Shadow Pay

Shadow Pay is designed to perform privacy preserving transactions in the following way:

• The sender has the public key of the receiver.
• While sending the tokens, the underlying architecture encrypts the public key of the receiver off-chain using a random number and then creates a stealth address to which the tokens are deposited.
• Besides traditional EOA transfers, the sender can also transfer the tokens using his/her smart account address which is completely gasless in nature.
• The receiver has to sign in before he/she can view his/her received payments.
• Passkeys based sign in has been enabled to maintain more privacy
• The receiver can see all the funds received in the stealth address.
• The receiver has to attest that he has received the funds before withdrawing it.
• After attestation the receiver can withdraw the funds where the encrypted message is decrypted to obtain the receiver's public address where the tokens are finally withdrawn and deposited

Shadow Pay is made in order to maintain higher order privacy in p2p transfers. The sender and receiver only have the knowledge of the receiver's address. The sender has the public key of the receiver which is encrypted using crypto package before transfer of funds. Besides traditional EOA transfers, the user can also send out payments using his/her smart account address which is created using pimlico and gnosis. The receiver has to sign in before viewing all his received funds. The receiver has to attest the obtaining of the funds which is done using SIgn protocol. After attesting, the receiver can withdraw the funds where the decoding of the encrypted message takes place and the tokens are withdrawn to the receiver's public address.

This ensures no phishing or any other attacks stopping the compromisation of the receiver's keys.