Demo-only, not audited, and not production-ready. Use on local or testnet only.
Deadman Vault is a non-custodial stablecoin vault demo. It uses a commit → reveal claim flow to reduce mempool copy/steal risk and includes a minimal UI that demonstrates the threat model.
- Commit → reveal claim flow (anti-mempool copy/steal)
- Non-custodial vaults for stablecoin deposits (USDC in demo)
- Rust indexer that projects vault state for the UI
- Client-side note crypto (WASM) for secrets/commit hash
- Simple, security-first UI to walk through the flow
- Frontend: Nuxt 3 (Vue 3), TypeScript
- Web3: wagmi + viem
- Contracts: Solidity ^0.8.x (Foundry)
- Testing/Sec: Foundry tests (unit/fuzz/invariant)
- Indexer: Rust (Axum)
- Crypto (client): Rust → WASM
- Infra: Docker + Docker Compose + just
apps/web/— Nuxt 3 UI (tabs/modals), calls contracts + indexer, uses WASM cryptocontracts/— Solidity vault contracts + Foundry testsservices/indexer/— Rust event listener + state projector + HTTP APIpackages/crypto-wasm/— Rust WASM crypto core + TS wrapperdocs/— threat model, architecture, and demo notes
- Docker + Docker Compose
just(task runner)- Bun (for the web app)
- Start services:
just up
- Deploy contracts to local Anvil:
just deploy-local
- Run the UI:
bun run web:dev
- Open the UI:
http://localhost:3000
Create a .env in the repo root (see .env.example):
NUXT_PUBLIC_CHAIN_ID=31337
NUXT_PUBLIC_RPC_URL=http://127.0.0.1:8545
NUXT_PUBLIC_INDEXER_BASE_URL=http://127.0.0.1:8080
- Deposit + Commit: create a note, compute commit hash, submit deposit/commit
- Reveal + Claim: reveal with secret + salt and claim funds
- Vault Status: query the indexer for on-chain state
See docs/security-demo.md and docs/e2e-demo.md for walkthroughs.
just test(runs the configured test containers)just lint(filename lint + typecheck)
This is a demo project. It is not audited and not hardened for production. All cryptographic flows are provided for education and demonstration only.
Apache-2.0. See LICENSE.