Privacy is not instant. It germinates.

Enter theEntropy Forest

A living cryptographic ecosystem where hidden seeds mature into fallen-leaf claims through time, overlap, and scale.

Enter Read Technical Brief

Seed commitmentsRoot overlapRing maturityFallen-leaf claims

seedgerminationrootsringsbranchesfallen leaf

Privacy is not instant.

It germinates through cohort depth, epoch delay, root membership, ring maturity, and branch aggregation.

Entropy forms over time.

The forest strengthens as seeds overlap with other roots, mature through rings, and enter broader proof surfaces.

The leaf is the claim.

A fallen leaf can be collected with a proof and nullifier while the original seed remains hidden.

Lifecycle

The seed remains hidden. The leaf becomes the claim.

A deposit does not become an immediate exit. It enters the forest as a seed, germinates through cohort and epoch constraints, joins root state, grows rings, and reaches branch aggregation before a fallen leaf can be collected.

Seed Deposit

ShieldedPool.depositSeed locks ETH, inserts the note commitment, and plants a lifecycle seed without making the deposit itself withdrawable.

Germination Gate

LivingTreeRegistry.germinateSeed requires a known seed, a minimum cohort, enough epoch age, and the expected tree context.

Sapling Insertion

A germinated seed inserts its internal leaf into the living tree. The emitted sapling event marks the first active forest state.

Ring Growth

A known living tree root can grow a ring, turning maturity history into a reusable root surface.

Branch Root

ForestBranchRegistry.growBranch aggregates one or more known ring roots into an active branch root.

Leaf Fall

LeafFallRegistry.fallLeaf verifies the fall proof, spends the fall nullifier, and creates the exit leaf.

Leaf Drop

LeafDropRegistry records the leaf root and keeps collection state separate from the original seed path.

Collect

LeafCollectionPool.collectLeaf verifies the collection proof and nullifier before pulling shielded liquidity into the fallen-leaf claim.

Living anatomy

Seed, root, ring, branch, leaf

The forest is a staged proof ecology. A seed enters below the surface, gains root membership, matures through rings, and only later produces a fallen-leaf claim.

Root layerunderground entropy

01SeedPoseidon(note)

A deposit becomes a private seed commitment.

02Germinationepoch queue

Cohort size, amount class, and delay checks remove freshness.

03RootsMerkle insert

The sapling enters a shared living tree root.

04Intertwined Rootsring roots

Known tree roots mature into reusable ring roots.

sapling promotionmaturity path

Canopy layervisible proof surface

05Saplingcohort gate

The seed graduates once cohort and epoch checks pass.

06Ringsmaturity accumulator

Age, valid epochs, leaf drops, and stable health add maturity.

07Branchesforest root

Verified ring roots aggregate into broader proof surfaces.

08Fallen Leafproof + nullifier

A collectable claim is proven without exposing the seed.

InterpretationGermination creates the first delay layer. Rings prove maturity. Branches widen the proof surface. The fallen leaf is the collectable object, not the original seed.

Seed

The deposit commitment derived from a private note.

Germination

The first entropy layer: cohort size, timing delay, and denomination normalization.

Roots

Underground links into epoch, batch, entropy-class, and root-snapshot sets.

Sapling

A seed with enough baseline entropy to join larger forest structures.

Rings

Maturity earned through age, valid epochs, leaf drops, and stable exit conditions.

Branches

Higher-order proof links between mature trees and forest roots.

Fallen leaf

The matured withdrawable claim collected with a proof and nullifier.

Mechanics primer

The forest metaphor maps to concrete cryptographic objects.

The emotional layer gives the system shape. The technical layer is still explicit: commitments hide note material, Merkle roots compress membership, nullifiers prevent double spends, and scoped proofs bind private witnesses to public contract state.

