Smart Contracts Overview

The Lunarys DEX protocol consists of three core contract systems built on Zama's Fully Homomorphic Encryption (fhEVM) technology. All contracts are written in Solidity and deployed on EVM-compatible chains.

Contract Architecture

The protocol is organized into three independent but complementary systems:

Privacy Pool System

PrivacyPool - Confidential AMM contract for private token swaps

• Constant product market maker (x * y = k)
• Encrypted reserve accounting using euint64 types
• Asynchronous settlement via fhEVM oracle
• Extensible hook system for custom integrations
• Configurable swap fees

PrivacyPoolFactory - Deployment factory for liquidity pools

• Deterministic pool creation with token address sorting
• Prevents duplicate pools for the same token pair and fee tier
• Registry of all deployed pools
• Owner-controlled pool initialization

DAO Governance System

ConfidentialGovernor - Main governance contract

• Encrypted voting with euint64 vote weights
• Proposal creation, voting, and execution lifecycle
• Quorum requirements and voting periods
• Integration with timelock for delayed execution

ConfidentialGovernanceToken - ERC7984 governance token

• Fully encrypted token balances
• Confidential transfers and approvals
• Minting and burning capabilities
• Operator approval system

ConfidentialTimelock - Time-delayed execution controller

• Mandatory delay before proposal execution
• Batch operation scheduling
• Emergency cancellation mechanism
• Role-based access control

ConfidentialTreasury - DAO fund management

• Encrypted balance tracking
• Proposal-controlled fund disbursement
• Multi-token support
• Timelock-only access

ConfidentialEmissionsController - Token emissions management

• Configurable emission schedules
• Encrypted reward distributions
• Time-based vesting mechanisms

Technology Stack

Zama fhEVM

All contracts utilize Zama's Fully Homomorphic Encryption library:

import {FHE, euint8, euint16, euint64, euint128, ebool} from "@fhevm/solidity/lib/FHE.sol";

Core FHE Types:

• euint64 - Encrypted 64-bit unsigned integers (balances, amounts)
• euint128 - Encrypted 128-bit unsigned integers (large calculations)
• euint8 - Encrypted 8-bit unsigned integers (vote types, states)
• ebool - Encrypted booleans (conditions, flags)

Key Operations:

• FHE.add() - Encrypted addition
• FHE.sub() - Encrypted subtraction
• FHE.mul() - Encrypted multiplication
• FHE.div() - Encrypted division
• FHE.lt(), FHE.gt() - Encrypted comparisons
• FHE.select() - Conditional selection
• FHE.requestDecryption() - Oracle-based decryption

OpenZeppelin Standards

Contracts implement and extend OpenZeppelin patterns:

• Access control (Ownable, AccessControl)
• Reentrancy protection (ReentrancyGuard)
• Token standards (ERC20, ERC721)
• Timelock patterns (TimelockController)

ERC7984 Standard

The confidential token standard for encrypted ERC20:

• Compatible interface with ERC20
• Encrypted balance and allowance storage
• Operator approval system for DeFi integrations
• Receiver hook pattern (IERC7984Receiver)

Contract Deployment

Network Support

Contracts are deployed on:

• Ethereum Sepolia (Testnet)
• Additional networks planned for mainnet

Deployment Order

1. Deploy ConfidentialGovernanceToken (ERC7984)
2. Deploy ConfidentialTimelock with initial admin
3. Deploy ConfidentialGovernor with token and timelock references
4. Deploy ConfidentialTreasury controlled by timelock
5. Deploy ConfidentialEmissionsController
6. Deploy PrivacyPoolFactory
7. Create individual PrivacyPool instances via factory

Configuration

Post-deployment configuration includes:

• Governance parameters (voting delay, period, quorum)
• Timelock delay settings
• Pool hook configurations
• Operator approvals for token interactions

Security Model

Access Control

Pool Owner:

• Bootstrap initial liquidity
• Configure swap and liquidity hooks
• Transfer ownership

DAO Admin Role:

• Cancel malicious proposals
• Adjust governance parameters
• Emergency operations

Timelock:

• Execute approved proposals
• Control treasury funds
• Manage emissions

Privacy Guarantees

Data Never Exposed:

• Token balances remain encrypted on-chain
• Vote weights and directions are confidential
• Pool reserves stored as euint64
• Swap amounts never revealed in plaintext

Limited Decryption:

• Only aggregate results decrypted (e.g., proposal outcomes)
• User-initiated decryptions require explicit permission
• Oracle-mediated decryption for settlement

Reentrancy Protection

All state-modifying functions use OpenZeppelin's nonReentrant modifier to prevent reentrancy attacks.

Integration Points

For Liquidity Providers

1. Approve PrivacyPool as operator on tokens
2. Call bootstrap() or contributeLiquidity() with encrypted amounts
3. Optionally implement position tracking via hooks

For Traders

1. Approve PrivacyPool as operator
2. Call swapExactAForB() or swapExactBForA() with encrypted input
3. Wait for oracle settlement
4. Receive encrypted output tokens

For Governance Participants

1. Acquire ConfidentialGovernanceToken
2. Approve Governor as operator
3. Deposit tokens via depositVotingPower()
4. Create proposals and cast encrypted votes
5. Unlock votes after proposal finalization

For Developers

Extend functionality through:

• Custom pool hooks (IPrivacyPoolSwapHook, IPrivacyPoolLiquidityHook)
• Treasury integration for protocol-owned liquidity
• Emissions schedules for liquidity mining

Gas Considerations

FHE operations are more expensive than standard EVM operations:

Typical Costs:

• Pool bootstrap: ~800K gas
• Swap initiation: ~600K gas
• Swap settlement: ~400K gas
• Proposal creation: ~300K gas
• Vote casting: ~250K gas

Optimize by:

• Batching operations when possible
• Minimizing FHE operations in loops
• Caching decrypted values appropriately

Documentation Structure

Detailed documentation for each system:

Core Contracts:

• PrivacyPool - AMM implementation
• PrivacyPoolFactory - Pool deployment
• Hooks System - Extensibility

Governance:

• DAO System - Complete governance architecture

Reference:

• Deployed Addresses - Contract addresses
• Protocol Overview - Complete protocol documentation

Source Code

All contracts are open source and verified on block explorers. See the Deployed Addresses page for links to verified source code.