reveal higher-order insights from aggregate expenses. By linking transaction metadata with organisational behaviour, the system can surface hidden correlations—such as clusters of spending tied to specific governance outcomes or potential signs of favoritism.

The ideological motivation stems from real governance issues within DAOs. Many contributors prefer to remain pseudonymous for safety or personal reasons, yet current expense workflows often force unwanted doxxing. Worse still, reimbursement approvals can become politicised—dominated by cliques that reward insiders and stonewall others. Our system neutralises these risks by stripping identity out of the submission and evaluation process entirely.

In short, this project bridges the gap between privacy and transparency. It protects individual identities while still providing the tooling for communities to stay accountable. Through secure computation, decentralized indexing, and Polkadot-native integration, it sets the stage for more democratic, bias-resistant financial governance in DAOs.