UmbraClient

client

Defined in: src/client/umbra-client.ts:204

High-level client for interacting with the Umbra Privacy protocol smart contracts.

Remarks

The UmbraClient provides a simplified, user-friendly interface for interacting with the Umbra Privacy protocol without requiring any knowledge of the underlying architecture, cryptographic primitives, or implementation details. It abstracts away the complexity of:

• Key derivation and management
• Transaction construction and signing
• Zero-knowledge proof generation
• Rescue cipher encryption/decryption
• Transaction forwarding and confirmation
• Network connectivity and RPC management

Connection Requirement: It is absolutely necessary to provide a connection (via RPC URL, Connection instance, or ConnectionBasedForwarder) when creating the client. All on-chain data operations depend on this connection:

• Fetching account data from the blockchain
• Reading program state and account information
• Sending transactions to the network
• Confirming transaction status
• Querying transaction history

Without a valid connection, the client cannot interact with the Umbra Privacy protocol on-chain.

Key Features:

• Simplified API: Interact with Umbra Privacy smart contracts using high-level methods
• Automatic Management: Handles wallet creation, key derivation, and cipher management automatically
• Flexible Forwarding: Supports multiple transaction forwarding strategies (direct RPC, relayer services)
• Type Safety: Full TypeScript support with branded types for enhanced safety
• Error Handling: Comprehensive error types for better debugging and error recovery

Architecture Abstraction: The client manages all the complex components internally:

• UmbraWallets: Cryptographic wallets that handle key derivation, signing, and encryption
• Transaction Forwarders: Components that submit transactions to the network with various strategies
• Connection Management: Handles Solana network connectivity and RPC interactions

Users can focus on their application logic while the client handles all protocol-specific operations behind the scenes.

Example

// Create client from RPC URL (simplest approach)
const client = UmbraClient.create('https://api.mainnet-beta.solana.com');

// Create client from Connection instance
const connection = new Connection('https://api.mainnet-beta.solana.com');
const client = UmbraClient.create(connection);

// Create client from existing forwarder
const forwarder = ConnectionBasedForwarder.fromRpcUrl('https://api.mainnet-beta.solana.com');
const client = UmbraClient.create(forwarder);

// Access managed components
const wallet = client.umbraWallet;
const forwarderInstance = client.txForwarder;
const connectionForwarder = client.connectionBasedForwarder;

Type Parameters

T

T = SolanaTransactionSignature

The return type for transaction forwarding operations (defaults to SolanaTransactionSignature)

Properties

connectionBasedForwarder

readonly connectionBasedForwarder: ConnectionBasedForwarder

Defined in: src/client/umbra-client.ts:245

The connection-based transaction forwarder for direct RPC submission.

Remarks

This forwarder uses a Solana Connection to submit transactions directly to the network. It supports sequential transaction forwarding with confirmation, delays, and offset-based resumption. This is the primary forwarder created during client initialization.

program

readonly program: Program<Umbra>

Defined in: src/client/umbra-client.ts:246

txForwarder

txForwarder: ITransactionForwarder<T> | undefined

Defined in: src/client/umbra-client.ts:223

Optional transaction forwarder managed by this client.

Remarks

The transaction forwarder handles submitting signed transactions to the network. Different forwarders can use different strategies (direct RPC, relayer services, etc.). The generic type T determines the return type of forwarding operations.

umbraWallet

umbraWallet: UmbraWallet | undefined

Defined in: src/client/umbra-client.ts:213

Optional Umbra wallet managed by this client.

Remarks

The wallet provides cryptographic operations, transaction signing, and encryption capabilities. Wallets are created from signers and handle all key derivation and cipher management internally.

zkProver

zkProver: IZkProver | undefined

Defined in: src/client/umbra-client.ts:235

Optional zero-knowledge prover used for generating Groth16 proofs (e.g. for master viewing key registration).

Remarks

This prover is not required for basic client functionality, but methods that involve anonymity features or on-chain proof verification (such as registerAccountForAnonymity) will throw an UmbraClientError if it has not been configured.

Methods

claimDepositConfidentiallyFromMixerPool()

claimDepositConfidentiallyFromMixerPool(mintAddress, destinationAddress, commitmentInsertionIndex, relayerPublicKey, generationIndex, time, claimableBalance, optionalData): Promise<string>

Defined in: src/client/umbra-client.ts:3182

Claims a deposit confidentially from the mixer pool by generating a zero-knowledge proof and executing the claim transaction through a relayer.

Parameters

mintAddress

MintAddress

The mint address of the token being claimed

destinationAddress

SolanaAddress

The destination address where the claimed tokens will be deposited

commitmentInsertionIndex

U64

The index in the Merkle tree where the commitment was inserted

relayerPublicKey

SolanaAddress

The public key of the relayer that will process and pay for the transaction

generationIndex

U256

The generation index used to derive cryptographic values (random secret, nullifier)

time

I64

The timestamp when the original deposit was made (used for linker hash generation)

claimableBalance

U128

The amount that can be claimed (after fees are deducted)

optionalData

U256LeBytes

Optional SHA3 hash for additional data

Returns

Promise<string>

A promise resolving to the transaction signature of the forwarded transaction

Remarks

This method enables users to claim deposits from the mixer pool while maintaining privacy. The claim process involves:

1. Fetching and validating Arcium encrypted user and token accounts
2. Generating cryptographic values (random secret, nullifier, linker hash)
3. Creating encrypted commitments and zero-knowledge proofs
4. Building appropriate deposit instructions based on account state
5. Forwarding the transaction through a relayer

Account Initialization: If the user account or token account doesn't exist (null), initialization instructions are automatically added to the transaction. After initialization:

• User Account: Initialized, MXE encrypted, and active
• Token Account: Initialized, active, Arcium balance uninitialized, and MXE encrypted

Deposit Instruction Selection: The method selects the appropriate deposit instruction based on account state:

• If token account's Arcium balance is initialized:
  • MXE encrypted → buildExistingTokenDepositMxeInstruction
  • Shared → buildExistingTokenDepositSharedInstruction
• If token account's Arcium balance is not initialized:
  • User account MXE encrypted → buildNewTokenDepositMxeInstruction
  • User account shared → buildNewTokenDepositSharedInstruction

Privacy Features:

• Zero-knowledge proofs verify claim validity without revealing details
• Nullifier hash prevents double-spending
• Encrypted commitments maintain privacy
• Merkle tree proofs verify deposit inclusion

Requirements:

• An Umbra wallet must be set on the client via setUmbraWallet
• A zero-knowledge prover must be set via setZkProver
• The wallet must have a valid master viewing key
• The commitment must exist in the mixer pool at the specified index

Throws

UmbraClientError When:

• No Umbra wallet is set on the client
• No zero-knowledge prover is set on the client
• The wallet's master viewing key is unavailable
• Account fetching fails
• Account decoding fails
• An existing account is not active (user or token account)
• Cryptographic value generation fails (random secret, nullifier, linker hash)
• Zero-knowledge proof generation fails or returns invalid results
• Ephemeral X25519 key pair generation fails
• Rescue cipher encryption fails
• Instruction building fails
• Transaction building or forwarding fails

Example

const client = UmbraClient.create('https://api.mainnet-beta.solana.com');
await client.setUmbraWallet(signer);
await client.setZkProver(zkProver);

const signature = await client.claimDepositConfidentiallyFromMixerPool(
  usdcMintAddress,
  destinationAddress,
  42n, // commitmentInsertionIndex
  relayerPublicKey,
  0n, // generationIndex
  1704067200n, // time (Unix timestamp)
  1000000n, // claimableBalance (1 USDC with 6 decimals)
  optionalDataHash
);

depositPublicallyIntoMixerPool()

Call Signature

depositPublicallyIntoMixerPool(amount, destinationAddress, mintAddress): Promise<[U256, SolanaAddress, U128, string | VersionedTransaction | T]>

Defined in: src/client/umbra-client.ts:2184

Convenience wrapper that deposits either SOL (via WSOL) or SPL tokens into the mixer pool, delegating to depositPublicallyIntoMixerPoolSol or depositPublicallyIntoMixerPoolSpl as appropriate based on the mint.

Parameters

amount

U128

The amount of SOL/SPL tokens to deposit.

destinationAddress

SolanaAddress

The Solana address where withdrawn funds should ultimately be sent.

mintAddress

MintAddress

The SPL mint address. If this is WSOL_MINT_ADDRESS, the SOL path is used.

Returns

Promise<[U256, SolanaAddress, U128, string | VersionedTransaction | T]>

Remarks

• When mintAddress === WSOL_MINT_ADDRESS, this method behaves exactly like depositPublicallyIntoMixerPoolSol, including relayer and commission fee cuts from the deposited amount.
• For all other mints, it behaves like depositPublicallyIntoMixerPoolSpl, where the full SPL amount is committed into the mixer pool and relayer fees are paid from WSOL.

All mode and index semantics mirror the underlying SOL/SPL methods.

Call Signature

depositPublicallyIntoMixerPool(amount, destinationAddress, mintAddress, index): Promise<[U256, SolanaAddress, U128, string | VersionedTransaction | T]>

Defined in: src/client/umbra-client.ts:2191

Convenience wrapper that deposits either SOL (via WSOL) or SPL tokens into the mixer pool, delegating to depositPublicallyIntoMixerPoolSol or depositPublicallyIntoMixerPoolSpl as appropriate based on the mint.

Parameters

amount

U128

The amount of SOL/SPL tokens to deposit.

destinationAddress

SolanaAddress

The Solana address where withdrawn funds should ultimately be sent.

mintAddress

MintAddress

The SPL mint address. If this is WSOL_MINT_ADDRESS, the SOL path is used.

index

U256

Returns

Promise<[U256, SolanaAddress, U128, string | VersionedTransaction | T]>

Remarks

• When mintAddress === WSOL_MINT_ADDRESS, this method behaves exactly like depositPublicallyIntoMixerPoolSol, including relayer and commission fee cuts from the deposited amount.
• For all other mints, it behaves like depositPublicallyIntoMixerPoolSpl, where the full SPL amount is committed into the mixer pool and relayer fees are paid from WSOL.

All mode and index semantics mirror the underlying SOL/SPL methods.

Call Signature

depositPublicallyIntoMixerPool(amount, destinationAddress, mintAddress, opts): Promise<[U256, SolanaAddress, U128, string]>

Defined in: src/client/umbra-client.ts:2199

Convenience wrapper that deposits either SOL (via WSOL) or SPL tokens into the mixer pool, delegating to depositPublicallyIntoMixerPoolSol or depositPublicallyIntoMixerPoolSpl as appropriate based on the mint.

Parameters

amount

U128

The amount of SOL/SPL tokens to deposit.

destinationAddress

SolanaAddress

The Solana address where withdrawn funds should ultimately be sent.

mintAddress

MintAddress

The SPL mint address. If this is WSOL_MINT_ADDRESS, the SOL path is used.

opts

mode

"connection"

Returns

Promise<[U256, SolanaAddress, U128, string]>

Remarks

• When mintAddress === WSOL_MINT_ADDRESS, this method behaves exactly like depositPublicallyIntoMixerPoolSol, including relayer and commission fee cuts from the deposited amount.
• For all other mints, it behaves like depositPublicallyIntoMixerPoolSpl, where the full SPL amount is committed into the mixer pool and relayer fees are paid from WSOL.

All mode and index semantics mirror the underlying SOL/SPL methods.

Call Signature

depositPublicallyIntoMixerPool(amount, destinationAddress, mintAddress, index, opts): Promise<[U256, SolanaAddress, U128, string]>

Defined in: src/client/umbra-client.ts:2205

Convenience wrapper that deposits either SOL (via WSOL) or SPL tokens into the mixer pool, delegating to depositPublicallyIntoMixerPoolSol or depositPublicallyIntoMixerPoolSpl as appropriate based on the mint.

Parameters

amount

U128

The amount of SOL/SPL tokens to deposit.

destinationAddress

SolanaAddress

The Solana address where withdrawn funds should ultimately be sent.

mintAddress

MintAddress

The SPL mint address. If this is WSOL_MINT_ADDRESS, the SOL path is used.

index

U256

opts

mode

"connection"

Returns

Promise<[U256, SolanaAddress, U128, string]>

Remarks

• When mintAddress === WSOL_MINT_ADDRESS, this method behaves exactly like depositPublicallyIntoMixerPoolSol, including relayer and commission fee cuts from the deposited amount.
• For all other mints, it behaves like depositPublicallyIntoMixerPoolSpl, where the full SPL amount is committed into the mixer pool and relayer fees are paid from WSOL.

All mode and index semantics mirror the underlying SOL/SPL methods.

Call Signature

depositPublicallyIntoMixerPool(amount, destinationAddress, mintAddress, opts): Promise<[U256, SolanaAddress, U128, T]>

Defined in: src/client/umbra-client.ts:2212

Convenience wrapper that deposits either SOL (via WSOL) or SPL tokens into the mixer pool, delegating to depositPublicallyIntoMixerPoolSol or depositPublicallyIntoMixerPoolSpl as appropriate based on the mint.

Parameters

amount

U128

The amount of SOL/SPL tokens to deposit.

destinationAddress

SolanaAddress

The Solana address where withdrawn funds should ultimately be sent.

mintAddress

MintAddress

The SPL mint address. If this is WSOL_MINT_ADDRESS, the SOL path is used.

opts

mode

"forwarder"

Returns

Promise<[U256, SolanaAddress, U128, T]>

Remarks

• When mintAddress === WSOL_MINT_ADDRESS, this method behaves exactly like depositPublicallyIntoMixerPoolSol, including relayer and commission fee cuts from the deposited amount.
• For all other mints, it behaves like depositPublicallyIntoMixerPoolSpl, where the full SPL amount is committed into the mixer pool and relayer fees are paid from WSOL.

