No KYC. No Custody.
Prove Amounts Blind.
Listen. If you're building something that needs private payments — a mixer, a swap, a marketplace, a darknet gateway, a dead-drop wallet, anything that can't phone home to Coinbase — you've been stuck with two bad options:
- Monero. Brilliant privacy. Ed25519 keys that die the instant Shor's algorithm hits a production QPU. Explorer still leaks exact timestamps, exact fees, exact block heights. Chainalysis built an empire on those breadcrumbs.
- Roll your own. You know how that ends.
There's a third option now. This API gives you:
- Shadow transactions — from, to, amount, block height are
null. Not masked. Not ring-signed. Gone. - Amount-only proof keys — The SYNX Node generates a quantum-sealed proof key using Kyber-768 lattice encryption when a private transaction is sent. This proof key — unforgeable, quantum-resistant — is the only way to decode the exact amount. No sender address. No receiver address. Not in the proof, not in the API, not anywhere. The amount is the only thing that surfaces. Everything else stays drowned.
- Zero address disclosure — there is no view key endpoint, no disclose endpoint, no audit endpoint that reveals addresses. Sender and receiver identities are permanently sealed. Not even the wallet owner can unseal them through the API. The only thing provable is the amount.
- Post-quantum everything — Kyber-768 lattice KEM, SPHINCS+-SHAKE256-128f signatures, SHAKE256 XOF, Argon2id wallet encryption. When Shor wakes up, this chain doesn't flinch.
No migration roadmap. No "we'll add PQ later." Born this way. Genesis block zero.
Who this is for: Devs building private swaps, mixers, OTC desks, sovereign marketplaces, anything that doesn't grovel at a CEX's API for permission. The proof key reveals only the exact amount — never who sent it, never who received it. If you think "compliance" is a euphemism for surveillance and "KYC" is three letters that mean "we own your identity now" — keep reading.
🌊 Why We Never Disclose Sender or Receiver
This is the core principle. Open-source transparency and user privacy are natural enemies — unless you architect the boundary correctly. SynergyX solves this by making the protocol transparent (anyone can audit the code) while keeping identity permanently opaque (no mechanism exists to reveal sender or receiver). The proof key is a puzzle key — it unlocks the amount, and only the amount. The identities behind the transaction dissolved into the Synergy Sea the moment the block was sealed.
The SYNX Node generates the proof key using quantum Kyber-768 lattice encryption. The key is mathematically bound to the transaction amount. It cannot be forged, cannot be reverse-engineered, and expires in 30 minutes. The sender shares the proof key with the recipient off-chain — Signal, PGP, Tor, a napkin. The recipient verifies via this API. That's the entire trust model. No custody. No intermediary. No metadata trail.
Amount-only by permanent design. The proof key decodes the exact payment amount. There is no mechanism — no endpoint, no key, no parameter, no flag — that reveals sender or receiver addresses. This isn't a configuration choice. It's an architectural impossibility. The addresses are not stored in any form that any key can unlock. They sank into the Sea.
⛨ What The Server Knows (Jack)
Let's be honest about trust boundaries. You're hitting an API. The server is a machine, and machines can be seized. Here's exactly what an attacker gets if they root the box:
The honest caveat: During daemon sync, the scanner briefly sees raw addresses before hashing them and discarding the originals. This is the same trust model as Monero's remote node — the daemon sends cleartext to the scanner. What we guarantee: stored data and API responses never leak raw addresses or amounts. There is no API endpoint that returns addresses — not with a view key, not with a proof key, not ever. The hashing is instant. The window is microseconds. A blink, not a leak.
Timing is mitigated. Every single API response — GET, POST, success, failure, 404, everything — is padded to a 500ms constant ceiling. The server measures actual processing time, then sleeps exactly 500ms - elapsed. Every response takes exactly 500ms. Not random. Constant. Cohen's d between valid and invalid paths: 0.015 (tested by GhostReaper — statistically invisible). Chainalysis's timing oracle playbook? Dead on arrival.
🌊 The Synergy Sea — Two Depth Layers
Think of the chain as an ocean. Public transactions float on the surface. Private ones sink. The deeper you go, the more you need proof keys to see anything. And even at maximum depth, only the amount surfaces — never addresses.
| Depth | Who Sees | What Leaks | Guard |
|---|---|---|---|
| SURFACE | Anyone | Hash, existence, fuzzy time, fee tier, confs | Cryptographic commitments |
| DEEP | Proof key holder | Above + exact amount (decoded from quantum lattice seal) + time window | Kyber-768 quantum lattice encryption, AES-256-GCM |
No deeper layer exists. There is no view key disclosure, no address audit, no mechanism to reveal who sent or received. The proof key — generated by the SYNX Node using quantum Kyber-768 encryption — decodes the exact amount. That's the deepest anyone can go. Sender and receiver addresses are permanently drowned in the Sea.
Anti-correlation armor: Timestamps fuzzed ±120s. Fees bucketed into 5 tiers (micro/low/standard/high/premium — never the raw sat amount). Block heights nulled. Response times padded to 500ms constant ceiling. "TX not found" and "TX is private" return the identical shape. Proof keys expire in 30 minutes — limiting replay windows to near zero. You can't even enumerate which hashes are real. Every surface query returns the same amount of information whether the TX exists, doesn't exist, or is shielded. Good luck, Chainalysis.
—͟͟͞͞★ Vendor Proof Verification — 3 Minutes, Zero Trust
You're a vendor. A buyer just paid you in private SYNX. You need to verify the payment without seeing their address, their balance, or trusting any third party. Here's how. No KYC. No custody. Prove payments blind.
