A privacy-preserving loan platform built on SP1 zero-knowledge proofs, enabling secure loan origination, payments, and closeouts with KYC verification while maintaining transaction privacy through batch processing.
Arda Credit is a verifiable application (vApp) that demonstrates privacy-preserving financial operations using zero-knowledge proofs. The platform enables:
π₯ User Management & KYC
- Investor and Lender account types with KYC verification
- Privacy-preserving status proofs and flexible compliance requirements
π° Loan Operations
- USDC Deposits - Direct smart contract deposits with automatic balance tracking
- USDC Withdrawals - KYC-validated withdrawals with balance verification
- Loan Origination - Create loans between verified parties
- Payment Processing - Private payment processing with cryptographic guarantees
- Loan Closeout - Final settlement and completion
π Privacy & Verification
- Transaction Inclusion Proofs - Prove any transaction was processed without revealing others
- Batch Privacy - Individual loan details remain hidden in processing
- Zero-Knowledge State Transitions - Cryptographically verified loan state changes
This loan vApp demonstrates privacy-preserving financial operations with continuous state tracking:
Private Data (Hidden):
- Individual loan amounts and terms
- Payment amounts and frequencies
- User identities and KYC details
- Interest rates and loan metadata
Public Data (Verifiable):
- State root transitions (Merkle tree)
- Transaction count per batch
- Batch timestamps
- Proof verification results
program/- SP1 zkVM program for loan transaction processingapi/- Production server with KYC, loan processing, and ZK proof generationdb/- PostgreSQL with users, loans, KYC data, and Merkle tree statecontracts/- Solidity contracts for on-chain loan state verificationlib/- Shared loan computation logic (zkVM compatible)
- Recommended: 16-core CPU for local development
- Local Core proving is CPU-intensive and benefits from multi-core processors
- Configure CPU usage via
SP1_LOCAL_PROVER_THREADS(default: 10 cores) - Example:
SP1_LOCAL_PROVER_THREADS=12 make serverto use 12 cores
π Complete Setup: See docs/deployment/development-setup.md for detailed setup instructions.
π‘ Test the Complete Workflow: See AGENTS.md#deal-workflow-examples for comprehensive API workflow examples.
π§ Development Commands:
make help # Show all available commands
make setup # Complete setup from scratch
make server # Start API server locally- Individual loan amounts - Hidden in batch processing
- User identities - Protected through zero-knowledge proofs
- Payment details - Amounts and frequencies remain confidential
- KYC information - Status provable without revealing identity
- Transaction inclusion - Prove specific transactions were processed
- State transitions - Cryptographically verify loan state changes
- KYC compliance - Prove KYC requirements were met
- Payment completion - Verify payments without revealing amounts
Arda Credit uses magic link authentication for secure, passwordless access.
To test the magic link authentication flow, you can use the following commands:
./create_user_and_magic_link.sh user@example.comMore details can be found in scripts/create-user-magic-link/README.md.
Required environment variables:
# AWS SES (Email Service)
SES_REGION=us-east-1
EMAIL_FROM=auth@arda.xyz
# Magic Link Settings
MAGIC_BASE_URL=https://app.arda.xyz/auth/verify
MAGIC_LINK_TTL_MINUTES=10
# Session Management
SESSION_EXPIRY_DAYS=30See MAGIC_LINK_ENV_VARS.md for complete configuration.
See CONTRIBUTORS.md for detailed development guidelines.
To populate your database with realistic test data for development and testing:
# Start the server
make server
# Populate with comprehensive test dataset
cargo run --release --bin populate_deal_dataThis creates:
- 200 users: 67 investors, 66 originators across 9 boroughs, 67 additional investors
- 20 liquidity pools: $1M-$10M each with borough percentage limits
- 40 credit requests: Revenue-based amounts from originators in different boroughs
- Geographic distribution: Manhattan, Brooklyn, Queens, Bronx, Staten Island, Long Island, Westchester, New Jersey, Connecticut
- Borough limits: Realistic percentage thresholds for risk diversification testing
Perfect for testing the borough percentage system, credit line requests, and pool management features.
When running locally via docker-compose up and make server, the following services are available:
| Service | URL | Description |
|---|---|---|
| API Server | http://0.0.0.0:8080 | Main REST API |
| Swagger UI | http://0.0.0.0:8080/swagger-ui/ | Interactive API documentation |
| Health Check | http://0.0.0.0:8080/api/v1/health | Service health status |
| PostgreSQL | localhost:5432 | Database (postgres/password) |
| Prometheus | http://localhost:9090 | Metrics collection |
| Grafana | http://localhost:3100 | Metrics visualization (admin/admin) |
| Anvil | http://localhost:8545 | Local Ethereum devnet (local/staging only) |
docs/README.md- Complete documentation hub with navigationdocs/deployment/development-setup.md- Development environment setupAGENTS.md- Main entry point for AI Agents
docs/architecture/three-component-overview.md- System architecture overviewdocs/architecture/loan-system.md- Technical loan system detailsdocs/architecture/performance-targets.md- Performance and capacity planning
docs/integrations/magic-link-authentication.md- Magic link authentication integration guidedocs/integrations/api-swagger.md- API documentation and OpenAPI specsdocs/development/local-testing.md- Local testing with GitHub Actionsdocs/deployment/security-production.md- Production deployment and securitydocs/deployment/monitoring.md- OpenTelemetry monitoring setup
api/src/README.md- API server architecture and standardsdb/README.md- Database layer and ADS integrationcontracts/README.md- Smart contract deployment and testing- Swagger UI - Interactive API documentation at http://0.0.0.0:8080/swagger-ui/
Built on SP1 zkVM - Uses Succinct's SP1 zero-knowledge virtual machine for:
- RISC-V Compatibility - Standard Rust code compiles to zkVM
- Groth16 Proofs - EVM-compatible proofs for on-chain verification
- Sindri Integration - Serverless proof generation at scale
Merkle Tree State Management - 32-level indexed trees provide:
- Efficient Updates - O(log n) operations with atomic transactions
- Privacy-Preserving Commitments - State roots hide individual transactions
- SP1 zkVM Security - Relies on SP1's cryptographic guarantees
- Sindri Infrastructure - Trusted for proof generation (verifiable outputs)
- Smart Contract Security - On-chain verification provides final settlement
This project is licensed under the MIT License - see the LICENSE-MIT file for details.
Current Version: v0.0.1 (MVP Development)
This is a Minimum Viable Product (MVP) demonstrating privacy-preserving loan operations. The KYC process can be mocked for testing, but provides the foundation for production KYC integration.