Umbra Privacy LogoUmbra Privacy
Key & Address Architecture

Master Viewing Key (MVK) for Solana Address

Protocol for deriving the Master Viewing Key for a user's primary Solana address using Poseidon hash

Protocol Description

The Master Viewing Key for a user's primary Solana address, denoted kMVK,SOLk_{\text{MVK}, \text{SOL}}, is derived directly from the master seed SMS_M using the Poseidon hash function as a PRF.

kMVK,SOLPoseidon(SM,EncodeAsFieldElement("MVK-Solana-Address"))k_{\text{MVK}, \text{SOL}} \triangleq \text{Poseidon}( S_M, \text{EncodeAsFieldElement}(\text{"MVK-Solana-Address"}) )

The output kMVK,SOLk_{\text{MVK}, \text{SOL}} is a single field element in Fp\mathbb{F}_p. This MVK must be registered on-chain and is immutable thereafter.

Key Derivation Process

  1. Input: Master seed SMS_M (32 bytes)
  2. Domain Separation: String "MVKSolanaAddress""MVK-Solana-Address" encoded as a field element
  3. Hash Function: Poseidon hash function acting as a PRF
  4. Output: Single field element kMVK,SOLk_{\text{MVK}, \text{SOL}} in Fp\mathbb{F}_p

On-Chain Registration

The kMVK,SOLk_{\text{MVK}, \text{SOL}} must be registered on-chain before any deposit transactions can be made. This registration:

  • Enables Compliance: Required for Tier 3 compliance mechanism
  • Immutable: Cannot be changed once registered
  • Public Commitment: Creates a public commitment to the MVK without revealing it
  • Transaction Prerequisite: Must be registered before deposits

Security Analysis

Security Proof: Unlinkability of the Solana MVK

Goal: kMVK,SOLk_{\text{MVK}, \text{SOL}} must be computationally indistinguishable from a random element in Fp\mathbb{F}_p and unlinkable to SMS_M.

Assumption: The Poseidon function, when one of its inputs is kept secret, behaves as a secure PRF.

Argument: The derivation is a direct application of a PRF where SMS_M is the secret key. The output (kMVK,SOL)(k_{\text{MVK}, \text{SOL}}) is computationally indistinguishable from a uniformly random element chosen from its range (Fp)(\mathbb{F}_p).

Properties

  • Unlinkable: Cannot be traced back to the master seed
  • Pseudorandom: Appears as a random field element
  • Immutable: Once registered, cannot be changed
  • Compliance Ready: Enables regulatory compliance features
  • Single Purpose: Specifically for the user's primary Solana address

Umbra Address Generation

Protocol for generating anonymous Umbra addresses using KMAC derivation

MVKs for Individual Umbra Addresses

Protocol for deriving Master Viewing Keys for each individual Umbra address using Poseidon hash with index-based domain separation

On this page

Protocol DescriptionKey Derivation ProcessOn-Chain RegistrationSecurity AnalysisSecurity Proof: Unlinkability of the Solana MVKProperties