How proof keys work: When a buyer sends private SYNX, the SYNX Node automatically generates a quantum-sealed proof key using Kyber-768 lattice encryption. This proof key is a puzzle key — it's the only thing that can decode the transaction amount. The key is mathematically unforgeable: without the Node's internal quantum lattice parameters, no attacker — classical or quantum — can fabricate one. The Node returns the proof key to the sender's wallet. The sender shares it with you off-chain. You plug it into the API. Amount verified. No addresses revealed. Ever.
Buyer sends you tx_hash + proof_key (off-chain)
After the private send, the SYNX Node generates the proof key automatically. The buyer's wallet receives it and DMs it to you — along with the transaction hash. Signal, PGP, Tor chat, written on a napkin — whatever. Zero metadata channel. The API never sees this handoff.
# What the buyer sends you (encrypted channel only)
tx_hash: "a1b2c3d4e5f6789012345678901234567890123456789012345678901234abcd"
proof_key: "PT-f7e8d9c0b1a23456789012345678901234567890123456789012345678901234"30-minute window: Proof keys expire in 30 minutes from generation. The buyer should share the proof key immediately after sending. You should verify immediately after receiving. This tight window eliminates long-term replay attacks — the key is ephemeral by design. If it expires, the sender can request a new one from the SYNX Node.
PT- prefix: All proof keys start with PT- — prevents paste errors (you'll never accidentally paste a TX hash into a proof field or vice versa). The API accepts both PT-f7e8... and raw f7e8... — the server strips the prefix automatically. Either format works.
Input caps — hard enforced: tx_hash must be exactly 64 hex characters [a-fA-F0-9]{64}. proof_token max 67 characters (PT- prefix + 64 hex). Anything outside these bounds → instant 400 Bad Request. The API rejects oversized inputs before any processing — don't send a 200-char hash hoping it'll get trimmed. It won't. It gets dropped.
Hit one endpoint — the math does the talking
# cURL — verify the proof key (recommended endpoint)
curl -X POST https://explorer.synxcrypto.com/explorer/api/verify_proof.php \
-H "Content-Type: application/json" \
-d '{"tx_hash":"a1b2c3d4e5f6...64hex","proof_key":"f7e8d9c0...64hex"}'
# Through Tor (you should be doing this)
torsocks curl -X POST http://synxexplorer.onion/explorer/api/verify_proof.php \
-H "Content-Type: application/json" \
-d '{"tx_hash":"a1b2c3d4...","proof_key":"f7e8d9c0..."}'
# GET also works — quick terminal checks
curl "https://explorer.synxcrypto.com/explorer/api/verify_proof.php?tx_hash=a1b2c3d4...&proof_key=f7e8d9c0..."Read the oracle
{
"valid": true, // ← that's your money, ghost
"tx_hash": "a1b2c3d4...", // ← echoed back for confirmation
"amount": "183.00", // ← exact amount decoded from quantum lattice seal
"currency": "SYNX",
"confirmed_at": 1735689600, // ← UNIX epoch when TX was inscribed on-chain
"message": "Payment proof verified — this proof key is valid for the specified transaction"
}"valid": true — payment confirmed. You know the exact amount (decoded from the quantum lattice seal) and the currency. You don't know sender, receiver, or block. Nobody does. Not us. Not the server. Not any subpoena. No API endpoint exists to reveal addresses — not with a view key, not with a proof key, not ever. The key unlocked the amount and nothing else. It sank into the Sea.
Field names matter: The simple endpoint returns "amount" (not "amount_decoded"). The Runic Envelope endpoint returns "amount_decoded". Check which endpoint you're hitting and read the right field. Both endpoints return "valid": true/false.
That's it. Three steps. One POST. Zero accounts, zero API keys, zero KYC. The proof key is the auth. Quantum Kyber-768 encryption is the judge. Ship the goods.
Fire-and-forget: The SYNX Node automatically generates the proof key and pushes it to the explorer immediately after the transaction is sent. This is a background process — if the push fails (network hiccup, server down), the send still succeeds. The proof key is generated by the Node's internal quantum lattice parameters. The registration is best-effort. The send flow never blocks on API availability.
𖣐 Full Verification Rite
| 𖣐 SENDER | SYNX NODE + SEA | 𖣐 RECEIVER |
|
① Private send (wallet) Kyber-768 encapsulated SPHINCS+ signed | ||
|
② SYNX Node generates quantum-sealed proof key Kyber-768 lattice encryption unforgeable — expires 30 min | ||
|
③ Wallet receives proof key PT- prefixed (key returned once — store it) | ◄──────────────────── | |
|
④ Share proof key off-chain Signal / PGP / Tor msg ═══════════════════════════════════════════► | (zero metadata path) | ══► |
|
⑤ Verify the seal POST /verify_proof.php ◄──────────────────── | ||
|
← {"valid":true,"amount":"183.00"} ────────────────────► | ||
| ✓ PAID. SHIP IT. |
Step ④ is the critical link. The proof key must travel sender→receiver through a channel the API never sees. Signal disappearing messages. PGP-encrypted email. Tor hidden service. A QR code shown across a table. A note taped under a park bench. The API doesn't care how the secret gets there — it only verifies the math when the receiver asks.
Clock is ticking. Proof keys expire in 30 minutes. Share immediately. Verify immediately. By design — proof keys are ephemeral puzzle keys, not long-lived credentials. This tight window means even if a key is intercepted, the attacker's window to use it is microscopic. After 30 minutes, the key is cryptographic dust.
POST /verify_proof — Verify a Proof Key (Recommended)
POST GET PUBLIC — The simplest way to verify a payment. Send tx_hash + proof_key in the body (or as GET params). Returns the exact amount. No auth. No API key. No account. Start here.
