HFIPay: Privacy-Preserving, Cross-Chain Cryptocurrency Payments to Human-Friendly Identifiers

TL;DR

HFIPay introduces a privacy-preserving cross-chain cryptocurrency payment system using human-friendly identifiers, zero-knowledge proofs, and relay-assisted architecture to prevent identity exposure and ensure secure, unlinkable transactions.

Contribution

It proposes a novel architecture combining off-chain relays, zero-knowledge proofs, and formal privacy goals for secure, private, cross-chain payments with human-friendly identifiers.

Findings

Formalized privacy goals: enumeration resistance and pre-claim unlinkability.

Designed a relay-assisted, non-custodial payment architecture.

Extended mechanism to cross-chain settlement with NVM runtime.

Abstract

Sending cryptocurrency to an email address or phone number should be as simple as a bank transfer, yet naive schemes that map identifiers directly to blockchain addresses expose the recipient's balances and transaction history to anyone who knows the identifier. HFIPay separates private routing, sender-side quote verification, and on-chain claim authorization. A relay resolves the human-friendly identifier off-chain and commits only a per-intent blinded binding rho_i plus the quoted payment tuple; the chain sees neither the identifier nor a reusable recipient tag. In a verified-quote deployment, the relay returns a sender-verifiable off-chain proof linking rho_i to an attested binding-key commitment, so the relay cannot substitute a different recipient before funding. To claim, the recipient proves in zero knowledge -- via ZK-ACE -- that the funded intent's blinded binding matches a handle derived from the same deterministic identity, authorizing release of the quoted asset and amount to a chosen destination. We formalize two privacy goals: enumeration resistance and pre-claim unlinkability, and distinguish a baseline deployment (relay trusted for binding correctness) from the verified-quote deployment (binding is sender-verifiable without a public registry). When composed with an NVM runtime, the same mechanism extends to cross-chain settlement. The result is a relay-assisted but non-custodial architecture: relays are privacy and availability dependencies, but cannot redirect funds.