Commitment

A commitment is a public hash of private note material. It confirms that a note exists without revealing the secret needed for a later proof.

public: commitment hash
private: note secret
purpose: deposit registration

Cohort

A cohort is a group of similar seeds sharing timing and denomination constraints. Germination waits for enough compatible seeds before activation.

public: cohort id
private: note ownership
purpose: freshness reduction

Merkle Root

A Merkle root compresses many leaves into one public value. A private witness proves membership in that root without exposing the leaf path.

public: root
private: path witness
purpose: set membership

Ring Root

A ring root represents maturity history for a known living tree root. It is reusable infrastructure rather than a disposable withdrawal pool.

public: ring root
private: no note secret
purpose: maturity accounting

Branch Root

A branch root aggregates known ring roots into a larger proof surface. Source roots must already exist before branch growth is accepted.

public: branch root
private: source selection policy
purpose: root aggregation

Fallen Leaf

A fallen leaf is the collectable claim. It is produced after proof verification and nullifier spending, not at initial deposit time.

public: exit leaf
private: membership witness
purpose: claim separation

Public chain data

contract addresses, commitments, roots, active flags, nullifier hashes, verifier results, fee movements

Private witness data

note secret, randomness, Merkle path, proof witness, ownership material

Protocol does not promise

guaranteed anonymity, risk-free yield, hidden illicit origin, clean-funds treatment, production security

Entropy engine

Entropy forms through time, overlap, and scale.

Each stage is designed to add plausible paths and reduce obvious fingerprints. The technical target is to increase the candidate set, reduce timing and amount uniqueness, and prove maturity without exposing the original seed.

Seed

Primitive: Poseidon commitment + fixed denomination
Entropy created: Removes the direct identity of the deposit note and reduces amount fingerprinting by forcing deposits into shared denominations.
Output: A seed commitment waiting for cohort formation.

Germination

Primitive: Epoch queue + minimum cohort threshold
Entropy created: Prevents immediate deposit-to-exit linkage by delaying activation until enough similar seeds exist in the same timing window.
Output: A germinated seed with baseline timing entropy.

Roots

Primitive: Merkle insertion + tree root registry
Entropy created: Moves the germinated seed into a shared living tree root, separating seed metadata from later proof surfaces.
Output: A sapling committed inside a living tree.

Intertwined Roots

Primitive: Known ring-root aggregation
Entropy created: Allows mature ring roots to be bundled only after the source roots are known by the registry.
Output: A branch root with explicit source-root provenance.

Sapling

Primitive: Entropy score gate
Entropy created: Graduates only the seeds that pass minimum age, cohort, root-link, relayer, and liquidity checks.
Output: An active forest participant, no longer a fresh deposit.

Tree Rings

Primitive: Maturity accumulator
Entropy created: Adds weight for time, valid epochs, successful fallen-leaf events, consumed nullifiers, and stable protocol health.
Output: A mature tree that can strengthen future proof sets.

Intertwined Branches

Primitive: ForestBranchRegistry branch root
Entropy created: Links one or more ring roots into a higher-order proof surface that can sit above individual tree roots.
Output: An active branch root for leaf-drop lineage.

Fallen Leaf

Primitive: Groth16 membership proof + nullifier
Entropy created: Proves that one matured claim exists in the forest while preventing double spend and avoiding seed disclosure.
Output: A collectable withdrawal claim.

Scoring frame

score = candidate set + maturity + overlap - fingerprints

This is not an anonymity guarantee. It is the engineering frame for assessing whether a seed has accumulated enough entropy for fallen-leaf eligibility.

Candidate set

log2 of plausible seeds, saplings, trees, and mature root paths.

Denomination density

larger same-amount cohorts reduce amount uniqueness.

Timing spread

longer activation windows reduce immediate deposit-to-exit linkage.

Root overlap

ring and branch aggregation expands valid source-root choices.

Relayer separation

independent execution paths reduce direct sender correlation.

Liquidity buffer

available pool balance prevents collection timing from becoming the fingerprint.

Penalty terms

small cohorts, rare amounts, isolated roots, short waits, or weak liquidity.

Forest health

A tree does not become stronger by existing alone.

Entropy improves only when roots overlap, cohorts thicken, liquidity is deep enough, and exits cannot be isolated. Forest health turns that constraint into an explicit eligibility layer instead of treating privacy as automatic.

Matured Membership

Legacy shielded pools prove prior membership in a deposit set. Entropy Forest targets matured membership in an evolving forest state: cohort depth, root overlap, ring history, and branch aggregation.

Density Before Exit

A leaf should not fall from a thin tree. If cohort size, denomination density, timing overlap, or pool liquidity is weak, eligibility should delay rather than create an isolated exit.

Guarded Growth

New trees and maturity classes must increase plausible paths. Sparse classes can wait, merge, or remain non-eligible until root surfaces overlap enough to reduce obvious fingerprints.

Health signals

Weak forest states should wait, merge, or lose eligibility.