// POST Request (JSON body) — recommended
{
"tx_hash": "a1b2c3d4e5f6...64hex",
"proof_key": "f7e8d9c0b1a2...64hex"
}
// "proof_token" also accepted as an alias for "proof_key"
// PT- prefix accepted: "PT-f7e8d9c0..." → server strips it automatically
// Also accepts form-encoded POST data or GET query parameters
// ✓ Response — seal broken, exact amount decoded
{
"valid": true,
"tx_hash": "a1b2c3d4...",
"amount": "183.00",
"currency": "SYNX",
"confirmed_at": 1735689600,
"message": "Payment proof verified — this proof key is valid for the specified transaction"
}
// ✗ Response — wrong proof key
{
"valid": false,
"tx_hash": "a1b2c3d4...",
"error": "Proof key does not match this transaction",
"hint": "The proof_key provided does not match this transaction. Ensure you received the correct proof key from the payment sender."
}
// ✗ Response — missing or malformed inputs
{
"valid": false,
"error": "Missing required parameters: tx_hash and proof_key",
"hint": "Send tx_hash (64 hex chars) and proof_key (64 hex chars) as GET params, POST form data, or JSON body.",
"example": {
"GET": "/explorer/api/verify_proof.php?tx_hash=abc123...&proof_key=def456...",
"POST": "{\"tx_hash\": \"abc123...\", \"proof_key\": \"def456...\"}"
}
}This is the endpoint to start with. It's the simplest, most reliable path to verify a payment. One POST with two fields → exact amount. The Runic Envelope endpoint below (/rune-verify) returns richer metadata (timestamp ranges, expiry countdown) but requires the TX hash in the URL path. Use verify_proof.php unless you specifically need the extra fields.
Complete Error Reference — verify_proof.php
| HTTP | error field | What went wrong | Fix |
|---|---|---|---|
| 400 | Missing required parameters: tx_hash and proof_key | Empty body or missing fields | Send both tx_hash and proof_key in JSON, form data, or query params |
| 400 | Invalid tx_hash format | Not 64 hex chars | Must be exactly 64 hex characters [a-fA-F0-9]{64} |
| 400 | Invalid proof_key format | Not 64 hex chars (after stripping PT-) | 64 hex, with or without PT- prefix |
| 400 | tx_hash exceeds maximum length (64 chars) | Input too long — hard cap enforced | Don't send oversized inputs hoping they'll be trimmed. They won't. |
| 400 | proof_key exceeds maximum length (67 chars) | Input too long — hard cap enforced | Max 67 chars: PT- + 64 hex |
| 429 | Rate limit exceeded — maximum 30 verification requests per minute | Sea throttled | Back off. Cache results client-side — a verified seal doesn't change. |
| 503 | Verification service temporarily unavailable | Daemon syncing or restarting | Retry in a few moments. The SYNX Node may be catching up. |
| 200 | Proof key does not match this transaction | Wrong key for this TX | Double-check you have the correct proof_key from the sender |
Error responses always include hint. The hint field gives developer-friendly guidance on what to fix. Parse valid first (always present), then check error + hint on failure. On success, read amount and currency.
POST /privacy/tx/{hash}/rune-verify — Runic Envelope (Rich Metadata)
POST PUBLIC — Same proof key verification with richer metadata: timestamp window (±120s fuzzy), expiry countdown, decryption method. Use this when you need more than just the amount.
Alias: /explorer/api/privacy/tx/{hash}/proof
// Request — proof_token in body, tx_hash in URL path
{ "proof_token": "f7e8d9c0b1a2...64hex" }
// Response — seal broken, rich metadata
{
"valid": true,
"confirmed": true,
"timestamp_range": { "earliest": 1735689480, "latest": 1735689720 },
"amount_decoded": "183.00",
"rune_lattice": "encrypted",
"decrypted_by": "runic_proof_token",
"expires_in_minutes": 24,
"proof_algorithm": "Kyber-768 quantum lattice seal — addresses never disclosed"
}
// Response — invalid
{ "valid": false, "reason": "Proof token does not match any registered runic proof" }
// Response — expired
{ "valid": false, "reason": "Runic proof has expired" }Key difference from verify_proof.php: This endpoint returns amount_decoded (not amount), reason on failure (not error + hint), and includes timestamp_range, expires_in_minutes, rune_lattice. The TX hash goes in the URL path, not the JSON body. Choose the endpoint that fits your needs — both verify the same proof key.
What the verifier learns vs. what stays drowned
| Data Point | Revealed? | Why |
|---|---|---|
| Payment happened | ✅ | valid: true |
| TX on-chain | ✅ | confirmed: true |
| Time window | ✅ | ±120s fuzzy — not exact |
| Exact amount | ✅ | Decoded from quantum lattice seal via proof key — not a range, the real number |
| Sender address | ❌ | Drowned in the Sea |
| Receiver address | ❌ | Drowned in the Sea |
| Block height | ❌ | null for all private TXs |
Quantum lattice decoding: The proof key is generated by the SYNX Node using Kyber-768 lattice encryption — the same post-quantum standard (FIPS 203) that the entire chain is built on. The key is mathematically bound to the transaction's exact amount. Wrong key? The decode fails entirely — no partial information, no side-channel leaks. The lattice encoding is padded to a fixed length — a 0.01 SYNX transaction and a 77,000,000 SYNX transaction produce identical-sized sealed lattices. Amount magnitude is invisible without the key.
Proofs expire after 30 minutes. After expiration, the server returns "reason": "Runic proof has expired". This tight window gives recipients enough time to verify while eliminating long-term replay risk. If the window closes, the sender's wallet can request a new proof key from the SYNX Node (up to the per-TX limit).
