ExecSwap

ExecSwap

Building a secure, privacy-preserving vault that lets users swap ERC20 tokens via cryptographic commitments and withdraw safely while tracking balances off-chain.

Telegram: @saykeong

Repo: https://github.com/PohSayKeong/ExecSwap

• Contracts -> privacy-swap-contract
• iExec TEE -> privacy-swap
• Frontend -> ./

Architecture

Contracts deployed on Arbitrum Sepolia

Vault Contract: 0xa1B0bcf21F9Bd265A2b9478cEc99F1dc200B6d10

TEE iApp Address: 0xe70A546885c58fCF5904Bf0e19Beb50ADea972d8

Workflow

1. Deposit (On-Chain Transfer)

1. The user performs a standard ERC20 transfer to the vault contract.

   • The vault sees the sender and amount on-chain.

2. A commitment is created to represent the deposit cryptographically:

   commitment = H(tokenAmount, token, H(userPrivate))

   • tokenAmount: Amount of token deposited

   • token: Token contract address

   • userPrivate: User’s secret key

3. The vault records the commitment on-chain along with the ERC20 transfer.

4. User updates the TEE so that reserves are tracked accurately

Deposit is transparent, but the commitment prepares for privacy in swaps.

2. Swap (TEE-Handled Private Exchange)

1. Users submit commitments as input tokens (tokenIn → tokenOut) to the iExec TEE.

2. The TEE validates commitments without revealing sensitive information:

   • Confirms ownership using the commitment hash.

   • Computes swap amounts using external price feeds such as Chainlink.

   • Updates reserves in Redis cache for efficiency.

3. After swap execution:

   • New commitments for output tokens are generated.

   • Old commitments are marked as “spent” on-chain to prevent double-spending.

The TEE ensures privacy for swap amounts and unlinkability while the on-chain contract tracks spent commitments.

3. Withdraw (User Reveals Private)

1. To withdraw, the user submits their private key (userPrivate) to the contract.

   • The contract verifies it against the stored commitment:

     commitment == H(tokenAmount, token, H(userPrivate))

2. Once verified:

   • ERC20 tokens are transferred to any specified user.

   • The commitment is spent on-chain to prevent reuse.

Withdrawals require revealing the secret but maintain unlinkability for prior swaps handled in the TEE.

iExec and Chainbound bounty

The solution implements a full Confidential DeFi workflow using TEEs to handle private swaps, transfers, and withdrawals. Commitments are generated and tracked on-chain, while the TEE validates swaps, updates off-chain reserves in Redis, and queries external price feeds. ERC20 deposits and withdrawals interact with the vault contract, ensuring transparency where necessary, while TEEs maintain privacy and unlinkability for sensitive operations.

Using the iExec stack (iApp Generator and DataProtector) on Arbitrum Sepolia, the work demonstrates end-to-end technical feasibility: building a working system that integrates TEEs with Web3 infrastructure, enforces privacy guarantees, prevents double-spending, and produces a user-trustworthy experience. This implementation shows how TEEs can extend beyond standard DeFi use cases into real, deployable confidential applications.