All mode and index semantics mirror the underlying SOL/SPL methods.

Call Signature

depositPublicallyIntoMixerPool(amount, destinationAddress, mintAddress, index, opts): Promise<[U256, SolanaAddress, U128, T]>

Defined in: src/client/umbra-client.ts:2218

Convenience wrapper that deposits either SOL (via WSOL) or SPL tokens into the mixer pool, delegating to depositPublicallyIntoMixerPoolSol or depositPublicallyIntoMixerPoolSpl as appropriate based on the mint.

Parameters

amount

U128

The amount of SOL/SPL tokens to deposit.

destinationAddress

SolanaAddress

The Solana address where withdrawn funds should ultimately be sent.

mintAddress

MintAddress

The SPL mint address. If this is WSOL_MINT_ADDRESS, the SOL path is used.

index

U256

opts

mode

"forwarder"

Returns

Promise<[U256, SolanaAddress, U128, T]>

Remarks

• When mintAddress === WSOL_MINT_ADDRESS, this method behaves exactly like depositPublicallyIntoMixerPoolSol, including relayer and commission fee cuts from the deposited amount.
• For all other mints, it behaves like depositPublicallyIntoMixerPoolSpl, where the full SPL amount is committed into the mixer pool and relayer fees are paid from WSOL.

All mode and index semantics mirror the underlying SOL/SPL methods.

Call Signature

depositPublicallyIntoMixerPool(amount, destinationAddress, mintAddress, opts): Promise<[U256, SolanaAddress, U128, VersionedTransaction]>

Defined in: src/client/umbra-client.ts:2225

Convenience wrapper that deposits either SOL (via WSOL) or SPL tokens into the mixer pool, delegating to depositPublicallyIntoMixerPoolSol or depositPublicallyIntoMixerPoolSpl as appropriate based on the mint.

Parameters

amount

U128

The amount of SOL/SPL tokens to deposit.

destinationAddress

SolanaAddress

The Solana address where withdrawn funds should ultimately be sent.

mintAddress

MintAddress

The SPL mint address. If this is WSOL_MINT_ADDRESS, the SOL path is used.

opts

mode

"signed"

Returns

Promise<[U256, SolanaAddress, U128, VersionedTransaction]>

Remarks

• When mintAddress === WSOL_MINT_ADDRESS, this method behaves exactly like depositPublicallyIntoMixerPoolSol, including relayer and commission fee cuts from the deposited amount.
• For all other mints, it behaves like depositPublicallyIntoMixerPoolSpl, where the full SPL amount is committed into the mixer pool and relayer fees are paid from WSOL.

All mode and index semantics mirror the underlying SOL/SPL methods.

Call Signature

depositPublicallyIntoMixerPool(amount, destinationAddress, mintAddress, index, opts): Promise<[U256, SolanaAddress, U128, VersionedTransaction]>

Defined in: src/client/umbra-client.ts:2231

Convenience wrapper that deposits either SOL (via WSOL) or SPL tokens into the mixer pool, delegating to depositPublicallyIntoMixerPoolSol or depositPublicallyIntoMixerPoolSpl as appropriate based on the mint.

Parameters

amount

U128

The amount of SOL/SPL tokens to deposit.

destinationAddress

SolanaAddress

The Solana address where withdrawn funds should ultimately be sent.

mintAddress

MintAddress

The SPL mint address. If this is WSOL_MINT_ADDRESS, the SOL path is used.

index

U256

opts

mode

"signed"

Returns

Promise<[U256, SolanaAddress, U128, VersionedTransaction]>

Remarks

• When mintAddress === WSOL_MINT_ADDRESS, this method behaves exactly like depositPublicallyIntoMixerPoolSol, including relayer and commission fee cuts from the deposited amount.
• For all other mints, it behaves like depositPublicallyIntoMixerPoolSpl, where the full SPL amount is committed into the mixer pool and relayer fees are paid from WSOL.

All mode and index semantics mirror the underlying SOL/SPL methods.

Call Signature

depositPublicallyIntoMixerPool(amount, destinationAddress, mintAddress, opts): Promise<[U256, SolanaAddress, U128, VersionedTransaction]>

Defined in: src/client/umbra-client.ts:2238

Convenience wrapper that deposits either SOL (via WSOL) or SPL tokens into the mixer pool, delegating to depositPublicallyIntoMixerPoolSol or depositPublicallyIntoMixerPoolSpl as appropriate based on the mint.

Parameters

amount

U128

The amount of SOL/SPL tokens to deposit.

destinationAddress

SolanaAddress

The Solana address where withdrawn funds should ultimately be sent.

mintAddress

MintAddress

The SPL mint address. If this is WSOL_MINT_ADDRESS, the SOL path is used.

opts

mode

"prepared"

Returns

Promise<[U256, SolanaAddress, U128, VersionedTransaction]>

Remarks

• When mintAddress === WSOL_MINT_ADDRESS, this method behaves exactly like depositPublicallyIntoMixerPoolSol, including relayer and commission fee cuts from the deposited amount.
• For all other mints, it behaves like depositPublicallyIntoMixerPoolSpl, where the full SPL amount is committed into the mixer pool and relayer fees are paid from WSOL.

All mode and index semantics mirror the underlying SOL/SPL methods.

Call Signature

depositPublicallyIntoMixerPool(amount, destinationAddress, mintAddress, index, opts): Promise<[U256, SolanaAddress, U128, VersionedTransaction]>

Defined in: src/client/umbra-client.ts:2244

Convenience wrapper that deposits either SOL (via WSOL) or SPL tokens into the mixer pool, delegating to depositPublicallyIntoMixerPoolSol or depositPublicallyIntoMixerPoolSpl as appropriate based on the mint.

Parameters

amount

U128

The amount of SOL/SPL tokens to deposit.

destinationAddress

SolanaAddress

The Solana address where withdrawn funds should ultimately be sent.

mintAddress

MintAddress

The SPL mint address. If this is WSOL_MINT_ADDRESS, the SOL path is used.

index

U256

opts

mode

"prepared"

Returns

Promise<[U256, SolanaAddress, U128, VersionedTransaction]>

Remarks

• When mintAddress === WSOL_MINT_ADDRESS, this method behaves exactly like depositPublicallyIntoMixerPoolSol, including relayer and commission fee cuts from the deposited amount.
• For all other mints, it behaves like depositPublicallyIntoMixerPoolSpl, where the full SPL amount is committed into the mixer pool and relayer fees are paid from WSOL.

All mode and index semantics mirror the underlying SOL/SPL methods.

Call Signature

depositPublicallyIntoMixerPool(amount, destinationAddress, mintAddress, opts): Promise<[U256, SolanaAddress, U128, VersionedTransaction]>

Defined in: src/client/umbra-client.ts:2251

Convenience wrapper that deposits either SOL (via WSOL) or SPL tokens into the mixer pool, delegating to depositPublicallyIntoMixerPoolSol or depositPublicallyIntoMixerPoolSpl as appropriate based on the mint.

Parameters

amount

U128

The amount of SOL/SPL tokens to deposit.

destinationAddress

SolanaAddress

The Solana address where withdrawn funds should ultimately be sent.

mintAddress

MintAddress

The SPL mint address. If this is WSOL_MINT_ADDRESS, the SOL path is used.

opts

mode

"raw"

Returns

Promise<[U256, SolanaAddress, U128, VersionedTransaction]>

Remarks

• When mintAddress === WSOL_MINT_ADDRESS, this method behaves exactly like depositPublicallyIntoMixerPoolSol, including relayer and commission fee cuts from the deposited amount.
• For all other mints, it behaves like depositPublicallyIntoMixerPoolSpl, where the full SPL amount is committed into the mixer pool and relayer fees are paid from WSOL.

All mode and index semantics mirror the underlying SOL/SPL methods.

depositPublicallyIntoMixerPoolSol()

Call Signature

depositPublicallyIntoMixerPoolSol(amount, destinationAddress): Promise<[U256, SolanaAddress, U128, string]>

Defined in: src/client/umbra-client.ts:1509

Deposits SOL publicly into the Umbra mixer pool via a relayer, generating the required zero-knowledge proof and commitment/linker hashes.

Parameters

amount

U128

The amount of SOL to deposit into the mixer pool.

destinationAddress

SolanaAddress

The Solana address where withdrawn funds should ultimately be sent.

Returns

Promise<[U256, SolanaAddress, U128, string]>

Depending on the mode, a tuple [index, relayerPublicKey, claimableBalance, value] where:

• index is the U256 nullifier index used to derive the random secret and nullifier.
• relayerPublicKey is the SolanaAddress of the randomly selected relayer used for this deposit.
• claimableBalance is the Amount that can be claimed after deducting relayer fees and commission fees.
• value is either a transaction signature, a forwarded result of type T, or a prepared/signed VersionedTransaction.

Remarks

This method:

• Ensures the Arcium-encrypted user account is initialised, active, and has a registered master viewing key.
• Uses either a caller-provided index or a freshly sampled random index and derives:
  • A random secret via UmbraWallet.generateRandomSecret
  • A nullifier via UmbraWallet.generateNullifier
• Computes an inner commitment binding the random secret, nullifier, net deposit amount, master viewing key, and destination address.
• Computes a time-based linker hash via UmbraWallet.generateLinkerHashForDepositsIntoMixerPool.
• Generates a Groth16 proof using the configured IZkProver.
• Builds a deposit_into_mixer_pool_sol instruction targeting a randomly selected relayer.

The behavior is controlled by the mode option:

• Default / 'forwarder' Signs the transaction with the client's umbraWallet and forwards it via txForwarder, returning the generic type T. This is the recommended mode when using a relayer.

• 'connection' Signs the transaction with the client's umbraWallet and sends it directly via connectionBasedForwarder, returning a SolanaTransactionSignature.

• 'signed' Signs with the client's umbraWallet and returns the signed VersionedTransaction without sending it. Use this when you want to control submission yourself.

• 'prepared' Returns an unsigned VersionedTransaction with fee payer and recent blockhash populated. Use this when the signing key is external but you still want the client to prepare the transaction.

• 'raw' Returns an unsigned VersionedTransaction built only from the instructions, with a placeholder blockhash. No real fee payer / blockhash setup is performed, and the caller is expected to update the message before signing and sending.

If the user's Arcium-encrypted account cannot be fetched, it is treated as uninitialised and the account checks (initialised / active / registered master viewing key) will fail with explicit UmbraClientErrors.

Throws

UmbraClientError

• If no Umbra wallet has been configured on the client.
• If no ZK prover has been configured on the client.
• If the user's account is not initialised, not active, or has not registered a master viewing key.
• If no transaction forwarder is configured when using 'forwarder' mode.

Examples

// Basic usage with a randomly derived index and default 'forwarder' mode.
const signatureOrResult = await client.depositPublicallyIntoMixerPoolSol(
  amount,
  destinationAddress,
);

// Usage with a fixed index for reproducible commitments / proofs.
const index: U256 = /* obtain index */;
const tx = await client.depositPublicallyIntoMixerPoolSol(
  amount,
  destinationAddress,
  index,
  { mode: 'signed' },
);

Call Signature

depositPublicallyIntoMixerPoolSol(amount, destinationAddress, index): Promise<[U256, SolanaAddress, U128, string]>

Defined in: src/client/umbra-client.ts:1513

Deposits SOL publicly into the Umbra mixer pool via a relayer, generating the required zero-knowledge proof and commitment/linker hashes.

Parameters

amount

U128

The amount of SOL to deposit into the mixer pool.

destinationAddress

SolanaAddress

The Solana address where withdrawn funds should ultimately be sent.

index

U256

Returns

Promise<[U256, SolanaAddress, U128, string]>

Depending on the mode, a tuple [index, relayerPublicKey, claimableBalance, value] where:

• index is the U256 nullifier index used to derive the random secret and nullifier.
• relayerPublicKey is the SolanaAddress of the randomly selected relayer used for this deposit.
• claimableBalance is the Amount that can be claimed after deducting relayer fees and commission fees.
• value is either a transaction signature, a forwarded result of type T, or a prepared/signed VersionedTransaction.

Remarks

This method:

• Ensures the Arcium-encrypted user account is initialised, active, and has a registered master viewing key.
• Uses either a caller-provided index or a freshly sampled random index and derives:
  • A random secret via UmbraWallet.generateRandomSecret
  • A nullifier via UmbraWallet.generateNullifier
• Computes an inner commitment binding the random secret, nullifier, net deposit amount, master viewing key, and destination address.
• Computes a time-based linker hash via UmbraWallet.generateLinkerHashForDepositsIntoMixerPool.
• Generates a Groth16 proof using the configured IZkProver.
• Builds a deposit_into_mixer_pool_sol instruction targeting a randomly selected relayer.

The behavior is controlled by the mode option:

• Default / 'forwarder' Signs the transaction with the client's umbraWallet and forwards it via txForwarder, returning the generic type T. This is the recommended mode when using a relayer.

• 'connection' Signs the transaction with the client's umbraWallet and sends it directly via connectionBasedForwarder, returning a SolanaTransactionSignature.

• 'signed' Signs with the client's umbraWallet and returns the signed VersionedTransaction without sending it. Use this when you want to control submission yourself.

• 'prepared' Returns an unsigned VersionedTransaction with fee payer and recent blockhash populated. Use this when the signing key is external but you still want the client to prepare the transaction.

• 'raw' Returns an unsigned VersionedTransaction built only from the instructions, with a placeholder blockhash. No real fee payer / blockhash setup is performed, and the caller is expected to update the message before signing and sending.

If the user's Arcium-encrypted account cannot be fetched, it is treated as uninitialised and the account checks (initialised / active / registered master viewing key) will fail with explicit UmbraClientErrors.

