API Reference
CLI binaries, Rust crate surface, and on-chain instruction reference for paraloom-core.
API reference
There is no language SDK yet. A
paraloom-sdkcrate is on the roadmap (see Vision). Until it lands, the supported integration surfaces are: the CLI binaries, theparaloom-coreRust workspace crates, and the on-chain Anchor program.
This page is a cross-reference, not a tutorial — for lifecycle docs see Architecture, Consensus, Privacy layer, Solana bridge, Compute layer.
CLI binaries
All ship in target/release/ (or via signed releases — see Releases).
| Binary | Subcommands | Purpose |
|---|---|---|
paraloom | validator, wallet, compute | Top-level operator + user CLI |
paraloom-node | start | Validator daemon (wrapped by paraloom validator start) |
paraloom-ceremony-contribute | — | Add randomness to MPC ceremony |
paraloom-ceremony-verify | — | Verify a ceremony transcript |
paraloom-ceremony-finalize | — | Extract proving keys from finalized transcript |
bridge_init | — | Initialize the Solana bridge program |
paraloom validator …
The validator lifecycle runs through one subcommand group. See the Validator guide for the full walkthrough.
| Verb | Purpose |
|---|---|
register | Stake 1 SOL, create the on-chain ValidatorAccount PDA |
start | Boot the node from a config file |
status | Read your on-chain account (stake, reputation, active) |
list | List all on-chain validators |
unregister | Return the stake and mark the account inactive |
stop / logs | Local process control |
Flags resolve from --keypair / --rpc-url / --program-id or the matching env vars; devnet RPC and the canonical program ID are the defaults, so --keypair alone is enough.
cargo build --release --bin paraloom
# register (stakes 1 SOL)
./target/release/paraloom validator register \
--keypair ~/.config/solana/paraloom-validator.json
# run the node
./target/release/paraloom validator start --config ~/.paraloom/validator.toml
# check your registration / list the whole set
./target/release/paraloom validator status --keypair ~/.config/solana/paraloom-validator.json
./target/release/paraloom validator list
# leave cleanly (returns the stake)
./target/release/paraloom validator unregister \
--keypair ~/.config/solana/paraloom-validator.jsonparaloom wallet …
paraloom wallet new --out <path>
paraloom wallet deposit --amount <SOL> --recipient <shielded-pk>
paraloom wallet transfer --amount <SOL> --recipient <shielded-pk>
paraloom wallet withdraw --note <path> --recipient <sol-pubkey>
paraloom wallet balance --note-dir <path>paraloom compute …
paraloom compute submit --wasm <file> --input <file> [--private] [--replication N]
paraloom compute status <job-id>
paraloom compute result <job-id> [--decrypt]
paraloom compute cancel <job-id>Compute is alpha — see Compute layer.
Rust crate surface
Until the SDK ships, you can use paraloom-core directly as a Cargo dependency. Note: The crate is not yet on crates.io; consume it as a git dependency pinned to a release tag.
[dependencies]
paraloom = { git = "https://github.com/paraloom-labs/paraloom-core.git", tag = "v0.5.0-rc5" }paraloom::privacy
Cryptographic primitives + circuits for the shielded pool.
use paraloom::privacy::poseidon::{poseidon_hash, poseidon_hash_pair};
use paraloom::privacy::pedersen::pedersen_commit;
use paraloom::privacy::circuits::WithdrawalCircuit;
use paraloom::privacy::merkle::SparseMerkleTree;Key functions:
| Where | |
|---|---|
| Poseidon hash | privacy::poseidon::poseidon_hash, poseidon_hash_pair |
| Pedersen commit | privacy::pedersen::pedersen_commit |
| Sparse merkle tree | privacy::merkle::SparseMerkleTree |
| Withdrawal circuit | privacy::circuits::WithdrawalCircuit |
| Proof codec | privacy::codec |
| Batch verifier | privacy::batch::BatchVerifier |
paraloom::bridge
Anchor program client + listener.
