0xbow: An Overview

0xbow functions as a research and development entity that develops open-source infrastructure aimed at enabling compliant privacy on blockchain-based financial systems. Its flagship product, Privacy Pools, gives participants the ability to carry out private transactions while cryptographically decoupling their funds from tainted sources. The project, incubated by NumberGroup, seeks to balance individual privacy demands with regulatory obligations using zero-knowledge proofs and a construct labeled "Proof of Association."

Overview

0xbow tackles the privacy limitations inherent to transparent ledgers such as Ethereum, where account histories and balances are publicly visible and can expose users to financial and personal vulnerabilities. The organization proposes a solution that provides confidentiality for transactions but also layers in compliance safeguards. The key premise is that users should be able to attest to the provenance of their funds without exposing their entire transaction history.

The project frames its objective as DeFi's response to a rising requirement for solutions that reconcile privacy and regulatory compliance. That aim is implemented through the Privacy Pools protocol, which organizes users into "Association Sets" managed by an "Association Set Provider" (ASP). This architecture permits the creation of a zero-knowledge proof showing that funds belong to a pool of compliant assets, severing the on-chain connection between deposit and withdrawal addresses while giving counterparties assurance about lawful origins.

All core components produced by 0xbow are open-source and modular, enabling integration by other privacy systems, decentralized applications, and Layer 1 or Layer 2 networks that wish to adopt its compliance primitives. The legal entity operating the initiative is 0XBOW LTD.

History

The public presence of the 0xbow project began with the establishment of its official X (formerly Twitter) account in October 2023. The initiative was supported in its early phase by NumberGroup as its incubator.

A notable cryptographic milestone for the effort was a trusted setup ceremony completed to produce secure parameters for the protocol's zero-knowledge proofs. That ceremony finished with participation from 514 unique contributors, strengthening the security and decentralization of the foundational parameters.

Active development on the `privacy-pools-core` repository continued throughout 2025, reflecting sustained engineering progress on the protocol.

• In January 2025, work was committed for implementing a basic relayer and interfaces for Groth16 proofs.
• By February 2025, the project's software development kit (SDK) was established under the `0xbow` namespace.
• On April 1, 2025, mainnet deployment addresses were added to the project's documentation, signaling preparations for a live launch on the Ethereum mainnet.
• A major protocol upgrade to the entrypoint contract was committed on May 21, 2025, with a sign-off from Ameen Soleimani.
• Further feature enhancements, including multi-hop swaps and reduced fees, were introduced in a commit on July 22, 2025.
• The project tagged version `v1.1.1` as its latest release on September 2, 2025.

Technology and Architecture

The 0xbow stack centers on the Privacy Pools protocol, which integrates zero-knowledge proof systems, on-chain smart contracts, and an off-chain compliance component to enable private yet compliant transfers.

Core Concepts

Privacy Pools

Privacy Pools are deployed as smart contracts that accept deposits from many participants into a shared fund. Withdrawals can be executed to fresh addresses that are not deterministically linked to the original deposit, thereby providing transaction privacy. Unlike conventional mixers that treat all funds as a single anonymity set, Privacy Pools employ Association Sets so users may choose to associate with peers deemed compliant.

Proof of Association

• Deposit: A user deposits assets (such as ETH or an ERC20 token) into a Privacy Pool smart contract. This action is public on the blockchain.
• Vetting: The ASP monitors new deposits in real-time. It uses KYT analytics and other screening methods to determine if the source of funds is legitimate. If a deposit is approved, it is added to the compliant Association Set.
• Withdrawal: To withdraw, the user generates a zero-knowledge proof. This proof cryptographically validates two things: that the user is the owner of a valid deposit in the pool, and that their deposit is included in the ASP's approved Association Set. The user submits this proof to the smart contract, which verifies it and authorizes the withdrawal to a new address. This process confirms compliance without linking the withdrawal back to the original deposit.
• Entrypoint Contract: An upgradeable smart contract that acts as a registry and orchestrator for the various privacy pools operated by different ASPs.
• Asset-Specific Privacy Pools: A separate contract is deployed for each asset type (e.g., one for ETH, another for USDC). These contracts hold the deposited funds and manage the Merkle tree of deposits for that specific asset.
• Commitment Circuit: Used during the deposit phase to securely register a user's deposit commitment.
• Withdrawal Circuit: The core circuit that enables private withdrawals by generating the required zero-knowledge proof of ownership and association set membership.
• LeanIMT Circuit: A specialized circuit for efficiently handling the protocol's Merkle tree operations.
• On-Chain Verifiers: Smart contracts that verify the proofs generated by the ZK circuits. A withdrawal is only processed if the corresponding proof is successfully validated on-chain.
• Partial Withdrawals: Users are not restricted to withdrawing the exact amount they deposited. The protocol supports partial withdrawals of any amount up to the total deposited sum.

Products and Use Cases

0xbow offers its technology as modular products intended for a variety of actors across the crypto landscape and for different integration scenarios.

Tornado Cash Proof of Association (PoA) Tool

One concrete application built by 0xbow targets legitimate prior users of the sanctioned Tornado Cash protocol. The tool enables a user to produce a cryptographic proof that their Tornado Cash withdrawal is not connected to funds tied to known illicit entities (for example, the Lazarus Group). This proof can be constructed without exposing the user's original deposit note or private on-chain activity and serves as a privacy-conscious compliance artifact for interactions with exchanges or other parties.

Target Audience and Integrations

• Individual Users: People seeking to protect their financial privacy on public blockchains while remaining compliant with regulations.
• Privacy Protocols: Other privacy-focused projects can integrate the open-source ASP as a modular compliance layer for their own systems.
• L1 & L2 Ecosystems: Blockchain networks can deploy native instances of Privacy Pools to offer a built-in, compliant privacy solution to their users.
• Enterprises and Institutions: Financial institutions can use customized deployments of 0xbow's technology to meet stringent internal and external regulatory requirements for on-chain activities.

People and Organization

Developer: The Privacy Pools protocol is principally developed by 0xbow, which operates under the registered name 0XBOW LTD.

Incubator: The initiative received incubation support from NumberGroup.

Key People and Supporters:The development of the `privacy-pools-core` repository on GitHub lists 17 contributors.

• Ameen Soleimani: A prominent figure in the Ethereum community and co-founder of SpankChain and MolochDAO, Soleimani is a notable contributor to the project, with his signature appearing on key commits.
• Advisors: The project lists Taylor Monahan, Nic Bax, and Oleksandr Brezhniev as advisors.
• Advocates and Supporters: 0xbow's approach has been acknowledged by several key figures and organizations in the blockchain industry, including Ethereum founder Vitalik Buterin, Zaki Manian (co-founder of Sommelier), BanklessVC, and public.works.