Open-source · Bitcoin-native · Threshold-secured

Private
Bearer Notes
for Bitcoin

ArcMint issues cryptographic bearer notes backed by BTC — privately, with full accountability. No separate token. No custodial risk. Threshold-secured by a FROST federation, settled via Lightning.

Read the Paper View on GitHub
2-of-3
Threshold signing
90d
Note validity window
0
Extra tokens
σ₁ σ₂ FROST Coordinator 2-of-3 threshold met Signer 1 Signer 2 Signer 3 standby
Live on Bitcoin mainnet

Built on proven cryptographic foundations

Bitcoin
Lightning
FROST
Ristretto255
Pedersen Commitments
Rust
Protocol

How ArcMint Works

Four steps from Bitcoin to private e-cash — secured by mathematics, not trust.

01

Register

Zero-knowledge identity

Sample a secret identity scalar. Commit to it cryptographically. The federation registers your commitment — not your identity. You stay completely private to everyone except yourself.

HMAC-bound token issued
02

Issue

Threshold-signed bearer note

Submit multiple note candidates. The federation challenges all but one using cut-and-choose. The survivor is threshold-signed by FROST signers. Your note is now a cryptographic bearer instrument.

FROST 2-of-3 signature
03

Spend

Anonymous proof of ownership

Present your note to a merchant. Respond to a random challenge with a selective opening proof. Your identity is never revealed. Double-spend detection is cryptographic and automatic.

Pedersen binding proof
04

Settle

Bitcoin-anchored, Lightning-fast

Redemption via Lightning is instant. Every issuance and spend is Merkle-committed to Bitcoin every 10 minutes. Provably settled, publicly auditable — forever on-chain.

OP_RETURN Merkle anchor

Double-spend detection is automatic — if a note is spent twice, the spender's identity is mathematically recovered. No trusted party required.

Features

Built for Institutions,
Secured by Mathematics

Every component of ArcMint is designed with an institutional-grade threat model in mind. No shortcuts, no trusted parties, no extra tokens.

FROST

Threshold Signing

FROST 2-of-3 signatures across an independent federation. No single party can forge, censor, or selectively block notes. Quorum compromise is required to break security.

Blind

Cryptographic Privacy

Pedersen commitments and selective opening proofs mean merchants learn only that a note is valid — nothing about who is spending it.

BTC only

Bitcoin Native

Notes are directly redeemable for BTC. No wrapped token, no bridge, no custodian. The value is always Bitcoin.

Instant

Lightning Settlement

Instant redemption via LND. Sub-second payment confirmation, full HTLC security, and native Lightning routing.

Novel

Accountable Anonymity

Unique to ArcMint: double-spenders are automatically and mathematically identified — without compromising honest users. Accountability without surveillance.

OP_RETURN

Bitcoin Anchoring

Merkle roots of all issued and spent note serials are committed to Bitcoin via OP_RETURN every 10 minutes. Fully auditable.

2-of-3
FROST threshold minimum
upgradeable to 3-of-5
90 days
Note validity window
reissuance protocol included
OP_RETURN
Bitcoin anchoring
every 600 seconds
Architecture

A Federated Network
You Can Trust

ArcMint is built around a threshold federation where no single node has power. All inter-service communication uses mutual TLS. Your notes are cryptographically secured end-to-end.

arcmint-federation — docker-compose.yml
User wallet CLI Gateway :7002 register / token mTLS Coordinator :7000 issue / spend double-spend registry BTC anchoring key distribution Signer 1 :7001 Signer 2 :7002 Signer 3 :7003 Merchant :7003 note verify / spend Bitcoin Core (mainnet) + LND bitcoind :8332 · lnd :10009 · ZMQ :28332/28333 · OP_RETURN anchoring
🔐

Mutual TLS everywhere

Every service has its own certificate signed by a federation CA. Inter-service communication is fully authenticated and encrypted.

⚖️

No coordinator trust

The coordinator orchestrates but cannot forge notes. FROST threshold signing requires quorum of independent signers.

🔗

Atomic double-spend registry

SQLite WAL with BEGIN IMMEDIATE transactions ensures zero race conditions in the double-spend registry. PostgreSQL migration is in progress.

🐳

Docker Compose deployment

Full federation including Bitcoin Core, LND, and all services launches with a single command. Production-ready with env var secrets validation.

Security

Production-Grade
Security Posture

ArcMint has undergone a thorough internal security review. All critical and high findings are resolved. Zero compiler warnings. No unsafe code.

Audit Findings

8/8 resolved
C1
Hardcoded credentials
Env vars, no defaults
Fixed
C2
Weak default secrets
Min 32-char validation at startup
Fixed
C3
TLS validation disabled
CA cert required, invalid certs rejected
Fixed
C4
Unauthenticated Prometheus metrics
Bearer OPERATOR_SECRET required
Fixed
H1
Services bind 0.0.0.0
127.0.0.1 default; Docker sets BIND_ADDR
Fixed
H2
Plaintext merchant option
MERCHANT_INSECURE removed; TLS mandatory
Fixed
H3
No /register rate limiting
10 regs/hr/IP, configurable
Fixed
H4
Single static OPERATOR_SECRET
Comma-separated rotation; 1h grace period
Fixed

Cryptographic Hardening

Domain-separated hashing
arcmint:note:v1, arcmint:identity:v1, arcmint:theta:v1
Constant-time comparisons
subtle::ConstantTimeEq on all secret comparisons
Secret zeroization
Scalar, BlindingFactor, UnsignedNote all zeroize on drop
Atomic double-spend registry
BEGIN IMMEDIATE + ROLLBACK on all error paths
Atomic wallet writes
temp → fsync → atomic rename
Protocol versioning
protocol_version: u8 on all wire types, rejected on mismatch
Replay protection
Per-session merchant_nonce bound to all spend proofs
Note expiry enforcement
90-day window, stamped by coordinator at signing time

Code Standards

No `unsafe` code
Zero compiler warnings
All errors → Result<T>
Parameterized SQL only
Secrets implement Zeroize
Rust edition 2021
Use Cases

Built for Real-World
Bitcoin Settlement

From OTC desks to merchant payments, ArcMint provides the privacy layer that professional Bitcoin operations need.

Institutional

OTC Desk Settlement

Transfer large Bitcoin values between counterparties with full privacy and instant confirmation. No transaction graph. No exposure to block timing.

Notes are threshold-signed and bearer — hand them off like physical cash, but with cryptographic guarantees neither party can forge.

< 1s settlement time
Multi-party

Institutional Clearing

Multi-party settlement across desks or entities without any party learning the counterparty's position, timing, or volume.

The federation holds no value — it only signs. Clearing happens at the cryptographic layer, not via an intermediary custodian.

2-of-3 minimum threshold
Lightning

Private Merchant Payments

Accept Bitcoin privately. Verify notes cryptographically without learning anything about who is spending — just that they can.

Merchants receive standard Lightning payments. The privacy layer is transparent to their stack — just a faster, cheaper, more private input.

₿ only no side tokens

Deploy Your
Federation Today

A full ArcMint federation — Bitcoin node, Lightning, threshold signers, gateway, and merchant — launches with a single Docker Compose command.

Terminal
$ git clone https://github.com/ChronoCoders/arcmint
$ cp .env.example .env # fill in secrets
$ docker compose up -d
View on GitHub Read the Paper

Open-source under MIT license · Requires Docker · Bitcoin mainnet or regtest