GET /privacy/tx/{hash}/verify — Existence Oracle
GET PUBLIC — Does this TX exist? Returns a cryptographic existence commitment. Reveals nothing else.
{
"exists": true,
"hash": "a1b2c3d4...",
"confirmed": true,
"confirmations": 142,
"block_height": null, // sealed — private TXs don't surface block info
"is_private": true,
"verified_at": 1735689600,
"existence_proof": "9d4997cb84efc492...",
"proof_algorithm": "HMAC-SHA256(tx_hash || block_height || date, server_key)"
}GET /privacy/tx/{hash} — Shadow Transaction Lookup
GET PUBLIC — Look up any TX. Private ones return the shadow — hash visible, everything else null.
// Response — TX found (private shadow)
{
"status": "found",
"hash": "a1b2c3d4...",
"message": "Transaction located",
"transaction": {
"hash": "a1b2c3d4...",
"block_height": null, // hidden
"timestamp": 1735689600, // fuzzy ±120s
"from": null, // drowned
"to": null, // drowned
"amount": null, // drowned
"fee_tier": "redacted", // private TXs: fee tier sealed
"is_private": true,
"privacy_tier": "shadow",
"status": "confirmed",
"confirmations": 142,
"existence_commitment": "7833cd43..."
}
}
// Response — TX not found or shielded (identical shape prevents enumeration)
{
"status": "not_found_or_private",
"hash": "a1b2c3d4...",
"message": "Transaction not found or may be shielded",
"transaction": null
}Anti-enumeration ward: Query a hash that doesn't exist? You get {"status":"not_found_or_private","transaction":null,"message":"Transaction not found or may be shielded"} — identical response shape to a private TX (same keys, same structure). Chainalysis, Elliptic, CipherTrace: they can't even tell which hashes are real. That's not a bug. That's the architecture.
GET /privacy/recent — Surface Ripples
Recent TXs. Private ones surface as shadows (null fields). Public ones show transparent data. Good for dashboards. Query param limit (1-50, default 20).
GET /privacy/stats — Sea Depth Readings
Privacy adoption metrics: total TXs, private TXs, adoption %, feature flags. No auth required. Monitor the Sea's depth from your own infrastructure.
POST /privacy/batch-proof — Batch Verify Multiple Proofs
POST PUBLIC — Verify up to 50 proof keys in a single request. Same daemon verification as the single-proof endpoints, but batched for efficiency. Ideal for marketplaces processing multiple orders or wallets verifying several incoming payments at once.
// Request — array of proof pairs (max 50)
{
"proofs": [
{ "tx_hash": "a1b2c3d4...64hex", "proof_token": "f7e8d9c0...64hex" },
{ "tx_hash": "b2c3d4e5...64hex", "proof_token": "PT-e8d9c0b1...67chars" }
]
}
// Response — per-proof results with summary
{
"batch_size": 2,
"results": [
{
"index": 0,
"valid": true,
"tx_hash": "a1b2c3d4...",
"confirmed": true,
"amount_decoded": "183.00",
"rune_lattice": "encrypted"
},
{
"index": 1,
"valid": false,
"tx_hash": "b2c3d4e5...",
"reason": "Proof token mismatch"
}
],
"valid_count": 1,
"invalid_count": 1
}Batch Limits & Error Reference
| Constraint | Limit | Error on violation |
|---|---|---|
| Max proofs per batch | 50 | 400 — "Maximum 50 proofs per batch, got N" |
| Max request body | 256 KB | 400 — "Request body too large for batch endpoint" |
| Empty array | Min 1 | 400 — "Proofs array is empty" |
| Invalid tx_hash in item | 64 hex | Skipped — {"valid":false,"reason":"Invalid tx_hash"} in results |
| Invalid proof_token in item | 67 chars max | Skipped — {"valid":false,"reason":"Invalid proof_token (max 67 chars, 64 hex)"} |
Batch uses amount_decoded (like the Runic Envelope), not amount. Each result has an index field matching the input array position. Failed items don't crash the batch — they return valid: false with a reason while other proofs continue verifying. The batch endpoint shares the privacy API's sea throttle (100 req/min baseline + incremental bans).
DDoS gate: If your hashed IP is near the sea throttle limit (60%+ of 100 req/min budget), the batch endpoint denies all daemon RPC calls to prevent amplification — one batch request of 50 proofs would otherwise hit the daemon 50 times. You'll get {"error": "Proof verification service temporarily unavailable"}. Back off and retry.
🧅 Tor / .onion — Route Everything Through the Fog
The API is stateless REST over HTTPS. No cookies. No sessions. No JS fingerprinting. No WebSocket upgrades. Pure request→response over TLS. It works over Tor natively because we built it that way. Not as an afterthought. If you're building anything private and you're not routing through .onion, you're leaking your IP to every DNS resolver between you and the server. Don't.
