ParaloomPARALOOM

API Reference

CLI binaries, Rust crate surface, and on-chain instruction reference for paraloom-core.

API reference

There is no language SDK yet. A paraloom-sdk crate is on the roadmap (see Vision). Until it lands, the supported integration surfaces are: the paraloom CLI, the paraloom-core Rust workspace crates, and the on-chain Anchor program.

This page is a cross-reference, not a tutorial — for lifecycle docs see Architecture, Consensus, Privacy layer, Solana bridge, Compute layer.

CLI binaries

All ship in target/release/ (or via signed releases — see Releases).

BinarySubcommandsPurpose
paraloomwallet, validator, computeTop-level operator + user CLI
paraloom-nodeValidator daemon (alternative entry point)
paraloom-ceremony-contributeAdd randomness to MPC ceremony
paraloom-ceremony-verifyVerify a ceremony transcript
paraloom-ceremony-finalizeExtract proving keys from finalized transcript
bridge_initInitialize the Solana bridge program
register_validatorOne-shot on-chain validator registration

paraloom validator …

paraloom validator keygen        --out <path>
paraloom validator show-id       --key <path>
paraloom validator register      --network <devnet|localnet> --key <path> --wallet <path> --stake <SOL>
paraloom validator unregister    --network <devnet|localnet> --key <path>
paraloom validator start         --config <validator.toml>
paraloom validator status        --network <devnet|localnet> --key <path>
paraloom validator earnings      --network <devnet|localnet> --key <path>
paraloom validator list          --network <devnet|localnet>

paraloom wallet …

paraloom wallet new              --out <path>
paraloom wallet deposit          --amount <SOL> --recipient <shielded-pk>
paraloom wallet transfer         --amount <SOL> --recipient <shielded-pk>
paraloom wallet withdraw         --note <path> --recipient <sol-pubkey>
paraloom wallet balance          --note-dir <path>

paraloom compute …

paraloom compute submit          --wasm <file> --input <file> [--private] [--replication N]
paraloom compute status          <job-id>
paraloom compute result          <job-id> [--decrypt]
paraloom compute cancel          <job-id>

Compute is alpha — see Compute layer.

Rust crate surface

Until the SDK ships, you can use paraloom-core directly as a Cargo dependency. Note: The crate is not yet on crates.io; consume it as a git dependency pinned to a release tag.

[dependencies]
paraloom = { git = "https://github.com/paraloom-labs/paraloom-core.git", tag = "v0.5.0-rc2" }

paraloom::privacy

Cryptographic primitives + circuits for the shielded pool.

use paraloom::privacy::poseidon::{poseidon_hash, poseidon_hash_pair};
use paraloom::privacy::pedersen::pedersen_commit;
use paraloom::privacy::circuits::WithdrawalCircuit;
use paraloom::privacy::merkle::SparseMerkleTree;

Key functions:

Where
Poseidon hashprivacy::poseidon::poseidon_hash, poseidon_hash_pair
Pedersen commitprivacy::pedersen::pedersen_commit
Sparse merkle treeprivacy::merkle::SparseMerkleTree
Withdrawal circuitprivacy::circuits::WithdrawalCircuit
Proof codecprivacy::codec
Batch verifierprivacy::batch::BatchVerifier

paraloom::bridge

Anchor program client + listener.

use paraloom::bridge::{BridgeClient, BridgeListener, ProgramVersion};

let client = BridgeClient::new(rpc_url, program_id, payer)?;
let sig    = client.deposit(amount_lamports, commitment).await?;
let sig    = client.withdraw(proof_bytes, nullifier, amount, recipient, expiration_slot).await?;

expiration_slot is mandatory and validated on-chain — see Solana bridge.

paraloom::consensus

Withdrawal BFT, reputation, slashing.

use paraloom::consensus::{
    WithdrawalVerificationCoordinator,
    ReputationTracker,
    SlashingEvidence,
    Vote,
};

