Privacy Execution Matrix
Backend-readable map that binds governance, payroll, private payments, Umbra, Ika, intelligence, Jupiter, Torque, GoldRush, Zerion, QVAC, and QuickNode to the exact privacy rail, route, proof endpoint, and boundary.
Document context
Execution matrix only; it shows how every sensitive service routes through privacy or intelligence controls on Testnet without claiming mainnet funds, final Ika 2PC-MPC signatures, or full Umbra claim settlement.
Audience: Judges, operators, security reviewers, Solana builders, ecosystem partners
Open raw filePrivacy Execution Matrix — 2026-05-26
PrivateDAO now exposes a single backend-readable matrix for every privacy and intelligence rail:
https://api.privatedao.org/api/v1/privacy-execution-matrix
Provider health for GoldRush, Zerion, Torque, Jupiter, and QVAC is exposed separately:
https://api.privatedao.org/api/v1/provider-integrations/status
This endpoint exists so the product, reviewers, and operators can see how sensitive services move through:
Review -> Sign -> Verify
without exposing private payroll rows, private balances, strategy text, provider API keys, RPC tokens, PEM contents, wallet secret keys, or private manifests.
Public Testnet Anchors
- PrivateDAO program:
EP9xE8MJZ6FfyEwLqns6HDdUZBknEa7WGYs1Jzsecuva - ZK verifier program:
5H7Afyqdh5yPekkZJ5UM2j3HNB2bRvU8aVv8XoqeAW1j - REFHE configure:
3fygnmHzFpRQEbHq9q6u3djBnkTEcYz9y1TSwxDmbnuemshrMwLmy9CqpjifjRb7SmW3DbmXrkyq35cnjU7mMSPi - REFHE settle:
5TmS2AcpAmifcoG97U63Unzy7wt7B2NfyhBRs8Z6C4r1eqcWthEqf3GLcZXQ33sVYHf9YwfvBNhZD8ZZdt4HRwEY - MagicBlock configure:
4UiUumtuGeDciojDA26PkQby7RFiTNb12UG4ACcvGMGfQj24PUPxK5Apeno7EY8mbCvq8nR6h6nfxDcBpjPvGvPj - MagicBlock settle:
22XW8XVhWwQtChNQK2aEqXv5BVBbckxUmu4NsisoZQW21KA5ii87gVNUTcNoZ9e1vYKnHmm62qP1girpzVXWN1WY - Evidence-gated payout execution:
2a8sHWgiVCZkstybMff2M9R6DVU4Y96Rfsg8mqYs7K3xcYSEG1zMcq2iSTNwLD6FgfXvxxxWpwEP9Tbyin47RXvE
Service Coverage
| Service | Privacy / intelligence rail | Public route | Backend proof |
|---|---|---|---|
| Private governance | commit-reveal, ZK verifier companion, nullifier-ready primitive | /govern/ | /api/v1/runtime, /api/v1/cryptographic-readiness |
| Confidential payroll | REFHE envelope, encrypted manifest hash, selective disclosure receipt | /payroll/ | /api/v1/refhe/payroll/proof |
| Private payments | MagicBlock private corridor and receipt proof | /services/magicblock-private-payments/ | /api/v1/magicblock/onchain-proof?refresh=1 |
| Umbra payout | recipient-private claim intent and relayer health | /services/umbra-confidential-payout/ | /api/v1/umbra/relayer/info, /api/v1/umbra/relayer/health, /api/v1/private-settlement/intent |
| Ika custody | Solana approval preparation for Ika dWallet / 2PC-MPC route | /services/encrypt-ika-operations/ | /api/v1/ika/solana-prealpha/readiness, /api/v1/ika/solana-prealpha/approval/prepare, /api/v1/ika/custody/prepare |
| Intelligence | GoldRush, Zerion, QVAC, QuickNode Stream telemetry | /intelligence/ | /api/v1/provider-integrations/status, /api/v1/goldrush/query, /api/v1/zerion/portfolio, /api/v1/qvac/runtime-proof, /api/v1/quicknode/stream/stats |
| Treasury / growth | Jupiter order preview, Torque custom event relay, execution event stats | /services/jupiter-treasury-route/, /services/torque-growth-loop/ | /api/v1/provider-integrations/status, /api/v1/jupiter/order, /api/v1/torque/custom-event, /api/v1/execution-events/stats |
Provider Execution Gate
/api/v1/provider-integrations/status is intentionally safe to call without secrets. It reports whether each server-side credential is configured, which public product route uses it, which proof endpoint exercises it, and which privacy boundary prevents provider data from becoming leaked strategy text.
Torque has one extra boundary: MCP auth tokens are not automatically ingestion API keys. The status route therefore exposes whether a Torque credential is present separately from whether event ingestion has been verified by ingest.torque.so.
2026-05-26 Torque activation evidence:
- Project:
PrivateDAO(cmpm5lnzt00hujq1jd9imtp2o) - Custom event:
private_treasury_execution(cmpm5lolt00iajq1jjluy5a3m) - Accepted ingestion proof:
4e660492-af75-4a28-9cb2-a81f7779be38 - Live verification field:
/api/v1/provider-integrations/status -> providers.torque.deliveryVerified
2026-05-26 expanded live-service gate:
- Umbra private settlement intent:
/api/v1/private-settlement/intentreturns a Testnet intent receipt with a recipient-private rail and live relayer context. - Ika dWallet custody preparation:
/api/v1/ika/custody/prepareinitializes@ika.xyz/sdk, reads the live Ika network encryption key, and returns anika-custody-*route for funded dWallet execution. - GoldRush intelligence:
/api/v1/goldrush/querychecks Covalent GoldRush Warehouse and falls back to Zerion plus Solana RPC for wallet-level preview when the current GoldRush key cannot access the wallet-specific v1 endpoint. - Torque growth delivery:
/api/v1/torque/custom-eventposts a realprivate_treasury_executionevent to Torque and requires an accepted ingestion response inverify:live-service-execution.
Boundary
This matrix does not claim mainnet funds are live. It does not claim final funded Ika dWallet DKG, final Ika 2PC-MPC signatures, or full Umbra claim settlement unless those are separately recorded with execution evidence.
It does prove the operating shape of the product: sensitive services are routed through private/intelligent preparation, wallet-controlled execution, and public-safe proof.
No private keys, provider API keys, RPC tokens, PEM contents, or wallet secret keys are included.
Related next docs
Operational brief for DAO-controlled micropayment batches, showing how approved policy becomes batched stablecoin settlement with judge-visible runtime proof and telemetry continuity.
Shortest reviewer path across live proof, V3 hardening, trust links, and launch boundary surfaces.
Generated reviewer-visible route into telemetry, hosted reads, runtime evidence, indexed governance, and the infrastructure value layer behind PrivateDAO.