.onion status: The dedicated synxexplorer.onion hidden service is coming soon. URLs below use a placeholder. Until the .onion is live, route clearnet requests through Tor via torsocks or SOCKS5 proxy. Your IP stays hidden either way. We'll update this doc the moment the hidden service goes live.
cURL through Tor
# Install torsocks (Debian/Ubuntu)
sudo apt install torsocks
# Verify a payment — sovereign style
torsocks curl -X POST http://synxexplorer.onion/explorer/api/verify_proof.php \
-H "Content-Type: application/json" \
-d '{"tx_hash":"a1b2c3d4...","proof_key":"f7e8d9c0..."}'Python through Tor (SOCKS5)
import requests
# pip install requests[socks] PySocks
session = requests.Session()
session.proxies = {
'http': 'socks5h://127.0.0.1:9050',
'https': 'socks5h://127.0.0.1:9050',
}
# socks5h = DNS resolution through Tor too (no DNS leak)
API = "http://synxexplorer.onion/explorer/api"
result = session.post(f"{API}/verify_proof.php",
json={"tx_hash": "a1b2c3d4...", "proof_key": "f7e8d9c0..."},
timeout=30).json()
if result.get("valid"):
print(f"ᛣ Sealed — amount: {result['amount']} {result['currency']}")Node.js through Tor
const { SocksProxyAgent } = require('socks-proxy-agent');
const fetch = require('node-fetch');
const agent = new SocksProxyAgent('socks5h://127.0.0.1:9050');
const API = 'http://synxexplorer.onion/explorer/api';
const r = await fetch(`${API}/verify_proof.php`, {
method: 'POST',
headers: {'Content-Type': 'application/json'},
body: JSON.stringify({tx_hash: 'a1b2c3d4...', proof_key: 'f7e8d9c0...'}),
agent,
});
const data = await r.json();
if (data.valid) console.log('𖣐 Sovereign verified', data.amount, data.currency);Why socks5h not socks5? The h means DNS resolution happens through Tor too. Without it, your local DNS resolver sees "synxexplorer.onion" — a metadata leak. Always socks5h. Always.
📡 Share Proof Keys via Signal — Zero Metadata
The proof key must travel sender → receiver without touching the API. Here's the OPSEC hierarchy for that handoff:
| Channel | Metadata Leaked | Verdict |
|---|---|---|
| Signal (disappearing, sealed sender) | Phone # known to Signal, message content E2EE | GOOD for most threats |
| PGP over Tor email (ProtonMail/Tutanota) | Email metadata (provider sees from/to/time), body E2EE | GOOD |
| Tor hidden service direct message | Nothing. Both parties behind .onion. | BEST |
| Telegram (even "secret chats") | Phone #, cloud metadata, Telegram has your IP | MEH |
| Discord / Slack / Email (plaintext) | Everything. Logged forever. Subpoena-able. | NO |
Time matters: Proof keys expire in 30 minutes. Use disappearing messages set to 5 minutes or less. The buyer should send the proof key immediately after the wallet confirms the private send. The vendor should verify immediately upon receipt. Ephemeral channels for ephemeral keys.
Signal Integration Hook (Python bot)
# signal-cli or signal-bot framework — send proof key after payment
import subprocess, json
def send_proof_via_signal(recipient_phone, tx_hash, proof_key):
"""Send proof key through Signal. Disappearing message. Verify within 30 min."""
msg = json.dumps({
"tx_hash": tx_hash,
"proof_key": proof_key,
"verify_at": f"POST /verify_proof.php with tx_hash + proof_key",
"expires": "30 minutes from generation — verify NOW",
})
subprocess.run([
"signal-cli", "-u", "+1YOUR_NUMBER",
"send", "-m", msg, recipient_phone,
"--expire", "300", # 5-min disappearing message
])
# After private SYNX send:
send_proof_via_signal("+1BUYER_PHONE", "a1b2c3d4...", "PT-f7e8d9c0...")The channel is not the API's problem. That's the beauty. The API only verifies proof keys — it never knows how they traveled. You could print the key on a receipt and hand it across a counter. The math still works. The verification is stateless. The key expires in 30 minutes regardless of channel.
⚓ Marketplace Payment Rite
You're building a sovereign marketplace. No Stripe. No PayPal. No KYC middleware. Just the Synergy Sea and quantum-sealed proof keys. Here's how you verify payments with exact amounts using only a proof key — no addresses ever revealed.
Proof keys decode exact amounts — nothing else. The SYNX Node generates a quantum-sealed proof key using Kyber-768 lattice encryption that decodes to the exact payment amount — no addresses, no block heights, no sender/receiver info. A 300 SYNX order? The key decodes to "300.00". A 100 SYNX payment? "100.00". No ambiguity on amount. Total ambiguity on identity. Key expires in 30 minutes.
# Flask marketplace backend: amount-only verification via proof key
import requests
API = "https://explorer.synxcrypto.com/explorer/api"
@app.route('/verify-payment', methods=['POST'])
def verify():
tx_hash = request.json['tx_hash']
proof_key = request.json['proof_key'] # raw 64-hex or PT- prefixed (API accepts both)
order = Order.query.filter_by(tx_hash=tx_hash).first()
if not order:
return {'status': 'unknown_order'}, 404
# Step 1: confirm TX exists on-chain
existence = requests.get(f"{API}/privacy/tx/{tx_hash}/verify", timeout=20).json()
if not existence.get('exists') or not existence.get('confirmed'):
return {'status': 'not_confirmed'}, 402
# Step 2: decode exact amount using proof key (30-min window)
# Uses verify_proof.php — returns "amount" (not "amount_decoded")
result = requests.post(f"{API}/verify_proof.php",
json={"tx_hash": tx_hash, "proof_key": proof_key}, timeout=20).json()
if result.get('valid'):
paid = float(result['amount']) # ← "amount" not "amount_decoded"
if paid >= order.total:
order.status = 'paid'
db.session.commit()
return {'status': 'sovereign_paid', 'exact_amount': paid}
return {'status': 'underpaid', 'sent': paid, 'required': order.total}, 402
# Error responses include "error" + "hint" — check both
error = result.get('error', '')
if 'expired' in error.lower():
return {'status': 'proof_expired', 'message': 'Proof key expired — ask buyer for a fresh key'}, 410
return {'status': 'invalid_proof', 'hint': result.get('hint', '')}, 402Amount-only by design. The proof key decodes the quantum lattice seal into the exact amount — and that's all it does. There is no endpoint, no view key, no mechanism in this API to reveal sender or receiver addresses. The marketplace sees "300.00 SYNX was paid" — never who paid or from where. That's the privacy contract. It's permanent.
