Phenumbra Logo
Shadow-grade privacy • Built on MORPHiS • Blind signatures

Phenumbra

Decentralized CoinJoin coordination with Chaum blind signatures, non-amortizable proof-of-work, and layered encryption on the MORPHiS network.

Explore the Stack See MORPHiS Status

What is Phenumbra?

A privacy coordination layer for Bitcoin built on MORPHiS

Blind-Signature CoinJoin

Chaum blind signatures break input-output linkage without a trusted coordinator, delivering on-chain plausible deniability.

Non-Amortizable PoW

Targeted proof-of-work on MORPHiS makes spam uneconomical. Work for one recipient cannot be reused against another.

Layered Encryption

Triple-wrapped transport: SSH (L1) + Dmail (L5) + session crypto box for CoinJoin traffic—no plaintext anywhere.

Architecture

Light and shadow: stacked defenses from transport to application

Stack Layers

  • L7: CoinJoin engine (maker/taker, round coordination, blind signatures)
  • L6: RPC / REST / WebSocket over TLS 1.3 with JWT (Ed25519)
  • L5: Dmail V3 (DH Group 14 → AES-256-GCM, HKDF-SHA256)
  • L4: Dpush announcements with targeted PoW
  • L3: DHT task layer (iterative lookups, 8-node replication)
  • L2: Chord/Kademlia core with relay for NAT traversal
  • L1: SSH transport (Curve25519/DH14, AES-256-GCM/CBC, HKDF)

Security Anchors

  • Node identity = SHA-512(RSA-4096 pubkey); mutual auth before data flows.
  • All coordination encrypted in depth; operators cannot read stored blocks.
  • PoW difficulty tuned to resist spam; work is recipient-specific.
  • SQLCipher storage with Argon2id key derivation for local data.
  • Tor-friendly: supports .onion routing and SOCKS5 isolation.

CoinJoin Flow

Coordinated anonymously, executed verifiably

1. Discover

Maker publishes orders via Dpush with PoW; takers find orders through encrypted DHT lookups.

2. Blind

Taker blinds outputs; coordinator signs without visibility, preserving unlinkability.

3. Assemble

Participants exchange !ioauth / !sig over Dmail envelopes; transaction built with authenticated session crypto.

4. Sign

Each participant signs the aggregate transaction; invalid signatures are rejected and peers can be blacklisted.

5. Broadcast

Final transaction is broadcast via Bitcoin testnet; Lightning testnet used for HTLC bridging when needed.

6. Persist

Encrypted artifacts stored on MORPHiS with k≥8 replication; nodes hold data without knowing its content.

Security Principles

Nothing unencrypted. Deniability by design.

Privacy Guarantees

  • Triple encryption: SSH transport, Dmail envelope, session crypto box.
  • No plaintext logs; operators cannot link storage blocks to users.
  • Blind signatures sever input/output linkage—coordinator learns nothing.

Operational Posture

  • Tor-friendly routing with stream isolation; no cleartext endpoints.
  • Local storage encrypted (SQLCipher + Argon2id); keys zeroed in memory.
  • PoW difficulty floors prevent spam and sybil amplification.
Contribute to MORPHiS View Roadmap

Join the shadow-to-light transition

Phenumbra is being built in the open on MORPHiS. Stay close to the status updates and help harden the privacy stack.

Check Development Status Get Involved