Cohort depth

minimum compatible seeds by denomination, epoch, and privacy class

Liquidity depth

available principal buffer plus fee reserve before claims become collectable

Timing overlap

activation and collection windows wide enough to avoid one-to-one paths

Relayer diversity

independent execution routes that reduce sender and timing correlation

Branch overlap

mature ring roots reused across larger proof surfaces

Exit isolation

penalty when a leaf has too few plausible source paths

Sepolia alpha

The mythology has a contract trail.

The current alpha verifies the seed-to-leaf lifecycle in public testnet state: shielded deposit, seed planting, germination, ring growth, branch aggregation, fall proof, leaf-drop registration, collection proof, and test recovery.

Sepolia alphaVerified

depositSeed, germination, rings, branches, leaf fall, and collection

Local tests81

Passing Foundry tests across protocol and recovery surfaces

Emergency drillPassed

Pause-gated test recovery exercised on Sepolia

Launch statusResearch

No public sale or production privacy claim

Sepolia verified

ShieldedPooldepositSeed

Locks ETH, inserts the note commitment, and plants the lifecycle seed through the configured seed registry.

Sepolia verified

LivingTreeRegistryplantSeed / germinateSeed

Records cohort metadata, enforces minimum cohort and epoch age, then inserts the internal leaf as a sapling.

Sepolia verified

LivingTreeRegistrygrowRing

Turns a known living tree root into a ring root that can later feed higher-order forest aggregation.

Sepolia verified

ForestBranchRegistrygrowBranch

Aggregates known ring roots into an active branch root after checking the source roots are already registered.

Sepolia verified

LeafFallRegistryfallLeaf

Accepts the fall proof, spends the fall nullifier, and creates the collectable exit leaf.

Sepolia verified

LeafCollectionPoolcollectLeaf

Validates the collection proof, spends the collection nullifier, and pulls payout liquidity from the shielded pool.

01Deposit

ETH is locked and a seed commitment is planted.

02Germinate

Cohort and epoch gates convert the planted seed into an internal leaf.

03Insert

The internal leaf joins the living tree and creates a new known tree root.

04Mature

A known tree root grows a ring root, then a branch root aggregates known ring roots.

05Fall

A Groth16 fall proof spends the fall nullifier and creates an exit leaf.

06Collect

A collection proof spends the collection nullifier and releases the funded claim.

Design constraints

Staged privacy formation requires hard boundaries.

The architecture is only coherent if each stage reduces a specific fingerprint while keeping double-spend prevention, proof scope, administrative controls, and auditability intact.

Fixed-Denomination Notes

Shared denominations reduce amount fingerprinting and keep deposits inside comparable cohorts.

Nullifier Discipline

Fall and collection nullifiers prevent double spends while avoiding disclosure of the original seed secret.

Scoped Verifiers

Groth16 adapters bind proofs to the intended chain and protocol scope so valid proofs cannot be replayed across contexts.

Operational Controls

Owner handoff, allowlisted pause targets, and admin drills define the emergency surface for the alpha contracts.

Privacy classes

Different trees can mature at different depths.

Privacy classes define the expected wait window, work intensity, relayer path, and entropy target for a deposit cohort without making guaranteed-anonymity claims.

SeedlingFixed note, minimum cohort, first germination window

RootedSeedling plus root-link eligibility and batch snapshot inclusion

SaplingRooted plus bounded delay, relayer readiness, and baseline entropy score

Ringed TreeSapling plus maturity rings from successful epochs and leaf-drop history

CanopyBranch aggregation, forest-root snapshots, and stricter exit conditions

Ring rewards

Staying in the forest can strengthen the forest.

Longer-lived deposits add liquidity depth, timing overlap, and mature proof surface. If real protocol fees exist, a capped share can route to broad ring bands without promising yield or exposing exact deposit age.

Germinationminimum delay

No reward weight. The seed waits for cohort and epoch readiness before any fallen-leaf claim can form.

First Ringsearly maturity

A broad maturity band can become fee-eligible after baseline privacy checks and liquidity buffers are met.

Deep Ringsextended maturity

1.5x

Longer-lived deposits add timing overlap and depth, so a capped fee share may route to this band.

Canopy Capsaturation

2x cap

Reward weight stops increasing after the cap, preventing indefinite parking from dominating fee distribution.

Real fees only

Rewards can come from realized protocol fees, relayer/prover fees, premium classes, or approved token-tax routing, never from new deposits as the source of return.