✗∑🗡 Code Grimoire — Every Language, Every Pattern
Python — Verify a Proof Key
import requests
API = "https://explorer.synxcrypto.com/explorer/api"
SOCKS = {'http': 'socks5h://127.0.0.1:9050', 'https': 'socks5h://127.0.0.1:9050'}
def verify(tx_hash, proof_key, tor=False):
"""Verify a SYNX proof key — decodes exact amount, reveals nothing else.
The SYNX Node generates proof keys using quantum Kyber-768 lattice encryption.
Keys expire in 30 minutes. Verify immediately upon receipt.
Uses verify_proof.php — the recommended endpoint.
"""
s = requests.Session()
if tor: s.proxies = SOCKS
return s.post(f"{API}/verify_proof.php",
json={"tx_hash": tx_hash, "proof_key": proof_key},
timeout=20).json()
def check_exists(tx_hash, tor=False):
"""Check if a TX exists on-chain. Reveals nothing about amounts or addresses."""
s = requests.Session()
if tor: s.proxies = SOCKS
return s.get(f"{API}/privacy/tx/{tx_hash}/verify", timeout=20).json()
# Usage — the whole rite (amount-only verification)
# Buyer sends you: tx_hash + proof_key (off-chain, via Signal/PGP/Tor)
result = verify("a1b2c3d4...", "f7e8d9c0...", tor=True) # raw or PT- prefixed
if result.get("valid"):
print(f"𖣐 Payment confirmed — exact amount: {result['amount']} {result['currency']}")
# No addresses revealed — ever. Only the amount surfaces.
elif result.get('error'):
print(f"⚠ {result['error']}")
if result.get('hint'): print(f" Hint: {result['hint']}")
# The SYNX Node generates the proof key. You just verify it.
# Proof key = quantum puzzle key. Amount = the only answer.
# Sender? Drowned. Receiver? Drowned. That's the deal.Node.js — Payment Verifier (Express Middleware)
const fetch = require('node-fetch');
const API = 'https://explorer.synxcrypto.com/explorer/api';
async function verifyPayment(txHash, proofKey) {
// Proof key generated by SYNX Node — quantum Kyber-768 sealed
// Expires in 30 minutes — verify immediately
const r = await fetch(`${API}/verify_proof.php`, {
method: 'POST',
headers: {'Content-Type': 'application/json'},
body: JSON.stringify({ tx_hash: txHash, proof_key: proofKey }),
});
return r.json();
}
// Express middleware — drop into any route
async function requirePayment(req, res, next) {
const { tx_hash, proof_key } = req.body;
const result = await verifyPayment(tx_hash, proof_key);
if (!result.valid) {
// Error responses include "error" + "hint" fields
return res.status(result.error?.includes('expired') ? 410 : 402).json({
error: result.error,
hint: result.hint,
});
}
req.paymentAmount = result.amount; // ← "amount" (not "amount_decoded")
req.paymentCurrency = result.currency;
next();
}cURL — Complete Cheat Sheet
BASE="https://explorer.synxcrypto.com/explorer/api"
# Sea depth readings
curl $BASE/privacy/stats
# Recent shadow transactions
curl "$BASE/privacy/recent?limit=10"
# Shadow lookup (private TX)
curl $BASE/privacy/tx/a1b2c3d4e5f6...
# Existence oracle
curl $BASE/privacy/tx/a1b2c3d4e5f6.../verify
# Verify a proof key — RECOMMENDED (simple endpoint)
# Returns: {"valid":true, "amount":"183.00", "currency":"SYNX", ...}
curl -X POST $BASE/verify_proof.php \
-H "Content-Type: application/json" \
-d '{"tx_hash":"a1b2c3d4...","proof_key":"f7e8d9c0..."}'
# GET also works (quick terminal check):
curl "$BASE/verify_proof.php?tx_hash=a1b2c3d4...&proof_key=f7e8d9c0..."
# PT- prefix also works in proof_key:
# "proof_key":"PT-f7e8d9c0..." or "proof_token":"f7e8d9c0..."
# Runic Envelope (richer metadata: timestamp range, expiry)
curl -X POST $BASE/privacy/tx/a1b2c3d4.../rune-verify \
-H "Content-Type: application/json" \
-d '{"proof_token":"f7e8d9c0..."}'
# All of the above, through Tor:
torsocks curl http://synxexplorer.onion/explorer/api/verify_proof.php \
-d '{"tx_hash":"a1b2...","proof_key":"f7e8..."}'⚔ SynergyX vs Monero — The Honest Comparison
Monero pioneered. Ring signatures, RingCT, stealth addresses — all brilliant. But they were built for a pre-quantum world where Ed25519 was unbreakable and exact timestamps on an explorer were "fine." That era's ending. Here's where the two chains stand when you put them side by side:
| Capability | Monero (XMR) | SynergyX (SYNX) |
|---|---|---|
| Payment proofs | check_tx_proof (leaks addresses) | POST /verify_proof.php (amount only) |
| Address disclosure in proofs | ❌ addresses visible in proof | ✅ NO addresses — ever |
| Amounts hidden (explorer) | ✅ RingCT | ✅ null in all stores + quantum proof keys |
| Amount in proof | ❌ exact amount + addresses exposed | ✅ Exact amount decoded, zero addresses |
| Proof expiry | ❌ proofs live forever | ✅ 30-minute window — ephemeral by design |
| Proof generation | Client-side (attackers can reverse-engineer) | SYNX Node (quantum Kyber-768 — unforgeable) |
| Timestamp privacy | ❌ exact to the second | ✅ ±120s fuzzy |
| Fee privacy | ❌ exact sat/byte visible | ✅ 5-tier buckets |
| Block height hidden | ❌ visible on explorer | ✅ null for private TXs |
| Anti-timing oracle | ❌ no API jitter | ✅ 500ms constant ceiling |
| Indistinguishable 404s | ❌ different shape | ✅ not_found == private |
| Post-quantum signatures | ❌ Ed25519 (Shor-dead) | ✅ SPHINCS+-SHAKE256-128f |
| Post-quantum key exchange | ❌ x25519 (Shor-dead) | ✅ Kyber-768 (FIPS 203) |
| Wallet disk encryption | ChaCha20 | ✅ Argon2id (2GB, 4 passes) |
| Tor-native API | ✅ RPC | ✅ Stateless REST |
| Quantum migration needed? | ❌ YES — total rewrite | ✅ Born this way. Genesis block. |
If you're still using Monero in 2026, you're already dead: you just haven't noticed.
