sleepmask

today paying iin cryto is begining to become something mainstream, but the problem with crypto payment is that everything is transparent so, imagin paying your food and and show off to people how much your bank account is worth that what we do cause everyone can see what is in your adress account.

Sleepmask is a privacy-focused peer-to-peer payment app that uses ephemeral burner addresses for secure, anonymous transactions. Built as a full-stack solution, it combines on-chain smart contracts with off-chain account management to enable seamless payments without exposing user identities.

Technologies Used: Backend: Node.js with Express.js for the API server, handling routes for payment creation, balance checks, deposits, and receives. Viem.js for Ethereum interactions Watchers and pollers monitor blockchain events in real-time. Smart Contracts: Solidity with Hardhat for development and testing. Deployed on Base Sepolia testnet using CREATE2 for deterministic burner addresses. Includes event-driven logic for payment states (Pending → Paid). Off-Chain Accounts: @unlink-xyz/sdk for confidential, zero-knowledge account management. Handles deposits, transfers, and withdrawals without on-chain exposure. Frontend/Mobile: React Native with Expo for cross-platform mobile app. Generates QR codes for payment requests and integrates with wallet scanners. Infrastructure: Docker for containerization, PostgreSQL for potential data persistence (though in-memory for hackathon), and environment-based config for keys and RPCs. How It's Pieced Together: The flow starts with the mobile app: users create a payment request via POST /api/receive/create, generating a QR code with a requestId and burner address. The backend deploys a one-shot EVM account deterministically (using keccak256(masterKey + requestId)) and registers it on-chain. When funds arrive (detected by ERC20 watchers), they're swept to a relayer account, deposited into Unlink, transferred to the recipient's Unlink address, and marked as paid on-chain. The mobile app polls /api/receive/status for updates.

Partner Technologies:

Base Sepolia: Provided fast, low-cost testnet transactions, enabling real-time event watching without mainnet fees. Benefited scalability testing and reduced dev friction. Unlink: Enabled ZK-based privacy for accounts and transfers. Simplified off-chain logic, allowing focus on on-chain mechanics while ensuring funds remain confidential. Notable Hacks:

Deterministic Burners: Used CREATE2 and mnemonic derivation (SHA256 + BIP39) for one-shot addresses without storage—secure and gas-efficient. Hybrid On/Off-Chain: Mixed viem watchers with Unlink SDK for seamless bridging; hacky but effective for privacy without full ZK rollup.