Privacy Model
Unipay provides graph-break privacy for Solana transactions, not cryptographic anonymity. Understanding this distinction is crucial for proper threat modeling.What We Protect Against
Passive Chain Analysis
Direct transaction links are broken
Competitor Surveillance
Business relationships obscured
Balance Correlation
Input and output amounts can differ
Address Clustering
Fresh addresses prevent clustering
What We Don’t Protect Against
| Threat Vector | Protection Level |
|---|---|
| Routing layer subpoena | ❌ None |
| Network surveillance | ❌ Limited |
| Timing analysis | ⚠️ Partial |
| Amount correlation | ⚠️ Partial |
Privacy Architecture
Without Privacy (Wallet Mode):- Direct on-chain link:
Your Address → Recipient Address
- Broken link:
Your Address → Ephemeral → Routing → Recipient
Ephemeral Addresses
Each private transaction uses a unique ephemeral address that is single-use, unpredictable, temporary, and unlinkable to previous or future addresses.Threat Model
| User Type | Primary Threats | Unipay Protection |
|---|---|---|
| Freelancer | Client payment tracking | ✅ Full |
| Small Business | Competitor analysis | ✅ Full |
| Trader | Portfolio surveillance | ✅ Full |
| Privacy Advocate | General surveillance | ⚠️ Partial |
| Whistleblower | Nation-state tracking | ❌ Insufficient |
Best Practices
- Use different networks when possible
- Vary transaction timing
- Mix transaction sizes
- Rotate session keys regularly