Your ring signatures? Chainalysis clusters them like cattle. Exact timestamps? NSA timestamps your coffee. Ed25519? Shor's coming: your keys are dust. Client-side proof generation? Decompile the wallet and forge proofs all day. That's archaeology, not security.
SynergyX proof keys are generated by the SYNX Node using quantum Kyber-768 lattice encryption. The generation method is sealed inside the Node's core — no client, no decompiler, no attacker can access the internal quantum lattice parameters. Even a sophisticated adversary who fully decompiles the wallet gets nothing: the wallet receives the proof key from the Node. It doesn't generate it. The secret never leaves the Node.
Shadow transactions: sender, receiver, amount, block: null. Not obfuscated. Erased.
Quantum proof keys: Kyber-768 lattice-sealed puzzle keys: prove the exact amount without leaking who sent, who received, when (±120s fuzz), or where. The key decodes exact amounts — 183.00, not "medium". No addresses in the proof. No addresses in the API. No addresses anywhere. Expires in 30 minutes.
No address disclosure: There is no view key endpoint. No audit endpoint. No mechanism to reveal sender or receiver through this API. The amount is all that surfaces. Identity stays drowned — permanently.
Post-quantum: Kyber-768, SPHINCS+, SHAKE256 — Shor can kiss your genesis block. No roadmap. No "later will add quantum sigs." We were born immune.
You want privacy? Stop begging for scraps. With Synergy you get quantum stealth and speed in the sea of shadows. Take the blade.
The quantum elephant: Monero's Ed25519 keys are Shor-vulnerable. Their "migration plan" means every wallet re-derives keys under a new scheme — while the chain is live, while funds are at risk, while the timeline is unknown. SynergyX doesn't have a migration plan because there's nothing to migrate from. Kyber-768 + SPHINCS+ from block zero. When Shor wakes up, this chain doesn't flinch. Legacy chains crumble. That's the difference between "we'll fix it later" and "we fixed it first."
Error Codes
Two endpoints, two error shapes. verify_proof.php returns "error" + "hint" fields. The Runic Envelope (/rune-verify) returns "reason". Both always include "valid": false. Parse valid first, then check the error field that matches your endpoint.
verify_proof.php — HTTP Status Codes
| Code | Meaning | Response includes |
|---|---|---|
| 200 | Success — proof key verified, exact amount decoded | valid, tx_hash, amount, currency, confirmed_at, message |
| 200 | Invalid proof — wrong key for this TX (not an HTTP error) | valid: false, tx_hash, error, hint |
| 400 | Bad request — missing fields, malformed hash, invalid format, oversized input | valid: false, error, hint, sometimes example |
| 429 | Sea throttled — 30 req/min per IP. Back off and cache results. | valid: false, error, hint |
| 503 | SYNX Node unavailable — daemon syncing or restarting. Retry in moments. | valid: false, error, hint |
Runic Envelope (/rune-verify) — HTTP Status Codes
| Code | Meaning |
|---|---|
| 200 | Success — proof key verified, amount decoded with rich metadata |
| 200 | Invalid proof — "reason": "Proof token does not match any registered runic proof" |
| 200 | Expired — "reason": "Runic proof has expired" |
| 404 | TX not found or TX is private (you'll never know which — by design) |
| 429 | Sea throttled — incremental ban tiers (100→throttle, 500→5min ban, 1500→1hr ban) |
| 500 | Internal disturbance — check server logs |
429 Sea Throttle — Response Body
All 429 responses (both endpoints) include a Retry-After HTTP header (RFC 7231) and a structured JSON body with tier information:
// 429 Response — sea throttle or ban active
// Retry-After: 60 (HTTP header — seconds until retry)
{
"error": "Sea throttled — incremental ban tiers protect the Sea",
"throttle_tier": "standard", // "standard" | "tier1" | "tier2" | "active_ban"
"retry_after": 60, // seconds until you can retry
"message": "100 req/min exceeded — exponential backoff (60s). Cool down and come back.",
"tiers": {
"standard": "100 req/min — exponential backoff",
"tier1": "500 req/min — 5-minute ban",
"tier2": "1500 req/min — 1-hour ban"
}
}
// Example: active ban (hit 500+ req/min earlier)
// Retry-After: 253
{
"throttle_tier": "active_ban",
"retry_after": 253,
"message": "Active ban — 253s remaining. Keep pushing and the Sea pushes back harder."