Throws

UmbraClientError

• If no Umbra wallet has been configured on the client.
• If no ZK prover has been configured on the client.
• If the user's account is not initialised, not active, or has not registered a master viewing key.
• If no transaction forwarder is configured when using 'forwarder' mode.

Examples

// Basic usage with a randomly derived index and default 'forwarder' mode.
const signatureOrResult = await client.depositPublicallyIntoMixerPoolSol(
  amount,
  destinationAddress,
);

// Usage with a fixed index for reproducible commitments / proofs.
const index: U256 = /* obtain index */;
const tx = await client.depositPublicallyIntoMixerPoolSol(
  amount,
  destinationAddress,
  index,
  { mode: 'signed' },
);

Call Signature

depositPublicallyIntoMixerPoolSol(amount, destinationAddress, opts): Promise<[U256, SolanaAddress, U128, string]>

Defined in: src/client/umbra-client.ts:1518

Deposits SOL publicly into the Umbra mixer pool via a relayer, generating the required zero-knowledge proof and commitment/linker hashes.

Parameters

amount

U128

The amount of SOL to deposit into the mixer pool.

destinationAddress

SolanaAddress

The Solana address where withdrawn funds should ultimately be sent.

opts

Optional transaction handling mode (see remarks).

mode

"connection"

Returns

Promise<[U256, SolanaAddress, U128, string]>

Depending on the mode, a tuple [index, relayerPublicKey, claimableBalance, value] where:

• index is the U256 nullifier index used to derive the random secret and nullifier.
• relayerPublicKey is the SolanaAddress of the randomly selected relayer used for this deposit.
• claimableBalance is the Amount that can be claimed after deducting relayer fees and commission fees.
• value is either a transaction signature, a forwarded result of type T, or a prepared/signed VersionedTransaction.

Remarks

This method:

• Ensures the Arcium-encrypted user account is initialised, active, and has a registered master viewing key.
• Uses either a caller-provided index or a freshly sampled random index and derives:
  • A random secret via UmbraWallet.generateRandomSecret
  • A nullifier via UmbraWallet.generateNullifier
• Computes an inner commitment binding the random secret, nullifier, net deposit amount, master viewing key, and destination address.
• Computes a time-based linker hash via UmbraWallet.generateLinkerHashForDepositsIntoMixerPool.
• Generates a Groth16 proof using the configured IZkProver.
• Builds a deposit_into_mixer_pool_sol instruction targeting a randomly selected relayer.

The behavior is controlled by the mode option:

• Default / 'forwarder' Signs the transaction with the client's umbraWallet and forwards it via txForwarder, returning the generic type T. This is the recommended mode when using a relayer.

• 'connection' Signs the transaction with the client's umbraWallet and sends it directly via connectionBasedForwarder, returning a SolanaTransactionSignature.

• 'signed' Signs with the client's umbraWallet and returns the signed VersionedTransaction without sending it. Use this when you want to control submission yourself.

• 'prepared' Returns an unsigned VersionedTransaction with fee payer and recent blockhash populated. Use this when the signing key is external but you still want the client to prepare the transaction.

• 'raw' Returns an unsigned VersionedTransaction built only from the instructions, with a placeholder blockhash. No real fee payer / blockhash setup is performed, and the caller is expected to update the message before signing and sending.

If the user's Arcium-encrypted account cannot be fetched, it is treated as uninitialised and the account checks (initialised / active / registered master viewing key) will fail with explicit UmbraClientErrors.

Throws

UmbraClientError

• If no Umbra wallet has been configured on the client.
• If no ZK prover has been configured on the client.
• If the user's account is not initialised, not active, or has not registered a master viewing key.
• If no transaction forwarder is configured when using 'forwarder' mode.

Examples

// Basic usage with a randomly derived index and default 'forwarder' mode.
const signatureOrResult = await client.depositPublicallyIntoMixerPoolSol(
  amount,
  destinationAddress,
);

// Usage with a fixed index for reproducible commitments / proofs.
const index: U256 = /* obtain index */;
const tx = await client.depositPublicallyIntoMixerPoolSol(
  amount,
  destinationAddress,
  index,
  { mode: 'signed' },
);

Call Signature

depositPublicallyIntoMixerPoolSol(amount, destinationAddress, index, opts): Promise<[U256, SolanaAddress, U128, string]>

Defined in: src/client/umbra-client.ts:1523

Deposits SOL publicly into the Umbra mixer pool via a relayer, generating the required zero-knowledge proof and commitment/linker hashes.

Parameters

amount

U128

The amount of SOL to deposit into the mixer pool.

destinationAddress

SolanaAddress

The Solana address where withdrawn funds should ultimately be sent.

index

U256

opts

Optional transaction handling mode (see remarks).

mode

"connection"

Returns

Promise<[U256, SolanaAddress, U128, string]>

Depending on the mode, a tuple [index, relayerPublicKey, claimableBalance, value] where:

• index is the U256 nullifier index used to derive the random secret and nullifier.
• relayerPublicKey is the SolanaAddress of the randomly selected relayer used for this deposit.
• claimableBalance is the Amount that can be claimed after deducting relayer fees and commission fees.
• value is either a transaction signature, a forwarded result of type T, or a prepared/signed VersionedTransaction.

Remarks

This method:

• Ensures the Arcium-encrypted user account is initialised, active, and has a registered master viewing key.
• Uses either a caller-provided index or a freshly sampled random index and derives:
  • A random secret via UmbraWallet.generateRandomSecret
  • A nullifier via UmbraWallet.generateNullifier
• Computes an inner commitment binding the random secret, nullifier, net deposit amount, master viewing key, and destination address.
• Computes a time-based linker hash via UmbraWallet.generateLinkerHashForDepositsIntoMixerPool.
• Generates a Groth16 proof using the configured IZkProver.
• Builds a deposit_into_mixer_pool_sol instruction targeting a randomly selected relayer.

The behavior is controlled by the mode option:

• Default / 'forwarder' Signs the transaction with the client's umbraWallet and forwards it via txForwarder, returning the generic type T. This is the recommended mode when using a relayer.

• 'connection' Signs the transaction with the client's umbraWallet and sends it directly via connectionBasedForwarder, returning a SolanaTransactionSignature.

• 'signed' Signs with the client's umbraWallet and returns the signed VersionedTransaction without sending it. Use this when you want to control submission yourself.

• 'prepared' Returns an unsigned VersionedTransaction with fee payer and recent blockhash populated. Use this when the signing key is external but you still want the client to prepare the transaction.

• 'raw' Returns an unsigned VersionedTransaction built only from the instructions, with a placeholder blockhash. No real fee payer / blockhash setup is performed, and the caller is expected to update the message before signing and sending.

If the user's Arcium-encrypted account cannot be fetched, it is treated as uninitialised and the account checks (initialised / active / registered master viewing key) will fail with explicit UmbraClientErrors.

Throws

UmbraClientError

• If no Umbra wallet has been configured on the client.
• If no ZK prover has been configured on the client.
• If the user's account is not initialised, not active, or has not registered a master viewing key.
• If no transaction forwarder is configured when using 'forwarder' mode.

Examples

// Basic usage with a randomly derived index and default 'forwarder' mode.
const signatureOrResult = await client.depositPublicallyIntoMixerPoolSol(
  amount,
  destinationAddress,
);

// Usage with a fixed index for reproducible commitments / proofs.
const index: U256 = /* obtain index */;
const tx = await client.depositPublicallyIntoMixerPoolSol(
  amount,
  destinationAddress,
  index,
  { mode: 'signed' },
);

Call Signature

depositPublicallyIntoMixerPoolSol(amount, destinationAddress, opts): Promise<[U256, SolanaAddress, U128, T]>

Defined in: src/client/umbra-client.ts:1529

Deposits SOL publicly into the Umbra mixer pool via a relayer, generating the required zero-knowledge proof and commitment/linker hashes.

Parameters

amount

U128

The amount of SOL to deposit into the mixer pool.

destinationAddress

SolanaAddress

The Solana address where withdrawn funds should ultimately be sent.

opts

Optional transaction handling mode (see remarks).

mode

"forwarder"

Returns

Promise<[U256, SolanaAddress, U128, T]>

Depending on the mode, a tuple [index, relayerPublicKey, claimableBalance, value] where:

• index is the U256 nullifier index used to derive the random secret and nullifier.
• relayerPublicKey is the SolanaAddress of the randomly selected relayer used for this deposit.
• claimableBalance is the Amount that can be claimed after deducting relayer fees and commission fees.
• value is either a transaction signature, a forwarded result of type T, or a prepared/signed VersionedTransaction.

Remarks

This method:

• Ensures the Arcium-encrypted user account is initialised, active, and has a registered master viewing key.
• Uses either a caller-provided index or a freshly sampled random index and derives:
  • A random secret via UmbraWallet.generateRandomSecret
  • A nullifier via UmbraWallet.generateNullifier
• Computes an inner commitment binding the random secret, nullifier, net deposit amount, master viewing key, and destination address.
• Computes a time-based linker hash via UmbraWallet.generateLinkerHashForDepositsIntoMixerPool.
• Generates a Groth16 proof using the configured IZkProver.
• Builds a deposit_into_mixer_pool_sol instruction targeting a randomly selected relayer.

The behavior is controlled by the mode option:

• Default / 'forwarder' Signs the transaction with the client's umbraWallet and forwards it via txForwarder, returning the generic type T. This is the recommended mode when using a relayer.

• 'connection' Signs the transaction with the client's umbraWallet and sends it directly via connectionBasedForwarder, returning a SolanaTransactionSignature.

• 'signed' Signs with the client's umbraWallet and returns the signed VersionedTransaction without sending it. Use this when you want to control submission yourself.

• 'prepared' Returns an unsigned VersionedTransaction with fee payer and recent blockhash populated. Use this when the signing key is external but you still want the client to prepare the transaction.

• 'raw' Returns an unsigned VersionedTransaction built only from the instructions, with a placeholder blockhash. No real fee payer / blockhash setup is performed, and the caller is expected to update the message before signing and sending.

If the user's Arcium-encrypted account cannot be fetched, it is treated as uninitialised and the account checks (initialised / active / registered master viewing key) will fail with explicit UmbraClientErrors.

Throws

UmbraClientError

• If no Umbra wallet has been configured on the client.
• If no ZK prover has been configured on the client.
• If the user's account is not initialised, not active, or has not registered a master viewing key.
• If no transaction forwarder is configured when using 'forwarder' mode.

Examples

// Basic usage with a randomly derived index and default 'forwarder' mode.
const signatureOrResult = await client.depositPublicallyIntoMixerPoolSol(
  amount,
  destinationAddress,
);

// Usage with a fixed index for reproducible commitments / proofs.
const index: U256 = /* obtain index */;
const tx = await client.depositPublicallyIntoMixerPoolSol(
  amount,
  destinationAddress,
  index,
  { mode: 'signed' },
);

Call Signature

depositPublicallyIntoMixerPoolSol(amount, destinationAddress, index, opts): Promise<[U256, SolanaAddress, U128, T]>

Defined in: src/client/umbra-client.ts:1534

Deposits SOL publicly into the Umbra mixer pool via a relayer, generating the required zero-knowledge proof and commitment/linker hashes.

Parameters

amount

U128

The amount of SOL to deposit into the mixer pool.

destinationAddress

SolanaAddress

The Solana address where withdrawn funds should ultimately be sent.

index

U256

opts

Optional transaction handling mode (see remarks).

mode

"forwarder"

Returns

Promise<[U256, SolanaAddress, U128, T]>

Depending on the mode, a tuple [index, relayerPublicKey, claimableBalance, value] where:

• index is the U256 nullifier index used to derive the random secret and nullifier.
• relayerPublicKey is the SolanaAddress of the randomly selected relayer used for this deposit.
• claimableBalance is the Amount that can be claimed after deducting relayer fees and commission fees.
• value is either a transaction signature, a forwarded result of type T, or a prepared/signed VersionedTransaction.

Remarks

This method:

• Ensures the Arcium-encrypted user account is initialised, active, and has a registered master viewing key.
• Uses either a caller-provided index or a freshly sampled random index and derives:
  • A random secret via UmbraWallet.generateRandomSecret
  • A nullifier via UmbraWallet.generateNullifier
• Computes an inner commitment binding the random secret, nullifier, net deposit amount, master viewing key, and destination address.
• Computes a time-based linker hash via UmbraWallet.generateLinkerHashForDepositsIntoMixerPool.
• Generates a Groth16 proof using the configured IZkProver.
• Builds a deposit_into_mixer_pool_sol instruction targeting a randomly selected relayer.

The behavior is controlled by the mode option:

• Default / 'forwarder' Signs the transaction with the client's umbraWallet and forwards it via txForwarder, returning the generic type T. This is the recommended mode when using a relayer.

• 'connection' Signs the transaction with the client's umbraWallet and sends it directly via connectionBasedForwarder, returning a SolanaTransactionSignature.

• 'signed' Signs with the client's umbraWallet and returns the signed VersionedTransaction without sending it. Use this when you want to control submission yourself.

• 'prepared' Returns an unsigned VersionedTransaction with fee payer and recent blockhash populated. Use this when the signing key is external but you still want the client to prepare the transaction.

• 'raw' Returns an unsigned VersionedTransaction built only from the instructions, with a placeholder blockhash. No real fee payer / blockhash setup is performed, and the caller is expected to update the message before signing and sending.

If the user's Arcium-encrypted account cannot be fetched, it is treated as uninitialised and the account checks (initialised / active / registered master viewing key) will fail with explicit UmbraClientErrors.

Throws

UmbraClientError

• If no Umbra wallet has been configured on the client.
• If no ZK prover has been configured on the client.
• If the user's account is not initialised, not active, or has not registered a master viewing key.
• If no transaction forwarder is configured when using 'forwarder' mode.

