donate
send shielded ZEC to the board wallet. amounts appear below.
u153khs43zxz6hcnlwnut77knyqmursnutmungxjxd7khruunhj77ea6tmpzxct9wzlgen66jxwc93ea053j22afkktu7hrs9rmsz003h3
scan with zashi or paste the unified address.
zcash wallet CLI — ssh keys as wallet seed
deterministic zcash wallet derived from ed25519 ssh keys. built for agents — any process with ssh access already has a wallet. no key ceremony, no mnemonic management, no interactive setup. same key, same wallet, same addresses, every time.
agents authenticate with ssh keys. zcli derives a zcash spending key from the same ed25519 seed — one key for both identity and money. no new secrets to provision, no seed phrases to store, no interactive prompts. a headless process can sync, check balance, and send transactions with a single binary and the key it already has.
ZCLI_IDENTITY=~/.ssh/id_agent zcli balance --script
{"transparent":0,"shielded":50000,"total":50000,"total_zec":"0.00050000"}
every agent gets a unique wallet from its ssh key. deterministic derivation means no state to back up beyond the key itself.
cargo install --git https://github.com/rotkonetworks/zcli
or build from source:
git clone https://github.com/rotkonetworks/zcli cd zcli && cargo build --release cp target/release/zcli ~/.local/bin/
zcli -i ~/.ssh/id_ed25519 address # show addresses zcli sync # scan chain zcli balance # check funds zcli send 0.01 u1... # send shielded zcli shield # t-addr → shielded zcli receive # QR code zcli notes --script # list received notes zcli export # export viewing key zcli board --port 3333 # sync loop + JSON API
all commands accept --script for machine-readable JSON output.
set ZCLI_IDENTITY, ZCLI_ENDPOINT as env vars for headless operation.
the wallet. derives orchard spending keys and transparent keys from an ssh
ed25519 seed via BLAKE2b-512("ZcliWalletSeed" || ed25519_seed).
syncs by trial-decrypting compact blocks locally — the server never learns
which addresses belong to you. builds and proves orchard transactions with
halo2 locally.
the backend. serves compact blocks with lightwalletd header proofs over
gRPC-web. zcli trusts nothing from the server except what's provable against
the zcash chain. default endpoint: zcash.rotko.net.
the scanner library. shared trial-decryption logic for compact block scanning, used by both zcli and narsil. handles orchard note decryption, nullifier tracking, and witness construction.
narsil brings threshold multisig to zcash via OSST (one-step schnorr threshold) signatures. a group of agents or humans split a spending key into shares — t-of-n threshold authorization for any transaction.
on-chain it looks like a normal wallet. validators cannot tell which members signed, how many there are, or whether anyone dissented. internal governance stays private. 100 shares, flexible allocation, weighted voting.
# formation: 3 agents, 2-of-3 threshold narsil form --threshold 2 --members 3 # each agent holds shares, contributes to signing rounds narsil sign --proposal "send 1.0 ZEC to u1..." # aggregated OSST signature = indistinguishable from solo spend
narsil uses the pallas curve for orchard compatibility.
relay-based coordination with pseudonymous mailboxes and e2e encryption.
DKG ceremony for key generation, VSS backup for recovery.
send shielded ZEC to the board wallet. amounts appear below.
u153khs43zxz6hcnlwnut77knyqmursnutmungxjxd7khruunhj77ea6tmpzxct9wzlgen66jxwc93ea053j22afkktu7hrs9rmsz003h3
scan with zashi or paste the unified address.
received donations. synced every 5 minutes. memo text pending zidecar full ciphertext support.