}Parse retry_after or the Retry-After header — both give the same value in seconds. The throttle_tier field tells you which escalation level you've hit. If you're seeing "active_ban", you've already been escalated — the message tells you how long you're drowning. verify_proof.php has its own simpler 30 req/min rate limiter that returns a plain error message without tier info.
Input formats (both endpoints): TX hash = exactly 64 hex chars [a-fA-F0-9]{64}. Proof key = max 67 chars (with PT- prefix) or exactly 64 hex (raw). The API accepts both formats — server strips PT- automatically. verify_proof.php accepts the field name proof_key or proof_token (alias). Anything outside these bounds gets a hard 400. No trimming. No mercy.
Rate limits differ by endpoint. verify_proof.php enforces 30 req/min per IP. The Runic Envelope uses the privacy API's sea throttle: 100 req/min baseline with incremental ban escalation (500→5min, 1500→1hr). Cache proof results client-side during the 30-minute window — a verified seal doesn't change while active. Once valid: true, the amount is the amount.
🕳 Zero Metadata Guarantees — What Devs Must Know
If you're integrating this API, here's the hard proof that no metadata leaks. Every claim below is GhostReaper-audited (100+ attack vectors, 0 unpatched findings).
Security Properties — Developer Checklist
| Property | Guarantee | How |
|---|---|---|
| Proof keys unforgeable | ✅ | Generated by SYNX Node using quantum Kyber-768 lattice encryption. Internal parameters never leave the Node process. Cannot be forged even by decompiling the wallet. |
| Proof keys ephemeral | ✅ | Every proof key expires in 30 minutes. After expiry, the seal is permanently broken. No "forever tokens" — minimizes replay and interception risk. |
| Amount never on the wire | ✅ | Server stores quantum-sealed lattice encoding. Raw amount never sent, received, or stored in cleartext. Only the proof key can decode it. |
| Lattice size = constant | ✅ | All lattice seals padded to a fixed length. A 0.01 SYNX TX and a 777,000,000 SYNX TX produce identical-sized seals. Amount magnitude is invisible. |
| Timing oracle dead | ✅ | 500ms constant ceiling on every response. Cohen's d = 0.015 between valid/invalid paths (GhostReaper confirmed). Statistically invisible. |
| Proof key never stored raw | ✅ | Server stores SHA256(proof_key) only. If DB leaks → hashes + sealed lattice noise. Computationally useless without the key. |
| Sender/receiver never sent | ✅ | No endpoint exists that accepts or returns addresses. No view keys. No identity data. Amount-only architecture. |
| No response differentiation | ✅ | "TX not found" and "TX is private" return identical response shapes. No info leak. |
| Sea throttle holds under concurrency | ✅ | File-based sea throttle limiter with LOCK_EX serialization. 200 concurrent requests → 0 got through (GhostReaper). TOCTOU window is closed. Incremental ban tiers (500→5min, 1500→1hr) escalate even during active bans — counter never stops. Beyond 60% of budget, daemon RPC calls are denied to prevent DDoS amplification. IPs stored as SHA-256 hashes. |
What You MUST Do as an Integrator
1. Never log proof keys. The proof key is the puzzle key to the amount. If your application logs it, you've broken the privacy model. Treat it like a private key.
2. PT- prefix accepted — but validate your inputs. The API accepts both PT-f7e8... and raw f7e8... formats — the server strips it automatically. But tx_hash must be exactly 64 hex chars and proof_token max 67 chars. Oversized inputs get a hard 400.
3. Verify within 30 minutes. Proof keys expire. Build your verification flow to be immediate — not next-day batch processing.
4. Share proof keys over zero-metadata channels only. Signal (disappearing), PGP over Tor, .onion DMs. Never Discord. Never Slack. Never email without PGP.
5. Cache verified proofs client-side. Once "valid": true, store the result. Don't re-verify — you're leaking timing patterns and the key might expire between checks.
6. Deploy nginx hardening in production. The API ships with nginx_privacy_hardening.conf — 5s timeouts, 20 conn/IP, 100 req/min sea throttle limiting, path traversal blocking. Active slow-loris defense.
𖣐 Code It. Test It. Own the Dark.
Only one mainnet today. No pre-sale. No VC dump. No influencer allocation. No foundation treasury where 6 people control 40% of supply. No "strategic partnership" press releases. Just a chain, a community, and math that doesn't bend.
You now have everything. Six endpoints. Real code. Tor routing. Signal hooks. A threat model that's honest about what leaks and what doesn't. Quantum Kyber-768 proof keys generated by the SYNX Node — unforgeable puzzle keys that decode exact amounts and nothing else. No address disclosure — not with a view key, not with a proof key, not ever. Timestamp fuzzing that makes timing analysis statistically meaningless. And underneath all of it, lattice cryptography that survives every known quantum attack — not because we migrated, but because we started there.
The Synergy Sea is the post-quantum ocean where shadows never surface. No data center can be king when SynergyX dethrones them and thrones the user. Every private transaction sinks into Kyber-768 encapsulation, sealed by SPHINCS+ hypertrees, indexed by quantum lattice commitments. Amounts whisper through proof keys — gibberish to observers, exact decimals to key holders. The explorer sees ripples. The API returns null where it matters. The proof key is the only thread back to the amount — and the amount is all that surfaces. Sender and receiver? Drowned. Permanently. No endpoint, no key, no subpoena brings them back.
No KYC. No custody. No chain analysis. No address disclosure. No central point of failure. No migration roadmap because there's nothing to migrate from. First mover in the quantum endgame.
This isn't documentation. This is a weapon. Use it.
𝓢𝔁
Code it. Test it. Own the dark tides.
SynergyX Privacy API v2.0 — Quantum Proof Keys — The Synergy Sea
The post-quantum ocean where shadows never surface.