Examples

// Basic usage with a randomly derived index and default 'forwarder' mode.
const signatureOrResult = await client.depositPublicallyIntoMixerPoolSol(
  amount,
  destinationAddress,
);

// Usage with a fixed index for reproducible commitments / proofs.
const index: U256 = /* obtain index */;
const tx = await client.depositPublicallyIntoMixerPoolSol(
  amount,
  destinationAddress,
  index,
  { mode: 'signed' },
);

Call Signature

depositPublicallyIntoMixerPoolSol(amount, destinationAddress, opts): Promise<[U256, SolanaAddress, U128, VersionedTransaction]>

Defined in: src/client/umbra-client.ts:1540

Deposits SOL publicly into the Umbra mixer pool via a relayer, generating the required zero-knowledge proof and commitment/linker hashes.

Parameters

amount

U128

The amount of SOL to deposit into the mixer pool.

destinationAddress

SolanaAddress

The Solana address where withdrawn funds should ultimately be sent.

opts

Optional transaction handling mode (see remarks).

mode

"signed"

Returns

Promise<[U256, SolanaAddress, U128, VersionedTransaction]>

Depending on the mode, a tuple [index, relayerPublicKey, claimableBalance, value] where:

• index is the U256 nullifier index used to derive the random secret and nullifier.
• relayerPublicKey is the SolanaAddress of the randomly selected relayer used for this deposit.
• claimableBalance is the Amount that can be claimed after deducting relayer fees and commission fees.
• value is either a transaction signature, a forwarded result of type T, or a prepared/signed VersionedTransaction.

Remarks

This method:

• Ensures the Arcium-encrypted user account is initialised, active, and has a registered master viewing key.
• Uses either a caller-provided index or a freshly sampled random index and derives:
  • A random secret via UmbraWallet.generateRandomSecret
  • A nullifier via UmbraWallet.generateNullifier
• Computes an inner commitment binding the random secret, nullifier, net deposit amount, master viewing key, and destination address.
• Computes a time-based linker hash via UmbraWallet.generateLinkerHashForDepositsIntoMixerPool.
• Generates a Groth16 proof using the configured IZkProver.
• Builds a deposit_into_mixer_pool_sol instruction targeting a randomly selected relayer.

The behavior is controlled by the mode option:

• Default / 'forwarder' Signs the transaction with the client's umbraWallet and forwards it via txForwarder, returning the generic type T. This is the recommended mode when using a relayer.

• 'connection' Signs the transaction with the client's umbraWallet and sends it directly via connectionBasedForwarder, returning a SolanaTransactionSignature.

• 'signed' Signs with the client's umbraWallet and returns the signed VersionedTransaction without sending it. Use this when you want to control submission yourself.

• 'prepared' Returns an unsigned VersionedTransaction with fee payer and recent blockhash populated. Use this when the signing key is external but you still want the client to prepare the transaction.

• 'raw' Returns an unsigned VersionedTransaction built only from the instructions, with a placeholder blockhash. No real fee payer / blockhash setup is performed, and the caller is expected to update the message before signing and sending.

If the user's Arcium-encrypted account cannot be fetched, it is treated as uninitialised and the account checks (initialised / active / registered master viewing key) will fail with explicit UmbraClientErrors.

Throws

UmbraClientError

• If no Umbra wallet has been configured on the client.
• If no ZK prover has been configured on the client.
• If the user's account is not initialised, not active, or has not registered a master viewing key.
• If no transaction forwarder is configured when using 'forwarder' mode.

Examples

// Basic usage with a randomly derived index and default 'forwarder' mode.
const signatureOrResult = await client.depositPublicallyIntoMixerPoolSol(
  amount,
  destinationAddress,
);

// Usage with a fixed index for reproducible commitments / proofs.
const index: U256 = /* obtain index */;
const tx = await client.depositPublicallyIntoMixerPoolSol(
  amount,
  destinationAddress,
  index,
  { mode: 'signed' },
);

Call Signature

depositPublicallyIntoMixerPoolSol(amount, destinationAddress, index, opts): Promise<[U256, SolanaAddress, U128, VersionedTransaction]>

Defined in: src/client/umbra-client.ts:1545

Deposits SOL publicly into the Umbra mixer pool via a relayer, generating the required zero-knowledge proof and commitment/linker hashes.

Parameters

amount

U128

The amount of SOL to deposit into the mixer pool.

destinationAddress

SolanaAddress

The Solana address where withdrawn funds should ultimately be sent.

index

U256

opts

Optional transaction handling mode (see remarks).

mode

"signed"

Returns

Promise<[U256, SolanaAddress, U128, VersionedTransaction]>

Depending on the mode, a tuple [index, relayerPublicKey, claimableBalance, value] where:

• index is the U256 nullifier index used to derive the random secret and nullifier.
• relayerPublicKey is the SolanaAddress of the randomly selected relayer used for this deposit.
• claimableBalance is the Amount that can be claimed after deducting relayer fees and commission fees.
• value is either a transaction signature, a forwarded result of type T, or a prepared/signed VersionedTransaction.

Remarks

This method:

• Ensures the Arcium-encrypted user account is initialised, active, and has a registered master viewing key.
• Uses either a caller-provided index or a freshly sampled random index and derives:
  • A random secret via UmbraWallet.generateRandomSecret
  • A nullifier via UmbraWallet.generateNullifier
• Computes an inner commitment binding the random secret, nullifier, net deposit amount, master viewing key, and destination address.
• Computes a time-based linker hash via UmbraWallet.generateLinkerHashForDepositsIntoMixerPool.
• Generates a Groth16 proof using the configured IZkProver.
• Builds a deposit_into_mixer_pool_sol instruction targeting a randomly selected relayer.

The behavior is controlled by the mode option:

• Default / 'forwarder' Signs the transaction with the client's umbraWallet and forwards it via txForwarder, returning the generic type T. This is the recommended mode when using a relayer.

• 'connection' Signs the transaction with the client's umbraWallet and sends it directly via connectionBasedForwarder, returning a SolanaTransactionSignature.

• 'signed' Signs with the client's umbraWallet and returns the signed VersionedTransaction without sending it. Use this when you want to control submission yourself.

• 'prepared' Returns an unsigned VersionedTransaction with fee payer and recent blockhash populated. Use this when the signing key is external but you still want the client to prepare the transaction.

• 'raw' Returns an unsigned VersionedTransaction built only from the instructions, with a placeholder blockhash. No real fee payer / blockhash setup is performed, and the caller is expected to update the message before signing and sending.

If the user's Arcium-encrypted account cannot be fetched, it is treated as uninitialised and the account checks (initialised / active / registered master viewing key) will fail with explicit UmbraClientErrors.

Throws

UmbraClientError

• If no Umbra wallet has been configured on the client.
• If no ZK prover has been configured on the client.
• If the user's account is not initialised, not active, or has not registered a master viewing key.
• If no transaction forwarder is configured when using 'forwarder' mode.

Examples

// Basic usage with a randomly derived index and default 'forwarder' mode.
const signatureOrResult = await client.depositPublicallyIntoMixerPoolSol(
  amount,
  destinationAddress,
);

// Usage with a fixed index for reproducible commitments / proofs.
const index: U256 = /* obtain index */;
const tx = await client.depositPublicallyIntoMixerPoolSol(
  amount,
  destinationAddress,
  index,
  { mode: 'signed' },
);

Call Signature

depositPublicallyIntoMixerPoolSol(amount, destinationAddress, opts): Promise<[U256, SolanaAddress, U128, VersionedTransaction]>

Defined in: src/client/umbra-client.ts:1551

Deposits SOL publicly into the Umbra mixer pool via a relayer, generating the required zero-knowledge proof and commitment/linker hashes.

Parameters

amount

U128

The amount of SOL to deposit into the mixer pool.

destinationAddress

SolanaAddress

The Solana address where withdrawn funds should ultimately be sent.

opts

Optional transaction handling mode (see remarks).

mode

"prepared"

Returns

Promise<[U256, SolanaAddress, U128, VersionedTransaction]>

Depending on the mode, a tuple [index, relayerPublicKey, claimableBalance, value] where:

• index is the U256 nullifier index used to derive the random secret and nullifier.
• relayerPublicKey is the SolanaAddress of the randomly selected relayer used for this deposit.
• claimableBalance is the Amount that can be claimed after deducting relayer fees and commission fees.
• value is either a transaction signature, a forwarded result of type T, or a prepared/signed VersionedTransaction.

Remarks

This method:

• Ensures the Arcium-encrypted user account is initialised, active, and has a registered master viewing key.
• Uses either a caller-provided index or a freshly sampled random index and derives:
  • A random secret via UmbraWallet.generateRandomSecret
  • A nullifier via UmbraWallet.generateNullifier
• Computes an inner commitment binding the random secret, nullifier, net deposit amount, master viewing key, and destination address.
• Computes a time-based linker hash via UmbraWallet.generateLinkerHashForDepositsIntoMixerPool.
• Generates a Groth16 proof using the configured IZkProver.
• Builds a deposit_into_mixer_pool_sol instruction targeting a randomly selected relayer.

The behavior is controlled by the mode option:

• Default / 'forwarder' Signs the transaction with the client's umbraWallet and forwards it via txForwarder, returning the generic type T. This is the recommended mode when using a relayer.

• 'connection' Signs the transaction with the client's umbraWallet and sends it directly via connectionBasedForwarder, returning a SolanaTransactionSignature.

• 'signed' Signs with the client's umbraWallet and returns the signed VersionedTransaction without sending it. Use this when you want to control submission yourself.

• 'prepared' Returns an unsigned VersionedTransaction with fee payer and recent blockhash populated. Use this when the signing key is external but you still want the client to prepare the transaction.

• 'raw' Returns an unsigned VersionedTransaction built only from the instructions, with a placeholder blockhash. No real fee payer / blockhash setup is performed, and the caller is expected to update the message before signing and sending.

If the user's Arcium-encrypted account cannot be fetched, it is treated as uninitialised and the account checks (initialised / active / registered master viewing key) will fail with explicit UmbraClientErrors.

Throws

UmbraClientError

• If no Umbra wallet has been configured on the client.
• If no ZK prover has been configured on the client.
• If the user's account is not initialised, not active, or has not registered a master viewing key.
• If no transaction forwarder is configured when using 'forwarder' mode.

Examples

// Basic usage with a randomly derived index and default 'forwarder' mode.
const signatureOrResult = await client.depositPublicallyIntoMixerPoolSol(
  amount,
  destinationAddress,
);

// Usage with a fixed index for reproducible commitments / proofs.
const index: U256 = /* obtain index */;
const tx = await client.depositPublicallyIntoMixerPoolSol(
  amount,
  destinationAddress,
  index,
  { mode: 'signed' },
);

Call Signature

depositPublicallyIntoMixerPoolSol(amount, destinationAddress, index, opts): Promise<[U256, SolanaAddress, U128, VersionedTransaction]>

Defined in: src/client/umbra-client.ts:1556

Deposits SOL publicly into the Umbra mixer pool via a relayer, generating the required zero-knowledge proof and commitment/linker hashes.

Parameters

amount

U128

The amount of SOL to deposit into the mixer pool.

destinationAddress

SolanaAddress

The Solana address where withdrawn funds should ultimately be sent.

index

U256

opts

Optional transaction handling mode (see remarks).

mode

"prepared"

Returns

Promise<[U256, SolanaAddress, U128, VersionedTransaction]>

Depending on the mode, a tuple [index, relayerPublicKey, claimableBalance, value] where:

• index is the U256 nullifier index used to derive the random secret and nullifier.
• relayerPublicKey is the SolanaAddress of the randomly selected relayer used for this deposit.
• claimableBalance is the Amount that can be claimed after deducting relayer fees and commission fees.
• value is either a transaction signature, a forwarded result of type T, or a prepared/signed VersionedTransaction.

Remarks

This method:

• Ensures the Arcium-encrypted user account is initialised, active, and has a registered master viewing key.
• Uses either a caller-provided index or a freshly sampled random index and derives:
  • A random secret via UmbraWallet.generateRandomSecret
  • A nullifier via UmbraWallet.generateNullifier
• Computes an inner commitment binding the random secret, nullifier, net deposit amount, master viewing key, and destination address.
• Computes a time-based linker hash via UmbraWallet.generateLinkerHashForDepositsIntoMixerPool.
• Generates a Groth16 proof using the configured IZkProver.
• Builds a deposit_into_mixer_pool_sol instruction targeting a randomly selected relayer.

The behavior is controlled by the mode option:

• Default / 'forwarder' Signs the transaction with the client's umbraWallet and forwards it via txForwarder, returning the generic type T. This is the recommended mode when using a relayer.

• 'connection' Signs the transaction with the client's umbraWallet and sends it directly via connectionBasedForwarder, returning a SolanaTransactionSignature.

• 'signed' Signs with the client's umbraWallet and returns the signed VersionedTransaction without sending it. Use this when you want to control submission yourself.

• 'prepared' Returns an unsigned VersionedTransaction with fee payer and recent blockhash populated. Use this when the signing key is external but you still want the client to prepare the transaction.

• 'raw' Returns an unsigned VersionedTransaction built only from the instructions, with a placeholder blockhash. No real fee payer / blockhash setup is performed, and the caller is expected to update the message before signing and sending.

If the user's Arcium-encrypted account cannot be fetched, it is treated as uninitialised and the account checks (initialised / active / registered master viewing key) will fail with explicit UmbraClientErrors.

Throws

UmbraClientError

• If no Umbra wallet has been configured on the client.
• If no ZK prover has been configured on the client.
• If the user's account is not initialised, not active, or has not registered a master viewing key.
• If no transaction forwarder is configured when using 'forwarder' mode.