You will normally not invoke these directly; the validator daemon owns them. They're public for tests and for embedding the cohort into a custom node.

paraloom::compute

Wasmtime-backed job engine with private input/output.

use paraloom::compute::{Job, ResourceLimits};

let job = Job::builder()
    .wasm(wasm_bytes)
    .private_input(&input, &requester_pubkey)?
    .with_ownership_proof(&requester_secret)?
    .limits(ResourceLimits::default())
    .build()?;

See Compute layer for the full builder.

paraloom::network

libp2p stack — Kademlia DHT, gossipsub, ping, request-response.

use paraloom::network::{NetworkClient, NetworkConfig};

// Bootstrap multiaddrs default to the on-chain validator registry —
// only set explicitly for isolated localnet runs.
let net = NetworkClient::start(NetworkConfig::from_settings(&settings)).await?;

paraloom::storage

RocksDB-backed merkle, nullifier, blockchain, and compute stores. fsync on hot writes is on by default.

use paraloom::storage::{MerkleStore, NullifierStore, ComputeStore};

On-chain program

Source: programs/paraloom/src/lib.rs.

declare_id!("DSysqF2oYAuDRLfPajMnRULce2MjC3AtTszCkcDv1jco");

pub fn deposit(ctx, amount: u64, commitment: [u8; 32]) -> Result<()>;
pub fn withdraw(
    ctx,
    proof: Vec<u8>,
    nullifier: [u8; 32],
    amount: u64,
    recipient: Pubkey,
    expiration_slot: u64,
) -> Result<()>;

pub fn register_validator(ctx, stake: u64) -> Result<()>;
pub fn unregister_validator(ctx) -> Result<()>;
pub fn slash_validator(ctx, validator: Pubkey, slash_percentage: u8) -> Result<()>;
pub fn update_merkle_root(ctx, new_root: [u8; 32]) -> Result<()>;

pub const MIN_VALIDATOR_STAKE: u64 = 1_000_000_000;   // 1 SOL

PDA seeds:

seeds = [b"nullifier", nullifier_bytes.as_ref()]   // NullifierPDA
seeds = [b"validator", validator.as_ref()]         // ValidatorAccount
seeds = [b"vault"]                                 // BridgeVault

Events: DepositEvent { commitment, amount, slot }, WithdrawEvent { nullifier, amount, recipient, slot }, ValidatorRegistered, ValidatorSlashed.

Errors:

CodeMeaning
InvalidProofGroth16 verification failed
NullifierSpentnullifier PDA already exists (double-spend)
WithdrawalExpiredcurrent_slot > expiration_slot
MerkleRootMismatchproof's public root doesn't match stored root
StakeTooLowbelow MIN_VALIDATOR_STAKE
Unauthorizedcaller is not the validator registry authority

Prometheus metrics

Each validator exposes Prometheus-format metrics on metrics.listen (default :9300). Full list and scrape config: Monitoring.

What's missing (and tracked)

  • paraloom-sdk crate (TypeScript + Rust friendly wrapper) — open issue
  • WebSocket event subscription — current events are polled via Solana RPC; a WS layer is on the roadmap
  • Stable rate-limit policy — devnet has none today; mainnet will define a policy

If you're building against the API right now, pin to a release tag and watch the changelog. The CLI surface is the most stable contract; crate-internal APIs may move between releases until the SDK ships.

Solana Bridge

Anchor program that anchors merkle root, nullifiers, and validator stake on Solana with replay-protected withdrawals.

Validator Guide

Register on-chain, run a paraloom validator on devnet, and survive reputation + slashing.

On this page

API referenceCLI binariesparaloom validator …paraloom wallet …paraloom compute …Rust crate surfaceparaloom::privacyparaloom::bridgeparaloom::consensusparaloom::computeparaloom::networkparaloom::storageOn-chain programPrometheus metricsWhat's missing (and tracked)