Broad buckets

Maturity bands should be coarse enough that rewards do not reveal exact deposit age or create unique withdrawal amounts.

Separate nullifier

Reward collection should use its own nullifier path so principal withdrawal and fee reward accounting do not collapse into one fingerprint.

Capped weight

Ring weight should saturate. Time helps the forest, but endless duration should not create uncapped claims on protocol fees.

Protocol economics

Economic routing remains secondary to the privacy engine.

Draft economics include fee-dependent ring rewards, holder reward routing, treasury funding, and fee-funded buyback-and-burn. These are research terms, not public offering terms.

Destination	Service fees	Buy/sell tax
Operations, relayers, provers, gas	45%	n/a
Holder reward vault	20%	40%
Protocol treasury	20%	35%
Buyback-and-burn sink	15%	25%

Demand source

Protocol fees fund privacy work, relayers, proof generation, and operational capacity.

Token path

Draft fee routing may support ring rewards, holder rewards, treasury reserves, and buyback-and-burn without making token ownership mandatory for protocol use.

Safety posture

Positioning remains limited to lawful privacy, selective disclosure, and transparent risk limits.

Novel surface

The forest model treats roots as living infrastructure rather than one-off pools.

Capital formation

Draft-stage funding framework for qualified strategic review.

Stage 1

Seed

8%-12% draft allocation

6-12 month cliff, 18-36 month vest, capped multiplier concept

Legal analysis, circuits, protocol engineering, audit planning, entropy scoring, and diligence documentation.

Stage 2

Presale

10%-18% draft allocation

3-6 month cliff, 12-24 month vest, lower capped multiplier concept

Testnet expansion, relayer infrastructure, frontend, Telegram bot, audit deposits, and disclosure tooling.

Technical brief

The forest opens into a diligence framework.

Abstract

Genesis Entropy is an ETH-first privacy protocol where deposits enter as seeds and move through explicit entropy layers before any fallen-leaf withdrawal is eligible. The v0 product centers on fixed-note commitments, germination windows, root and branch aggregation, relayer execution, entropy scoring, and transparent fee accounting.

Entropy Score

Entropy is treated as a public product metric. Candidate-set size, seed age, root overlap, branch aggregation, ring count, relayer diversity, buffer ratio, and timing penalties can all contribute to an epoch-level score. The score estimates unlinkability improvement; it does not guarantee anonymity.

Forest Health

Forest health checks prevent sparse privacy theater. Thin cohorts, isolated roots, weak liquidity, or low relayer diversity should delay eligibility until the forest state produces a stronger candidate set.

Ring Rewards

Longer maturity can strengthen liquidity depth and timing overlap. Any ring rewards remain fee-dependent, capped, and bucketed so exact deposit age does not become a withdrawal fingerprint.

Capital Formation

Seed and presale discussions are framed around research milestones, testnet validation, risk controls, legal analysis, and audit readiness. Sale terms remain draft-only until reviewed.

Compliance Posture

The compliance posture centers on lawful account separation with selective disclosure, transparent accounting, relayer controls, and interface-level risk screening. Marketing must avoid evasion, laundering, fabricated activity, or untraceable-funds claims.

Roadmap

From alpha mechanics to audit-ready infrastructure.

Research

Protocol design, risk boundaries, token model, and legal scoping.

Alpha

Sepolia lifecycle with seed deposit, germination, sapling insertion, ring root, branch root, fall proof, collection proof, and AlphaAdmin.

MVP

ETH-only privacy classes, relayer path, entropy score, and selective disclosure hooks.

Security

Trusted setup, external audits, load testing, and production deployment controls.

Growth

Later wallet products only after the core privacy engine and compliance surfaces are sound.

Risk boundaries

No guaranteed yield. No untraceable-funds claims. No fabricated activity.

This is high-risk privacy infrastructure research, not a production privacy guarantee.

No yield, token appreciation, anonymity, or sale participation is guaranteed.

Ring rewards, if implemented, depend on realized protocol fees, capped maturity bands, and legal review.

Token rewards, tax routing, and staged sale mechanics require legal review before public offering.

Development Groth16 artifacts must be replaced by ceremony outputs before production claims.

The protocol must avoid sanctions evasion, fabricated activity, and claims that funds become clean or untraceable.

Diligence contact

Enter the forest, then examine the roots.

Diligence materials are organized around protocol status, technical roadmap, capital formation, risk boundaries, and assumptions that still require review.

Diligence contact Technical brief