Examples

// Basic usage with a randomly derived index and default 'forwarder' mode.
const signatureOrResult = await client.depositPublicallyIntoMixerPoolSol(
  amount,
  destinationAddress,
);

// Usage with a fixed index for reproducible commitments / proofs.
const index: U256 = /* obtain index */;
const tx = await client.depositPublicallyIntoMixerPoolSol(
  amount,
  destinationAddress,
  index,
  { mode: 'signed' },
);

Call Signature

depositPublicallyIntoMixerPoolSol(amount, destinationAddress, index, opts): Promise<[U256, SolanaAddress, U128, VersionedTransaction]>

Defined in: src/client/umbra-client.ts:1562

Deposits SOL publicly into the Umbra mixer pool via a relayer, generating the required zero-knowledge proof and commitment/linker hashes.

Parameters

amount

U128

The amount of SOL to deposit into the mixer pool.

destinationAddress

SolanaAddress

The Solana address where withdrawn funds should ultimately be sent.

index

U256

opts

Optional transaction handling mode (see remarks).

mode

"raw"

Returns

Promise<[U256, SolanaAddress, U128, VersionedTransaction]>

Depending on the mode, a tuple [index, relayerPublicKey, claimableBalance, value] where:

• index is the U256 nullifier index used to derive the random secret and nullifier.
• relayerPublicKey is the SolanaAddress of the randomly selected relayer used for this deposit.
• claimableBalance is the Amount that can be claimed after deducting relayer fees and commission fees.
• value is either a transaction signature, a forwarded result of type T, or a prepared/signed VersionedTransaction.

Remarks

This method:

• Ensures the Arcium-encrypted user account is initialised, active, and has a registered master viewing key.
• Uses either a caller-provided index or a freshly sampled random index and derives:
  • A random secret via UmbraWallet.generateRandomSecret
  • A nullifier via UmbraWallet.generateNullifier
• Computes an inner commitment binding the random secret, nullifier, net deposit amount, master viewing key, and destination address.
• Computes a time-based linker hash via UmbraWallet.generateLinkerHashForDepositsIntoMixerPool.
• Generates a Groth16 proof using the configured IZkProver.
• Builds a deposit_into_mixer_pool_sol instruction targeting a randomly selected relayer.

The behavior is controlled by the mode option:

• Default / 'forwarder' Signs the transaction with the client's umbraWallet and forwards it via txForwarder, returning the generic type T. This is the recommended mode when using a relayer.

• 'connection' Signs the transaction with the client's umbraWallet and sends it directly via connectionBasedForwarder, returning a SolanaTransactionSignature.

• 'signed' Signs with the client's umbraWallet and returns the signed VersionedTransaction without sending it. Use this when you want to control submission yourself.

• 'prepared' Returns an unsigned VersionedTransaction with fee payer and recent blockhash populated. Use this when the signing key is external but you still want the client to prepare the transaction.

• 'raw' Returns an unsigned VersionedTransaction built only from the instructions, with a placeholder blockhash. No real fee payer / blockhash setup is performed, and the caller is expected to update the message before signing and sending.

If the user's Arcium-encrypted account cannot be fetched, it is treated as uninitialised and the account checks (initialised / active / registered master viewing key) will fail with explicit UmbraClientErrors.

Throws

UmbraClientError

• If no Umbra wallet has been configured on the client.
• If no ZK prover has been configured on the client.
• If the user's account is not initialised, not active, or has not registered a master viewing key.
• If no transaction forwarder is configured when using 'forwarder' mode.

Examples

// Basic usage with a randomly derived index and default 'forwarder' mode.
const signatureOrResult = await client.depositPublicallyIntoMixerPoolSol(
  amount,
  destinationAddress,
);

// Usage with a fixed index for reproducible commitments / proofs.
const index: U256 = /* obtain index */;
const tx = await client.depositPublicallyIntoMixerPoolSol(
  amount,
  destinationAddress,
  index,
  { mode: 'signed' },
);

Call Signature

depositPublicallyIntoMixerPoolSol(amount, destinationAddress, opts): Promise<[U256, SolanaAddress, U128, VersionedTransaction]>

Defined in: src/client/umbra-client.ts:1568

Deposits SOL publicly into the Umbra mixer pool via a relayer, generating the required zero-knowledge proof and commitment/linker hashes.

Parameters

amount

U128

The amount of SOL to deposit into the mixer pool.

destinationAddress

SolanaAddress

The Solana address where withdrawn funds should ultimately be sent.

opts

Optional transaction handling mode (see remarks).

mode

"raw"

Returns

Promise<[U256, SolanaAddress, U128, VersionedTransaction]>

Depending on the mode, a tuple [index, relayerPublicKey, claimableBalance, value] where:

• index is the U256 nullifier index used to derive the random secret and nullifier.
• relayerPublicKey is the SolanaAddress of the randomly selected relayer used for this deposit.
• claimableBalance is the Amount that can be claimed after deducting relayer fees and commission fees.
• value is either a transaction signature, a forwarded result of type T, or a prepared/signed VersionedTransaction.

Remarks

This method:

• Ensures the Arcium-encrypted user account is initialised, active, and has a registered master viewing key.
• Uses either a caller-provided index or a freshly sampled random index and derives:
  • A random secret via UmbraWallet.generateRandomSecret
  • A nullifier via UmbraWallet.generateNullifier
• Computes an inner commitment binding the random secret, nullifier, net deposit amount, master viewing key, and destination address.
• Computes a time-based linker hash via UmbraWallet.generateLinkerHashForDepositsIntoMixerPool.
• Generates a Groth16 proof using the configured IZkProver.
• Builds a deposit_into_mixer_pool_sol instruction targeting a randomly selected relayer.

The behavior is controlled by the mode option:

• Default / 'forwarder' Signs the transaction with the client's umbraWallet and forwards it via txForwarder, returning the generic type T. This is the recommended mode when using a relayer.

• 'connection' Signs the transaction with the client's umbraWallet and sends it directly via connectionBasedForwarder, returning a SolanaTransactionSignature.

• 'signed' Signs with the client's umbraWallet and returns the signed VersionedTransaction without sending it. Use this when you want to control submission yourself.

• 'prepared' Returns an unsigned VersionedTransaction with fee payer and recent blockhash populated. Use this when the signing key is external but you still want the client to prepare the transaction.

• 'raw' Returns an unsigned VersionedTransaction built only from the instructions, with a placeholder blockhash. No real fee payer / blockhash setup is performed, and the caller is expected to update the message before signing and sending.

If the user's Arcium-encrypted account cannot be fetched, it is treated as uninitialised and the account checks (initialised / active / registered master viewing key) will fail with explicit UmbraClientErrors.

Throws

UmbraClientError

• If no Umbra wallet has been configured on the client.
• If no ZK prover has been configured on the client.
• If the user's account is not initialised, not active, or has not registered a master viewing key.
• If no transaction forwarder is configured when using 'forwarder' mode.

Examples

// Basic usage with a randomly derived index and default 'forwarder' mode.
const signatureOrResult = await client.depositPublicallyIntoMixerPoolSol(
  amount,
  destinationAddress,
);

// Usage with a fixed index for reproducible commitments / proofs.
const index: U256 = /* obtain index */;
const tx = await client.depositPublicallyIntoMixerPoolSol(
  amount,
  destinationAddress,
  index,
  { mode: 'signed' },
);

depositPublicallyIntoMixerPoolSpl()

Call Signature

depositPublicallyIntoMixerPoolSpl(amount, destinationAddress, mintAddress): Promise<[U256, SolanaAddress, U128, string]>

Defined in: src/client/umbra-client.ts:1861

Deposits SPL tokens publicly into the Umbra mixer pool via a relayer, generating the required zero-knowledge proof and commitment/linker hashes.

Parameters

amount

U128

The amount of SPL tokens to deposit into the mixer pool.

destinationAddress

SolanaAddress

The Solana address where withdrawn funds should ultimately be sent.

mintAddress

MintAddress

The SPL token mint address being deposited.

Returns

Promise<[U256, SolanaAddress, U128, string]>

Depending on the mode, a tuple [index, relayerPublicKey, claimableBalance, value] where:

• index is the U256 nullifier index used to derive the random secret and nullifier.
• relayerPublicKey is the SolanaAddress of the randomly selected relayer used for this deposit.
• claimableBalance is the Amount that can be claimed after deducting commission fees (relayer fees are paid separately from WSOL for SPL deposits).
• value is either a transaction signature, a forwarded result of type T, or a prepared/signed VersionedTransaction.

Remarks

This method mirrors depositPublicallyIntoMixerPoolSol but operates on SPL tokens. The key differences are:

• Commission fees are subtracted directly from the deposited SPL amount, ensuring the on-chain commitment reflects the post-commission value.
• Relayer fees are paid out of the user's wrapped SOL (WSOL) balance when the transaction is forwarded, so the SPL amount only accounts for commission deductions.

Internally, it:

• Ensures the Arcium-encrypted user account is initialised, active, and has a registered master viewing key.
• Uses either a caller-provided index or a freshly sampled random index and derives:
  • A random secret via UmbraWallet.generateRandomSecret
  • A nullifier via UmbraWallet.generateNullifier
• Computes an inner commitment binding the random secret, nullifier, deposit amount, master viewing key, and destination address.
• Computes a time-based linker hash via UmbraWallet.generateLinkerHashForDepositsIntoMixerPool.
• Generates a Groth16 proof using the configured IZkProver.
• Builds a deposit_into_mixer_pool_spl instruction targeting a randomly selected relayer.

The behavior is controlled by the mode option in the same way as depositPublicallyIntoMixerPoolSol.

Examples

// Basic SPL deposit with a randomly derived index and default 'forwarder' mode.
const result = await client.depositPublicallyIntoMixerPoolSpl(
  amount,
  destinationAddress,
  splMintAddress,
);

// SPL deposit with a fixed index and a prepared transaction.
const index: U256 = /* obtain index */;
const tx = await client.depositPublicallyIntoMixerPoolSpl(
  amount,
  destinationAddress,
  splMintAddress,
  index,
  { mode: 'prepared' },
);

Call Signature

depositPublicallyIntoMixerPoolSpl(amount, destinationAddress, mintAddress, index): Promise<[U256, SolanaAddress, U128, string]>

Defined in: src/client/umbra-client.ts:1866

Deposits SPL tokens publicly into the Umbra mixer pool via a relayer, generating the required zero-knowledge proof and commitment/linker hashes.

Parameters

amount

U128

The amount of SPL tokens to deposit into the mixer pool.

destinationAddress

SolanaAddress

The Solana address where withdrawn funds should ultimately be sent.

mintAddress

MintAddress

The SPL token mint address being deposited.

index

U256

Returns

Promise<[U256, SolanaAddress, U128, string]>

Depending on the mode, a tuple [index, relayerPublicKey, claimableBalance, value] where:

• index is the U256 nullifier index used to derive the random secret and nullifier.
• relayerPublicKey is the SolanaAddress of the randomly selected relayer used for this deposit.
• claimableBalance is the Amount that can be claimed after deducting commission fees (relayer fees are paid separately from WSOL for SPL deposits).
• value is either a transaction signature, a forwarded result of type T, or a prepared/signed VersionedTransaction.

Remarks

This method mirrors depositPublicallyIntoMixerPoolSol but operates on SPL tokens. The key differences are:

• Commission fees are subtracted directly from the deposited SPL amount, ensuring the on-chain commitment reflects the post-commission value.
• Relayer fees are paid out of the user's wrapped SOL (WSOL) balance when the transaction is forwarded, so the SPL amount only accounts for commission deductions.

Internally, it:

• Ensures the Arcium-encrypted user account is initialised, active, and has a registered master viewing key.
• Uses either a caller-provided index or a freshly sampled random index and derives:
  • A random secret via UmbraWallet.generateRandomSecret
  • A nullifier via UmbraWallet.generateNullifier
• Computes an inner commitment binding the random secret, nullifier, deposit amount, master viewing key, and destination address.
• Computes a time-based linker hash via UmbraWallet.generateLinkerHashForDepositsIntoMixerPool.
• Generates a Groth16 proof using the configured IZkProver.
• Builds a deposit_into_mixer_pool_spl instruction targeting a randomly selected relayer.

The behavior is controlled by the mode option in the same way as depositPublicallyIntoMixerPoolSol.

Examples

// Basic SPL deposit with a randomly derived index and default 'forwarder' mode.
const result = await client.depositPublicallyIntoMixerPoolSpl(
  amount,
  destinationAddress,
  splMintAddress,
);

// SPL deposit with a fixed index and a prepared transaction.
const index: U256 = /* obtain index */;
const tx = await client.depositPublicallyIntoMixerPoolSpl(
  amount,
  destinationAddress,
  splMintAddress,
  index,
  { mode: 'prepared' },
);

Call Signature

depositPublicallyIntoMixerPoolSpl(amount, destinationAddress, mintAddress, opts): Promise<[U256, SolanaAddress, U128, string]>

Defined in: src/client/umbra-client.ts:1872

Deposits SPL tokens publicly into the Umbra mixer pool via a relayer, generating the required zero-knowledge proof and commitment/linker hashes.

Parameters

amount

U128

The amount of SPL tokens to deposit into the mixer pool.

destinationAddress

SolanaAddress

The Solana address where withdrawn funds should ultimately be sent.

mintAddress

MintAddress

The SPL token mint address being deposited.

opts

mode

"connection"

Returns

Promise<[U256, SolanaAddress, U128, string]>

Depending on the mode, a tuple [index, relayerPublicKey, claimableBalance, value] where:

• index is the U256 nullifier index used to derive the random secret and nullifier.
• relayerPublicKey is the SolanaAddress of the randomly selected relayer used for this deposit.
• claimableBalance is the Amount that can be claimed after deducting commission fees (relayer fees are paid separately from WSOL for SPL deposits).
• value is either a transaction signature, a forwarded result of type T, or a prepared/signed VersionedTransaction.