use paraloom::bridge::{BridgeClient, BridgeListener, ProgramVersion};
let client = BridgeClient::new(rpc_url, program_id, payer)?;
let sig = client.deposit(amount_lamports, commitment).await?;
let sig = client.withdraw(proof_bytes, nullifier, amount, recipient, expiration_slot).await?;expiration_slot is mandatory and validated on-chain — see Solana bridge.
paraloom::consensus
Withdrawal BFT, reputation, slashing.
use paraloom::consensus::{
WithdrawalVerificationCoordinator,
ReputationTracker,
SlashingEvidence,
Vote,
};You will normally not invoke these directly; the validator daemon owns them. They're public for tests and for embedding the cohort into a custom node.
paraloom::compute
Wasmtime-backed job engine with private input/output.
use paraloom::compute::{Job, ResourceLimits};
let job = Job::builder()
.wasm(wasm_bytes)
.private_input(&input, &requester_pubkey)?
.with_ownership_proof(&requester_secret)?
.limits(ResourceLimits::default())
.build()?;See Compute layer for the full builder.
paraloom::network
libp2p stack — Kademlia DHT, gossipsub, ping, request-response.
use paraloom::network::{NetworkClient, NetworkConfig};
// Bootstrap multiaddrs default to the on-chain validator registry —
// only set explicitly for isolated localnet runs.
let net = NetworkClient::start(NetworkConfig::from_settings(&settings)).await?;paraloom::storage
RocksDB-backed merkle, nullifier, blockchain, and compute stores. fsync on hot writes is on by default.
use paraloom::storage::{MerkleStore, NullifierStore, ComputeStore};On-chain program
Source: programs/paraloom/src/lib.rs.
declare_id!("8gPsRSm1CAw38mfzc1bcLMUXyFN7LnS8k6CV5hPUTWrP");
pub fn deposit(ctx, amount: u64, commitment: [u8; 32]) -> Result<()>;
pub fn withdraw(
ctx,
proof: Vec<u8>,
nullifier: [u8; 32],
amount: u64,
recipient: Pubkey,
expiration_slot: u64,
) -> Result<()>;
pub fn register_validator(ctx, stake: u64) -> Result<()>;
pub fn unregister_validator(ctx) -> Result<()>;
pub fn slash_validator(ctx, validator: Pubkey, slash_percentage: u8) -> Result<()>;
pub fn update_merkle_root(ctx, new_root: [u8; 32]) -> Result<()>;
pub const MIN_VALIDATOR_STAKE: u64 = 1_000_000_000; // 1 SOLPDA seeds:
seeds = [b"nullifier", nullifier_bytes.as_ref()] // NullifierPDA
seeds = [b"validator", validator.as_ref()] // ValidatorAccount
seeds = [b"vault"] // BridgeVaultEvents: DepositEvent { commitment, amount, slot }, WithdrawEvent { nullifier, amount, recipient, slot }, ValidatorRegistered, ValidatorSlashed.
Errors:
| Code | Meaning |
|---|---|
InvalidProof | Groth16 verification failed |
NullifierSpent | nullifier PDA already exists (double-spend) |
WithdrawalExpired | current_slot > expiration_slot |
MerkleRootMismatch | proof's public root doesn't match stored root |
InsufficientStake | below MIN_VALIDATOR_STAKE (1 SOL) |
Unauthorized | caller is not the validator registry authority |
Metrics
An operational HTTP server with /health, /ready, and /metrics (Prometheus text) lives in the codebase (src/health/), exposing paraloom_peer_count, paraloom_ready, paraloom_uptime_seconds, and paraloom_build_info. It is not yet wired into paraloom-node — there is no config knob for it pre-mainnet. Until it ships, monitor via logs (journalctl / RUST_LOG). See Monitoring.
What's missing (and tracked)
paraloom-sdkcrate (TypeScript + Rust friendly wrapper) — open issue- WebSocket event subscription — current events are polled via Solana RPC; a WS layer is on the roadmap
- Stable rate-limit policy — devnet has none today; mainnet will define a policy
If you're building against the API right now, pin to a release tag and watch the changelog. The CLI surface is the most stable contract; crate-internal APIs may move between releases until the SDK ships.