Portal Deposit Addresses
Create a reusable, public, exchange-style deposit address. Anyone can fund it
with standard ERC-20 transfers, and the funds are credited into your shielded
balance without revealing which account was credited. See
Portal Deposit Addresses for the concept and
trust model.
Preview feature — pending external audit, and enabled per deployment. All
commands require an authenticated session (privacy-boost login, or
--private-key). Several fields are launch-limited, noted inline below.
The portal subcommands orchestrate the full lifecycle — including the EIP-7702
delegation and gasless registration — for you.
Creating a portal
portal create derives a fresh portal address E, delegates it, registers the
owner binding, and publishes the discovery entry, in one call:
privacy-boost portal create
Output:
Portal created:
address: 0xPortalDepositAddressE
index: 0
bindH: 0xabc...def
Share the address publicly — that is where senders deposit. Pin a derivation
index with --index <n> to re-derive a specific portal, or --no-publish to
register and delegate without publishing the discovery entry (an escape-hatch /
custodial setup; deposits swept into it rest uncredited and reclaimable).
Listing portals and status
privacy-boost portal list
privacy-boost portal status 0xPortalDepositAddressE
Launch limitation: status reports delegated: false for every portal —
the server does not yet compute on-chain delegation status. A portal you
created is delegated regardless. Rely on registered and published.
Receiving and listing deposits
A sender funds your portal with an ordinary ERC-20 transfer to its address — they
need nothing from Privacy Boost. List the deposits observed at a portal:
privacy-boost portal deposits 0xPortalDepositAddressE
Each deposit is pending_sweep, credited, cancellable, cancelled, or
unknown.
Launch limitations: the reclaim-eligibility block is not yet computed
(shown as 0 — treat as unknown), and sweeping runs with a 0 fee, so the
credited amount equals the swept amount.
Sweeping (self-service backstop)
At launch, sweeping is operator-run, so you normally do not sweep yourself. The
command is available as a backstop — it sweeps a token’s balance at the portal
into the pool:
privacy-boost portal sweep 0xPortalDepositAddressE 1
(the trailing 1 is the registered token id.)
Reclaiming an un-credited deposit
Reclaim a swept-but-uncredited deposit after the cancel delay; funds return to
the portal address E. Use the portalDepositId from portal deposits:
privacy-boost portal reclaim 0xPortalDepositId
Withdrawing raw funds (escape hatch)
For funds resting at E that can never be swept (for example an unregistered
token), portal withdraw builds a signed raw EIP-1559 transaction and prints
it for you to broadcast. Read the nonce, gas limit, and fees from your RPC:
privacy-boost portal withdraw \
0 \
0x...token-address \
0xDestination \
1000000000000000000 \
<nonce> <gas-limit> <max-fee-per-gas> <max-priority-fee-per-gas>
(The first argument 0 is the portal’s seed-derivation index.)
Next steps