Remarks

This method mirrors depositPublicallyIntoMixerPoolSol but operates on SPL tokens. The key differences are:

• Commission fees are subtracted directly from the deposited SPL amount, ensuring the on-chain commitment reflects the post-commission value.
• Relayer fees are paid out of the user's wrapped SOL (WSOL) balance when the transaction is forwarded, so the SPL amount only accounts for commission deductions.

Internally, it:

• Ensures the Arcium-encrypted user account is initialised, active, and has a registered master viewing key.
• Uses either a caller-provided index or a freshly sampled random index and derives:
  • A random secret via UmbraWallet.generateRandomSecret
  • A nullifier via UmbraWallet.generateNullifier
• Computes an inner commitment binding the random secret, nullifier, deposit amount, master viewing key, and destination address.
• Computes a time-based linker hash via UmbraWallet.generateLinkerHashForDepositsIntoMixerPool.
• Generates a Groth16 proof using the configured IZkProver.
• Builds a deposit_into_mixer_pool_spl instruction targeting a randomly selected relayer.

The behavior is controlled by the mode option in the same way as depositPublicallyIntoMixerPoolSol.

Examples

// Basic SPL deposit with a randomly derived index and default 'forwarder' mode.
const result = await client.depositPublicallyIntoMixerPoolSpl(
  amount,
  destinationAddress,
  splMintAddress,
);

// SPL deposit with a fixed index and a prepared transaction.
const index: U256 = /* obtain index */;
const tx = await client.depositPublicallyIntoMixerPoolSpl(
  amount,
  destinationAddress,
  splMintAddress,
  index,
  { mode: 'prepared' },
);

Call Signature

depositPublicallyIntoMixerPoolSpl(amount, destinationAddress, mintAddress, index, opts): Promise<[U256, SolanaAddress, U128, string]>

Defined in: src/client/umbra-client.ts:1878

Deposits SPL tokens publicly into the Umbra mixer pool via a relayer, generating the required zero-knowledge proof and commitment/linker hashes.

Parameters

amount

U128

The amount of SPL tokens to deposit into the mixer pool.

destinationAddress

SolanaAddress

The Solana address where withdrawn funds should ultimately be sent.

mintAddress

MintAddress

The SPL token mint address being deposited.

index

U256

opts

mode

"connection"

Returns

Promise<[U256, SolanaAddress, U128, string]>

Depending on the mode, a tuple [index, relayerPublicKey, claimableBalance, value] where:

• index is the U256 nullifier index used to derive the random secret and nullifier.
• relayerPublicKey is the SolanaAddress of the randomly selected relayer used for this deposit.
• claimableBalance is the Amount that can be claimed after deducting commission fees (relayer fees are paid separately from WSOL for SPL deposits).
• value is either a transaction signature, a forwarded result of type T, or a prepared/signed VersionedTransaction.

Remarks

This method mirrors depositPublicallyIntoMixerPoolSol but operates on SPL tokens. The key differences are:

• Commission fees are subtracted directly from the deposited SPL amount, ensuring the on-chain commitment reflects the post-commission value.
• Relayer fees are paid out of the user's wrapped SOL (WSOL) balance when the transaction is forwarded, so the SPL amount only accounts for commission deductions.

Internally, it:

• Ensures the Arcium-encrypted user account is initialised, active, and has a registered master viewing key.
• Uses either a caller-provided index or a freshly sampled random index and derives:
  • A random secret via UmbraWallet.generateRandomSecret
  • A nullifier via UmbraWallet.generateNullifier
• Computes an inner commitment binding the random secret, nullifier, deposit amount, master viewing key, and destination address.
• Computes a time-based linker hash via UmbraWallet.generateLinkerHashForDepositsIntoMixerPool.
• Generates a Groth16 proof using the configured IZkProver.
• Builds a deposit_into_mixer_pool_spl instruction targeting a randomly selected relayer.

The behavior is controlled by the mode option in the same way as depositPublicallyIntoMixerPoolSol.

Examples

// Basic SPL deposit with a randomly derived index and default 'forwarder' mode.
const result = await client.depositPublicallyIntoMixerPoolSpl(
  amount,
  destinationAddress,
  splMintAddress,
);

// SPL deposit with a fixed index and a prepared transaction.
const index: U256 = /* obtain index */;
const tx = await client.depositPublicallyIntoMixerPoolSpl(
  amount,
  destinationAddress,
  splMintAddress,
  index,
  { mode: 'prepared' },
);

Call Signature

depositPublicallyIntoMixerPoolSpl(amount, destinationAddress, mintAddress, opts): Promise<[U256, SolanaAddress, U128, T]>

Defined in: src/client/umbra-client.ts:1885

Deposits SPL tokens publicly into the Umbra mixer pool via a relayer, generating the required zero-knowledge proof and commitment/linker hashes.

Parameters

amount

U128

The amount of SPL tokens to deposit into the mixer pool.

destinationAddress

SolanaAddress

The Solana address where withdrawn funds should ultimately be sent.

mintAddress

MintAddress

The SPL token mint address being deposited.

opts

mode

"forwarder"

Returns

Promise<[U256, SolanaAddress, U128, T]>

Depending on the mode, a tuple [index, relayerPublicKey, claimableBalance, value] where:

• index is the U256 nullifier index used to derive the random secret and nullifier.
• relayerPublicKey is the SolanaAddress of the randomly selected relayer used for this deposit.
• claimableBalance is the Amount that can be claimed after deducting commission fees (relayer fees are paid separately from WSOL for SPL deposits).
• value is either a transaction signature, a forwarded result of type T, or a prepared/signed VersionedTransaction.

Remarks

This method mirrors depositPublicallyIntoMixerPoolSol but operates on SPL tokens. The key differences are:

• Commission fees are subtracted directly from the deposited SPL amount, ensuring the on-chain commitment reflects the post-commission value.
• Relayer fees are paid out of the user's wrapped SOL (WSOL) balance when the transaction is forwarded, so the SPL amount only accounts for commission deductions.

Internally, it:

• Ensures the Arcium-encrypted user account is initialised, active, and has a registered master viewing key.
• Uses either a caller-provided index or a freshly sampled random index and derives:
  • A random secret via UmbraWallet.generateRandomSecret
  • A nullifier via UmbraWallet.generateNullifier
• Computes an inner commitment binding the random secret, nullifier, deposit amount, master viewing key, and destination address.
• Computes a time-based linker hash via UmbraWallet.generateLinkerHashForDepositsIntoMixerPool.
• Generates a Groth16 proof using the configured IZkProver.
• Builds a deposit_into_mixer_pool_spl instruction targeting a randomly selected relayer.

The behavior is controlled by the mode option in the same way as depositPublicallyIntoMixerPoolSol.

Examples

// Basic SPL deposit with a randomly derived index and default 'forwarder' mode.
const result = await client.depositPublicallyIntoMixerPoolSpl(
  amount,
  destinationAddress,
  splMintAddress,
);

// SPL deposit with a fixed index and a prepared transaction.
const index: U256 = /* obtain index */;
const tx = await client.depositPublicallyIntoMixerPoolSpl(
  amount,
  destinationAddress,
  splMintAddress,
  index,
  { mode: 'prepared' },
);

Call Signature

depositPublicallyIntoMixerPoolSpl(amount, destinationAddress, mintAddress, index, opts): Promise<[U256, SolanaAddress, U128, T]>

Defined in: src/client/umbra-client.ts:1891

Deposits SPL tokens publicly into the Umbra mixer pool via a relayer, generating the required zero-knowledge proof and commitment/linker hashes.

Parameters

amount

U128

The amount of SPL tokens to deposit into the mixer pool.

destinationAddress

SolanaAddress

The Solana address where withdrawn funds should ultimately be sent.

mintAddress

MintAddress

The SPL token mint address being deposited.

index

U256

opts

mode

"forwarder"

Returns

Promise<[U256, SolanaAddress, U128, T]>

Depending on the mode, a tuple [index, relayerPublicKey, claimableBalance, value] where:

• index is the U256 nullifier index used to derive the random secret and nullifier.
• relayerPublicKey is the SolanaAddress of the randomly selected relayer used for this deposit.
• claimableBalance is the Amount that can be claimed after deducting commission fees (relayer fees are paid separately from WSOL for SPL deposits).
• value is either a transaction signature, a forwarded result of type T, or a prepared/signed VersionedTransaction.

Remarks

This method mirrors depositPublicallyIntoMixerPoolSol but operates on SPL tokens. The key differences are:

• Commission fees are subtracted directly from the deposited SPL amount, ensuring the on-chain commitment reflects the post-commission value.
• Relayer fees are paid out of the user's wrapped SOL (WSOL) balance when the transaction is forwarded, so the SPL amount only accounts for commission deductions.

Internally, it:

• Ensures the Arcium-encrypted user account is initialised, active, and has a registered master viewing key.
• Uses either a caller-provided index or a freshly sampled random index and derives:
  • A random secret via UmbraWallet.generateRandomSecret
  • A nullifier via UmbraWallet.generateNullifier
• Computes an inner commitment binding the random secret, nullifier, deposit amount, master viewing key, and destination address.
• Computes a time-based linker hash via UmbraWallet.generateLinkerHashForDepositsIntoMixerPool.
• Generates a Groth16 proof using the configured IZkProver.
• Builds a deposit_into_mixer_pool_spl instruction targeting a randomly selected relayer.

The behavior is controlled by the mode option in the same way as depositPublicallyIntoMixerPoolSol.

Examples

// Basic SPL deposit with a randomly derived index and default 'forwarder' mode.
const result = await client.depositPublicallyIntoMixerPoolSpl(
  amount,
  destinationAddress,
  splMintAddress,
);

// SPL deposit with a fixed index and a prepared transaction.
const index: U256 = /* obtain index */;
const tx = await client.depositPublicallyIntoMixerPoolSpl(
  amount,
  destinationAddress,
  splMintAddress,
  index,
  { mode: 'prepared' },
);

Call Signature

depositPublicallyIntoMixerPoolSpl(amount, destinationAddress, mintAddress, opts): Promise<[U256, SolanaAddress, U128, VersionedTransaction]>

Defined in: src/client/umbra-client.ts:1898

Deposits SPL tokens publicly into the Umbra mixer pool via a relayer, generating the required zero-knowledge proof and commitment/linker hashes.

Parameters

amount

U128

The amount of SPL tokens to deposit into the mixer pool.

destinationAddress

SolanaAddress

The Solana address where withdrawn funds should ultimately be sent.

mintAddress

MintAddress

The SPL token mint address being deposited.

opts

mode

"signed"

Returns

Promise<[U256, SolanaAddress, U128, VersionedTransaction]>

Depending on the mode, a tuple [index, relayerPublicKey, claimableBalance, value] where:

• index is the U256 nullifier index used to derive the random secret and nullifier.
• relayerPublicKey is the SolanaAddress of the randomly selected relayer used for this deposit.
• claimableBalance is the Amount that can be claimed after deducting commission fees (relayer fees are paid separately from WSOL for SPL deposits).
• value is either a transaction signature, a forwarded result of type T, or a prepared/signed VersionedTransaction.

Remarks

This method mirrors depositPublicallyIntoMixerPoolSol but operates on SPL tokens. The key differences are:

• Commission fees are subtracted directly from the deposited SPL amount, ensuring the on-chain commitment reflects the post-commission value.
• Relayer fees are paid out of the user's wrapped SOL (WSOL) balance when the transaction is forwarded, so the SPL amount only accounts for commission deductions.

Internally, it:

• Ensures the Arcium-encrypted user account is initialised, active, and has a registered master viewing key.
• Uses either a caller-provided index or a freshly sampled random index and derives:
  • A random secret via UmbraWallet.generateRandomSecret
  • A nullifier via UmbraWallet.generateNullifier
• Computes an inner commitment binding the random secret, nullifier, deposit amount, master viewing key, and destination address.
• Computes a time-based linker hash via UmbraWallet.generateLinkerHashForDepositsIntoMixerPool.
• Generates a Groth16 proof using the configured IZkProver.
• Builds a deposit_into_mixer_pool_spl instruction targeting a randomly selected relayer.

The behavior is controlled by the mode option in the same way as depositPublicallyIntoMixerPoolSol.

Examples

// Basic SPL deposit with a randomly derived index and default 'forwarder' mode.
const result = await client.depositPublicallyIntoMixerPoolSpl(
  amount,
  destinationAddress,
  splMintAddress,
);

// SPL deposit with a fixed index and a prepared transaction.
const index: U256 = /* obtain index */;
const tx = await client.depositPublicallyIntoMixerPoolSpl(
  amount,
  destinationAddress,
  splMintAddress,
  index,
  { mode: 'prepared' },
);

Call Signature

depositPublicallyIntoMixerPoolSpl(amount, destinationAddress, mintAddress, index, opts): Promise<[U256, SolanaAddress, U128, VersionedTransaction]>

Defined in: src/client/umbra-client.ts:1904

Deposits SPL tokens publicly into the Umbra mixer pool via a relayer, generating the required zero-knowledge proof and commitment/linker hashes.

Parameters

amount

U128

The amount of SPL tokens to deposit into the mixer pool.

destinationAddress

SolanaAddress

The Solana address where withdrawn funds should ultimately be sent.

mintAddress

MintAddress

The SPL token mint address being deposited.

index

U256

opts

mode

"signed"

Returns

Promise<[U256, SolanaAddress, U128, VersionedTransaction]>

Depending on the mode, a tuple [index, relayerPublicKey, claimableBalance, value] where:

• index is the U256 nullifier index used to derive the random secret and nullifier.
• relayerPublicKey is the SolanaAddress of the randomly selected relayer used for this deposit.
• claimableBalance is the Amount that can be claimed after deducting commission fees (relayer fees are paid separately from WSOL for SPL deposits).
• value is either a transaction signature, a forwarded result of type T, or a prepared/signed VersionedTransaction.

Remarks

This method mirrors depositPublicallyIntoMixerPoolSol but operates on SPL tokens. The key differences are:

• Commission fees are subtracted directly from the deposited SPL amount, ensuring the on-chain commitment reflects the post-commission value.
• Relayer fees are paid out of the user's wrapped SOL (WSOL) balance when the transaction is forwarded, so the SPL amount only accounts for commission deductions.

Internally, it:

• Ensures the Arcium-encrypted user account is initialised, active, and has a registered master viewing key.
• Uses either a caller-provided index or a freshly sampled random index and derives:
  • A random secret via UmbraWallet.generateRandomSecret
  • A nullifier via UmbraWallet.generateNullifier
• Computes an inner commitment binding the random secret, nullifier, deposit amount, master viewing key, and destination address.
• Computes a time-based linker hash via UmbraWallet.generateLinkerHashForDepositsIntoMixerPool.
• Generates a Groth16 proof using the configured IZkProver.
• Builds a deposit_into_mixer_pool_spl instruction targeting a randomly selected relayer.

The behavior is controlled by the mode option in the same way as depositPublicallyIntoMixerPoolSol.

Examples

// Basic SPL deposit with a randomly derived index and default 'forwarder' mode.
const result = await client.depositPublicallyIntoMixerPoolSpl(
  amount,
  destinationAddress,
  splMintAddress,
);

// SPL deposit with a fixed index and a prepared transaction.
const index: U256 = /* obtain index */;
const tx = await client.depositPublicallyIntoMixerPoolSpl(
  amount,
  destinationAddress,
  splMintAddress,
  index,
  { mode: 'prepared' },
);

Call Signature

depositPublicallyIntoMixerPoolSpl(amount, destinationAddress, mintAddress, opts): Promise<[U256, SolanaAddress, U128, VersionedTransaction]>

Defined in: src/client/umbra-client.ts:1911

Deposits SPL tokens publicly into the Umbra mixer pool via a relayer, generating the required zero-knowledge proof and commitment/linker hashes.

Parameters

amount

U128

The amount of SPL tokens to deposit into the mixer pool.

destinationAddress

SolanaAddress

The Solana address where withdrawn funds should ultimately be sent.

mintAddress

MintAddress

The SPL token mint address being deposited.

opts

mode

"prepared"

Returns

Promise<[U256, SolanaAddress, U128, VersionedTransaction]>

Depending on the mode, a tuple [index, relayerPublicKey, claimableBalance, value] where:

• index is the U256 nullifier index used to derive the random secret and nullifier.
• relayerPublicKey is the SolanaAddress of the randomly selected relayer used for this deposit.
• claimableBalance is the Amount that can be claimed after deducting commission fees (relayer fees are paid separately from WSOL for SPL deposits).
• value is either a transaction signature, a forwarded result of type T, or a prepared/signed VersionedTransaction.

Remarks

This method mirrors depositPublicallyIntoMixerPoolSol but operates on SPL tokens. The key differences are:

• Commission fees are subtracted directly from the deposited SPL amount, ensuring the on-chain commitment reflects the post-commission value.
• Relayer fees are paid out of the user's wrapped SOL (WSOL) balance when the transaction is forwarded, so the SPL amount only accounts for commission deductions.

Internally, it:

• Ensures the Arcium-encrypted user account is initialised, active, and has a registered master viewing key.
• Uses either a caller-provided index or a freshly sampled random index and derives:
  • A random secret via UmbraWallet.generateRandomSecret
  • A nullifier via UmbraWallet.generateNullifier
• Computes an inner commitment binding the random secret, nullifier, deposit amount, master viewing key, and destination address.
• Computes a time-based linker hash via UmbraWallet.generateLinkerHashForDepositsIntoMixerPool.
• Generates a Groth16 proof using the configured IZkProver.
• Builds a deposit_into_mixer_pool_spl instruction targeting a randomly selected relayer.

The behavior is controlled by the mode option in the same way as depositPublicallyIntoMixerPoolSol.

Examples

// Basic SPL deposit with a randomly derived index and default 'forwarder' mode.
const result = await client.depositPublicallyIntoMixerPoolSpl(
  amount,
  destinationAddress,
  splMintAddress,
);

// SPL deposit with a fixed index and a prepared transaction.
const index: U256 = /* obtain index */;
const tx = await client.depositPublicallyIntoMixerPoolSpl(
  amount,
  destinationAddress,
  splMintAddress,
  index,
  { mode: 'prepared' },
);

Call Signature

depositPublicallyIntoMixerPoolSpl(amount, destinationAddress, mintAddress, index, opts): Promise<[U256, SolanaAddress, U128, VersionedTransaction]>

Defined in: src/client/umbra-client.ts:1917

Deposits SPL tokens publicly into the Umbra mixer pool via a relayer, generating the required zero-knowledge proof and commitment/linker hashes.

Parameters

amount

U128

The amount of SPL tokens to deposit into the mixer pool.

destinationAddress

SolanaAddress

The Solana address where withdrawn funds should ultimately be sent.

mintAddress

MintAddress

The SPL token mint address being deposited.

index

U256

opts

mode

"prepared"

Returns

Promise<[U256, SolanaAddress, U128, VersionedTransaction]>

Depending on the mode, a tuple [index, relayerPublicKey, claimableBalance, value] where:

• index is the U256 nullifier index used to derive the random secret and nullifier.
• relayerPublicKey is the SolanaAddress of the randomly selected relayer used for this deposit.
• claimableBalance is the Amount that can be claimed after deducting commission fees (relayer fees are paid separately from WSOL for SPL deposits).
• value is either a transaction signature, a forwarded result of type T, or a prepared/signed VersionedTransaction.

Remarks

This method mirrors depositPublicallyIntoMixerPoolSol but operates on SPL tokens. The key differences are:

• Commission fees are subtracted directly from the deposited SPL amount, ensuring the on-chain commitment reflects the post-commission value.
• Relayer fees are paid out of the user's wrapped SOL (WSOL) balance when the transaction is forwarded, so the SPL amount only accounts for commission deductions.

Internally, it:

• Ensures the Arcium-encrypted user account is initialised, active, and has a registered master viewing key.
• Uses either a caller-provided index or a freshly sampled random index and derives:
  • A random secret via UmbraWallet.generateRandomSecret
  • A nullifier via UmbraWallet.generateNullifier
• Computes an inner commitment binding the random secret, nullifier, deposit amount, master viewing key, and destination address.
• Computes a time-based linker hash via UmbraWallet.generateLinkerHashForDepositsIntoMixerPool.
• Generates a Groth16 proof using the configured IZkProver.
• Builds a deposit_into_mixer_pool_spl instruction targeting a randomly selected relayer.

The behavior is controlled by the mode option in the same way as depositPublicallyIntoMixerPoolSol.

Examples

// Basic SPL deposit with a randomly derived index and default 'forwarder' mode.
const result = await client.depositPublicallyIntoMixerPoolSpl(
  amount,
  destinationAddress,
  splMintAddress,
);

// SPL deposit with a fixed index and a prepared transaction.
const index: U256 = /* obtain index */;
const tx = await client.depositPublicallyIntoMixerPoolSpl(
  amount,
  destinationAddress,
  splMintAddress,
  index,
  { mode: 'prepared' },
);

Call Signature

depositPublicallyIntoMixerPoolSpl(amount, destinationAddress, mintAddress, index, opts): Promise<[U256, SolanaAddress, U128, VersionedTransaction]>

Defined in: src/client/umbra-client.ts:1924

Deposits SPL tokens publicly into the Umbra mixer pool via a relayer, generating the required zero-knowledge proof and commitment/linker hashes.

Parameters

amount

U128

The amount of SPL tokens to deposit into the mixer pool.

destinationAddress

SolanaAddress

The Solana address where withdrawn funds should ultimately be sent.

mintAddress

MintAddress

The SPL token mint address being deposited.

index

U256

opts

mode

"raw"

Returns

Promise<[U256, SolanaAddress, U128, VersionedTransaction]>

Depending on the mode, a tuple [index, relayerPublicKey, claimableBalance, value] where:

• index is the U256 nullifier index used to derive the random secret and nullifier.
• relayerPublicKey is the SolanaAddress of the randomly selected relayer used for this deposit.
• claimableBalance is the Amount that can be claimed after deducting commission fees (relayer fees are paid separately from WSOL for SPL deposits).
• value is either a transaction signature, a forwarded result of type T, or a prepared/signed VersionedTransaction.

Remarks

This method mirrors depositPublicallyIntoMixerPoolSol but operates on SPL tokens. The key differences are:

• Commission fees are subtracted directly from the deposited SPL amount, ensuring the on-chain commitment reflects the post-commission value.
• Relayer fees are paid out of the user's wrapped SOL (WSOL) balance when the transaction is forwarded, so the SPL amount only accounts for commission deductions.

Internally, it:

• Ensures the Arcium-encrypted user account is initialised, active, and has a registered master viewing key.
• Uses either a caller-provided index or a freshly sampled random index and derives:
  • A random secret via UmbraWallet.generateRandomSecret
  • A nullifier via UmbraWallet.generateNullifier
• Computes an inner commitment binding the random secret, nullifier, deposit amount, master viewing key, and destination address.
• Computes a time-based linker hash via UmbraWallet.generateLinkerHashForDepositsIntoMixerPool.
• Generates a Groth16 proof using the configured IZkProver.
• Builds a deposit_into_mixer_pool_spl instruction targeting a randomly selected relayer.

The behavior is controlled by the mode option in the same way as depositPublicallyIntoMixerPoolSol.

Examples

// Basic SPL deposit with a randomly derived index and default 'forwarder' mode.
const result = await client.depositPublicallyIntoMixerPoolSpl(
  amount,
  destinationAddress,
  splMintAddress,
);

// SPL deposit with a fixed index and a prepared transaction.
const index: U256 = /* obtain index */;
const tx = await client.depositPublicallyIntoMixerPoolSpl(
  amount,
  destinationAddress,
  splMintAddress,
  index,
  { mode: 'prepared' },
);

Call Signature

depositPublicallyIntoMixerPoolSpl(amount, destinationAddress, mintAddress, opts): Promise<[U256, SolanaAddress, U128, VersionedTransaction]>

Defined in: src/client/umbra-client.ts:1931

Deposits SPL tokens publicly into the Umbra mixer pool via a relayer, generating the required zero-knowledge proof and commitment/linker hashes.

Parameters

amount

U128

The amount of SPL tokens to deposit into the mixer pool.

destinationAddress

SolanaAddress

The Solana address where withdrawn funds should ultimately be sent.

mintAddress

MintAddress

The SPL token mint address being deposited.

opts

mode

"raw"

Returns

Promise<[U256, SolanaAddress, U128, VersionedTransaction]>

Depending on the mode, a tuple [index, relayerPublicKey, claimableBalance, value] where:

• index is the U256 nullifier index used to derive the random secret and nullifier.
• relayerPublicKey is the SolanaAddress of the randomly selected relayer used for this deposit.
• claimableBalance is the Amount that can be claimed after deducting commission fees (relayer fees are paid separately from WSOL for SPL deposits).
• value is either a transaction signature, a forwarded result of type T, or a prepared/signed VersionedTransaction.

Remarks

This method mirrors depositPublicallyIntoMixerPoolSol but operates on SPL tokens. The key differences are:

• Commission fees are subtracted directly from the deposited SPL amount, ensuring the on-chain commitment reflects the post-commission value.
• Relayer fees are paid out of the user's wrapped SOL (WSOL) balance when the transaction is forwarded, so the SPL amount only accounts for commission deductions.

Internally, it:

• Ensures the Arcium-encrypted user account is initialised, active, and has a registered master viewing key.
• Uses either a caller-provided index or a freshly sampled random index and derives:
  • A random secret via UmbraWallet.generateRandomSecret
  • A nullifier via UmbraWallet.generateNullifier
• Computes an inner commitment binding the random secret, nullifier, deposit amount, master viewing key, and destination address.
• Computes a time-based linker hash via UmbraWallet.generateLinkerHashForDepositsIntoMixerPool.
• Generates a Groth16 proof using the configured IZkProver.
• Builds a deposit_into_mixer_pool_spl instruction targeting a randomly selected relayer.

The behavior is controlled by the mode option in the same way as depositPublicallyIntoMixerPoolSol.

Examples

// Basic SPL deposit with a randomly derived index and default 'forwarder' mode.
const result = await client.depositPublicallyIntoMixerPoolSpl(
  amount,
  destinationAddress,
  splMintAddress,
);

// SPL deposit with a fixed index and a prepared transaction.
const index: U256 = /* obtain index */;
const tx = await client.depositPublicallyIntoMixerPoolSpl(
  amount,
  destinationAddress,
  splMintAddress,
  index,
  { mode: 'prepared' },
);

generateEphemeralArciumX25519PublicKey()

generateEphemeralArciumX25519PublicKey(index): object

Defined in: src/client/umbra-client.ts:3898

Generates an ephemeral X25519 key pair deterministically from a master viewing key and index.

Parameters

index

U256

A 256-bit unsigned integer used as an index for key pair derivation. Different index values will produce different key pairs.

Returns

object

An object containing:

• x25519PrivateKey: The derived X25519 secret key (32 bytes)
• x25519PublicKey: The corresponding X25519 public key (32 bytes)

x25519PrivateKey

x25519PrivateKey: ArciumX25519SecretKey

x25519PublicKey

x25519PublicKey: ArciumX25519PublicKey

Remarks

This method derives a unique ephemeral X25519 key pair for each index value using a two-step KMAC256-based key derivation process:

1. First, it derives a domain-separated seed from the master viewing key using the domain separator "Umbra Privacy - Ephemeral Arcium X25519 Public Key Seed"
2. Then, it derives the final ephemeral X25519 secret key seed by hashing the index with the domain-separated seed
3. The derived seed (first 32 bytes) is used directly as the X25519 private key
4. The corresponding public key is computed using X25519 scalar multiplication

The resulting key pair is deterministic: the same master viewing key and index will always produce the same X25519 key pair. This enables applications to generate ephemeral X25519 keys for privacy-preserving operations (such as establishing Rescue cipher shared secrets) without storing them explicitly.

Requirements:

• An Umbra wallet must be set on the client via setUmbraWallet
• The wallet must have a valid master viewing key

Use Cases: Ephemeral X25519 key pairs are commonly used for:

• Establishing temporary encrypted communication channels
• Creating one-time Rescue cipher instances for specific operations
• Privacy-preserving key exchange protocols

Throws

UmbraClientError When:

• No Umbra wallet is set on the client (umbraWallet is undefined)
• The wallet's master viewing key is undefined or invalid
• Key derivation fails (e.g., due to cryptographic operation errors)
• X25519 key pair generation fails (e.g., due to invalid key material)

Example

const client = UmbraClient.create('https://api.mainnet-beta.solana.com');
await client.setUmbraWallet(signer);

// Generate an ephemeral X25519 key pair for index 0
const { x25519PrivateKey, x25519PublicKey } = client.generateEphemeralArciumX25519PublicKey(0n);

// Use the public key to establish a Rescue cipher with another party
const cipher = RescueCipher.fromX25519Pair(x25519PrivateKey, otherPartyPublicKey);

// Generate a different key pair for index 1
const keyPair1 = client.generateEphemeralArciumX25519PublicKey(1n);

// The same index will always produce the same key pair
const keyPair0Again = client.generateEphemeralArciumX25519PublicKey(0n);
// Compare public keys byte-by-byte
const keysMatch = keyPair0Again.x25519PublicKey.every(
  (byte, i) => byte === x25519PublicKey[i]
);
console.log(keysMatch); // true

generateEphemeralKeypair()

generateEphemeralKeypair(index): Keypair

Defined in: src/client/umbra-client.ts:3799

Generates an ephemeral Solana keypair deterministically from a master viewing key and index.

Parameters

index

U256

A 256-bit unsigned integer used as an index for keypair derivation. Different index values will produce different keypairs.

Returns

Keypair

A Solana Keypair instance derived from the master viewing key and index

Remarks

This method derives a unique ephemeral keypair for each index value using a two-step KMAC256-based key derivation process:

1. First, it derives a domain-separated seed from the master viewing key using the domain separator "Umbra Privacy - Ephemeral Keypair Seed"
2. Then, it derives the final ephemeral keypair seed by hashing the index with the domain-separated seed

The resulting keypair is deterministic: the same master viewing key and index will always produce the same keypair. This enables applications to generate ephemeral keypairs for privacy-preserving operations without storing them explicitly.

Requirements:

• An Umbra wallet must be set on the client via setUmbraWallet
• The wallet must have a valid master viewing key

Throws

UmbraClientError When:

• No Umbra wallet is set on the client (umbraWallet is undefined)
• The wallet's master viewing key is undefined or invalid
• Key derivation fails (e.g., due to cryptographic operation errors)
• Keypair creation fails (e.g., due to invalid seed length or format)

Example

const client = UmbraClient.create('https://api.mainnet-beta.solana.com');
await client.setUmbraWallet(signer);

// Generate an ephemeral keypair for index 0
const keypair0 = client.generateEphemeralKeypair(0n);

// Generate a different ephemeral keypair for index 1
const keypair1 = client.generateEphemeralKeypair(1n);

// The same index will always produce the same keypair
const keypair0Again = client.generateEphemeralKeypair(0n);
console.log(keypair0.publicKey.equals(keypair0Again.publicKey)); // true

getEncryptedTokenBalance()

Call Signature

getEncryptedTokenBalance(mint): Promise<U128>

Defined in: src/client/umbra-client.ts:1278

Returns the decrypted balance of the user's Arcium-encrypted SPL token account.

Parameters

mint

MintAddress

The SPL token mint address whose encrypted balance should be queried.

Returns

Promise<U128>

The decrypted token balance as an Amount.

Remarks

This method:

• Derives the Arcium-encrypted token account PDA for the current user and the given mint.
• Fetches the on-chain encrypted token account data.
• Decrypts the encrypted balance using the Umbra wallet's MXE Rescue cipher.

If the encrypted token account does not exist on-chain (for example, the user has never held this token), the fetch will fail and this method will return a zero balance (0n cast to Amount) instead of throwing.

When called with multiple mints (array overload), this method uses a single fetchMultiple call under the hood and returns a Map from MintAddress to decrypted Amount. Any mint whose encrypted account is missing or malformed will be mapped to a zero balance.

Throws

UmbraClientError

• If no Umbra wallet has been configured on the client.
• If the Arcium-encrypted token account PDA cannot be derived (single-mint overload).
• If the Rescue cipher for MXE_ARCIUM_X25519_PUBLIC_KEY is not available.
• If the encrypted balance or nonce are missing or malformed (single-mint overload).
• If decryption succeeds but returns an unexpected result (single-mint overload).

Examples

// Assume `client` has been created and configured with an Umbra wallet.
const usdcMint: MintAddress = /* obtain SPL token mint address */;

const balance = await client.getEncryptedTokenBalance(usdcMint);
console.log(`Decrypted USDC balance: ${balance.toString()}`);

const [usdcMint, usdtMint]: MintAddress[] = [/* ... */, /* ... */];
const balances = await client.getEncryptedTokenBalance([usdcMint, usdtMint]);

console.log(balances.get(usdcMint)?.toString()); // e.g. "1000000"
console.log(balances.get(usdtMint)?.toString()); // "0" if no account exists

Call Signature

getEncryptedTokenBalance(mints): Promise<Map<MintAddress, U128>>

Defined in: src/client/umbra-client.ts:1279

Returns the decrypted balance of the user's Arcium-encrypted SPL token account.

Parameters

mints

MintAddress[]

Returns

Promise<Map<MintAddress, U128>>

The decrypted token balance as an Amount.

Remarks

This method:

• Derives the Arcium-encrypted token account PDA for the current user and the given mint.
• Fetches the on-chain encrypted token account data.
• Decrypts the encrypted balance using the Umbra wallet's MXE Rescue cipher.

If the encrypted token account does not exist on-chain (for example, the user has never held this token), the fetch will fail and this method will return a zero balance (0n cast to Amount) instead of throwing.

When called with multiple mints (array overload), this method uses a single fetchMultiple call under the hood and returns a Map from MintAddress to decrypted Amount. Any mint whose encrypted account is missing or malformed will be mapped to a zero balance.

Throws

UmbraClientError

• If no Umbra wallet has been configured on the client.
• If the Arcium-encrypted token account PDA cannot be derived (single-mint overload).
• If the Rescue cipher for MXE_ARCIUM_X25519_PUBLIC_KEY is not available.
• If the encrypted balance or nonce are missing or malformed (single-mint overload).
• If decryption succeeds but returns an unexpected result (single-mint overload).

Examples

// Assume `client` has been created and configured with an Umbra wallet.
const usdcMint: MintAddress = /* obtain SPL token mint address */;

const balance = await client.getEncryptedTokenBalance(usdcMint);
console.log(`Decrypted USDC balance: ${balance.toString()}`);

const [usdcMint, usdtMint]: MintAddress[] = [/* ... */, /* ... */];
const balances = await client.getEncryptedTokenBalance([usdcMint, usdtMint]);

console.log(balances.get(usdcMint)?.toString()); // e.g. "1000000"
console.log(balances.get(usdtMint)?.toString()); // "0" if no account exists

initialiseMasterWalletSpecifier()

initialiseMasterWalletSpecifier(allowedAddress): Promise<string>

Defined in: src/client/umbra-client.ts:2582

Initialises the master wallet specifier, configuring which address is allowed to act as the "master" wallet for protocol‑level operations.

Parameters

allowedAddress

SolanaAddress

The SolanaAddress that will be authorised as the master wallet.

Returns

Promise<string>

A SolanaTransactionSignature for the submitted initialisation transaction.

Remarks

This helper builds and submits a single initialise_master_wallet_specifier instruction using the client's UmbraWallet signer as both:

• The payer (fee‑payer for the transaction), and
• The protocol signer for the master wallet specifier initialisation.

The method will throw if:

• No Umbra wallet has been configured on the client.
• The latest blockhash cannot be fetched from the network.
• Transaction signing fails.
• Forwarding the transaction via connectionBasedForwarder fails.

Example

const masterWalletAddress: SolanaAddress = /* obtain address */;
const txSig = await client.initialiseMasterWalletSpecifier(masterWalletAddress);
console.log('Initialise master wallet specifier tx:', txSig);

initialiseMixerPool()

initialiseMixerPool(mintAddress, optionalData): Promise<string>

Defined in: src/client/umbra-client.ts:3014

Initialises the on-chain mixer pool for a given SPL mint.

Parameters

mintAddress

MintAddress

The SPL MintAddress whose mixer pool should be initialised.

optionalData

U256LeBytes

Optional Sha3Hash used to attach additional metadata.

Returns

Promise<string>

A SolanaTransactionSignature for the mixer pool initialisation tx.

Remarks

This helper:

• Uses the client's UmbraWallet signer as the payer and protocol signer.
• Builds an initialise_mixer_pool instruction for the specified mint.
• Fetches a recent blockhash, signs the transaction, and forwards it via connectionBasedForwarder.

It will throw if:

• No Umbra wallet has been configured on the client.
• The latest blockhash cannot be fetched.
• Transaction signing fails.
• Forwarding the transaction fails.

Example

const txSig = await client.initialiseMixerPool(
  someMintAddress,
  someOptionalDataSha3Hash,
);
console.log('Initialise mixer pool tx:', txSig);

initialiseProgramInformation()

initialiseProgramInformation(minimumNumberOfTransactions, riskThreshold, optionalData): Promise<string>

Defined in: src/client/umbra-client.ts:2513

Initialises or updates global program‑level information for the Umbra protocol.

Parameters

minimumNumberOfTransactions

U128

Minimum number of transactions required for certain protocol‑level compliance checks (branded as NumberOfTransactions).

riskThreshold

RiskThreshold

Risk threshold configuration used by the protocol (branded as RiskThreshold).

optionalData

U256LeBytes

Optional SHA‑3 hash for attaching additional metadata to the initialisation, branded as Sha3Hash.

Returns

Promise<string>

A SolanaTransactionSignature for the submitted initialisation transaction.

Remarks

This helper builds and sends a single initialise_program_information instruction via the client's connectionBasedForwarder. It:

• Uses the client's UmbraWallet signer as both the payer and protocol signer.
• Fetches a recent blockhash from the underlying Connection.
• Signs the resulting VersionedTransaction with the UmbraWallet.

The method will throw if:

• No Umbra wallet has been configured on the client.
• The latest blockhash cannot be fetched from the network.
• Transaction signing fails.
• Forwarding the transaction via connectionBasedForwarder fails.

Example

const txSig = await client.initialiseProgramInformation(
  100n as NumberOfTransactions,
  someRiskThreshold,
  someOptionalDataSha3Hash,
);
console.log('Initialise program information tx:', txSig);

initialisePublicCommissionFeesPool()

initialisePublicCommissionFeesPool(mintAddress, instructionSeed, accountOffset): Promise<string>

Defined in: src/client/umbra-client.ts:2872

Initialises a public commission fees pool account for a given SPL mint and account offset.

Parameters

mintAddress

MintAddress

The SPL MintAddress whose public commission fees pool should be initialised.

instructionSeed

U16

The InstructionSeed used for deriving the pool PDA.

accountOffset

U16

The AccountOffset identifying the specific commission pool.

Returns

Promise<string>

A SolanaTransactionSignature for the public commission fees pool initialisation tx.

Remarks

This helper:

• Uses the client's UmbraWallet signer as the payer and protocol signer.
• Builds an initialise_public_commission_fees instruction via the instruction builder.
• Fetches a recent blockhash, signs the transaction, and forwards it using connectionBasedForwarder.

It will throw if:

• No Umbra wallet has been configured on the client.
• The latest blockhash cannot be fetched.
• Transaction signing fails.
• Forwarding the transaction fails.

Example

const txSig = await client.initialisePublicCommissionFeesPool(
  someMintAddress,
  1 as InstructionSeed,
  someAccountOffset,
);
console.log('Initialise public commission fees pool tx:', txSig);

initialiseRelayerAccount()

initialiseRelayerAccount(mintAddress, endpoint): Promise<string>

Defined in: src/client/umbra-client.ts:2726

Initialises a relayer account for a given SPL mint and endpoint.

Parameters

mintAddress

MintAddress

The SPL MintAddress that this relayer will serve.

endpoint

U256LeBytes

A Sha3Hash identifying or committing to the relayer's endpoint (e.g. URL or service identifier).

Returns

Promise<string>

A SolanaTransactionSignature for the submitted relayer initialisation transaction.

Remarks

This helper:

• Uses the client's UmbraWallet signer as the relayer authority and fee payer.
• Builds a single initialise_relayer_account instruction for the specified mintAddress.
• Fetches a recent blockhash from the underlying Connection.
• Signs and forwards the resulting VersionedTransaction.