Onboarding steps for zkFi pay testnet

# Onboarding steps for zkFi pay testnet - For testnet website [link](https://v1-interface-nvn.vercel.app/) - To check whole user flow of zkFi Pay check this [link](https://drive.google.com/file/d/1qS0SrSh2kXG6zYdmjZ1a7TU5oiyziC8D/view?usp=sharing) After coming to Dashboard for first time you have to deposit token. to check whole user flow check this link > **Pre-requisite:** - **Install Metamask Flask Wallet** - Since zkFi uses Metamask Snaps you need to install Metamask flask. zkFi Snap is still in development phase so you specifically need to install Metamask Flask and set-up by following steps: - We highly recommend first creating a different browser profile before installing Flask version of Metamask to avoid conflict with production version of Metamask. Steps for Chrome: Use Chrome with multiple profiles - Then, install Metamask Flask by following the instructions on its website: https://metamask.io/flask/ ![metamask snap@4x.png](https://hackmd.io/_uploads/HyKQKNUQ6.png) **Add Polygon Mumbai testnet** - Test version of zkFi is deployed on polygon mumbai. So you need to add the same network in your Metamask wallet. - Go to https://chainlist.org/ and check the box - “Include Testnets”. ![chainlist@4x.png](https://hackmd.io/_uploads/B1VrFELmp.png) - Search for “mumbai” and hit “Add to metamask” after connecting wallet. - Approve the shown prompt to add new network ![approve@4x.png](https://hackmd.io/_uploads/B1dNFV87T.png) **Get test tokens** - Now you need some test MATIC tokens to play with. You can get some from faucets like [Paradigm Faucet](https://faucet.paradigm.xyz/), [Polygon Faucet](https://faucet.polygon.technology/) or [Alchemy Faucet](https://mumbaifaucet.com/). Follow the instructions on any of these to get test tokens delivered to your provided address. --- > **Onboarding to zkFi** Now you’re ready to explore zkFi Wallet.check following [link](https://v1-interface-nvn.vercel.app/) for testnet website - Open zkFi wallet in your browser where you set up your Metamask Flask wallet in previous instructions. - Hit “Connect Wallet” button. A prompt will appear to connect your wallet. Approve it. ![home@4x.png](https://hackmd.io/_uploads/BkHvYE8ma.png) - After previous approval another “View Permission” prompt will appear. This asks for permission for view-access of Shielded Wallet. You implicitly have a Shielded Wallet for performing private transactions if you have an Ethereum account. Unlike normal Ethereum accounts, however, no one sees any information like the balance or transaction history of your Shielded Account. However, if you allow the access of the View key (“view-access”) of your transaction with any app or website it can access your transaction history or balance to show in its UI. ![sign@4x.png](https://hackmd.io/_uploads/Hy3FY48Qp.png) - Approve the view access. You’ll be redirected to the shielded wallet dashboard, where you can perform transactions with your shielded token balances. ![dashboard@4x.png](https://hackmd.io/_uploads/HJLoFNLm6.png) - You can also register you address so that others can look-up your shielded address by your normal ethereum or ENS to send to private funds. To do so, open drop-down popup from top righ corner. You’ll see. “Register Account” button if your shielded wallet is not already registered. - After coming to Dashboard for first time you have to deposit token. to check whole user flow check this [link](https://drive.google.com/file/d/1qS0SrSh2kXG6zYdmjZ1a7TU5oiyziC8D/view?usp=sharing) --- > **User Flow for zkFi Pay and Compliance:** - **Onboarding:** - The shielded account is the user's private wallet where transactions will be confidential. - The user creates a shielded account using their existing non-custodial wallet (e.g., Metamask) or through zkFi's non-custodial wallet. User will set up accounts or sign transactions using Metamask Snap instead of installing new wallet to their browser - **Shielded Account Setup:** - To set up a shielded account user has to sign up using an existing non-custodial wallet and save the shielded private key & view key separately although incase if user loses his/her shielded private key then they can recover it using the private key of their public wallet. - **Funding your shielded Account with Assets:** - To load a shielded account user can either transfer funds from a public account or from another shielded account to their shielded account. - If the user funds the shielded account from the public account then this deposit is visible on the blockchain as a transfer going from the account to the zkFi privacy pool contract. - **Making Private Transactions:** - once the shielded wallet is loaded, all subsequent transactions are private. - The process of initiating a private transaction is similar to how we normally send transactions by including the amount and recipient’s address. - **Receiving Private Transactions:** - We support a stealth address to enhance transaction privacy even further and to provide anonymity to zkfi users. (A stealth address is a one-time wallet address used to create anonymity for on-chain transactions.) Transactions sent to the stealth address remain confidential. - **Transaction History & Viewing Keys:** - Using the viewing key users can access their transaction history and account balance within the shielded account to selectively reveal transaction details. - **Understanding Compliance:** - We use the Selective De-anonymisation framework to prevent illicit activities within zkFi and monitor user activity where de-anonymization is possible even if the user is not volunteering to cooperate for compliance purposes. - There are guardians and revokers that are independent of multiple parties to control the private key for the de-anonymization process. Choice of guardian & revoker selection can be anything depending on the application. - **De-Anonymization Scenarios:** - Compliance checks may be triggered based on specific criteria. Transactions could be de-anonymized if they are associated with illicit activities. However, for law-abiding users, their privacy remains intact throughout their zkFi transactions. - Both private keys need to be used in conjunction to de-anonymize a deposit and withdrawal transaction. - When a request for de-anonymization is made by a revoker, the guardians act as a safeguard against unauthorized de-anonymization. It ensures that de-anonymization only occurs when law enforcement presents a valid warrant or court order. Without this legal authorization, the gatekeeper resists de-anonymization attempts, protecting user privacy. - Details of the transaction, including user addresses, are revealed only to the Revoker requesting de-anonymization. --- > **Real-time Example:** **Imagine a user, Alice, who wants to send 10 ETH privately using zkFi:** 1. Alice creates a shielded account using her existing Metamask wallet address on zkfi and loads it with 10 ETH from her public account. This transfer is publicly visible on the blockchain. 1. She initiates a private transaction to Bob, who also has a shielded account. 1. The transaction is sent to Bob's stealth address, ensuring utmost privacy. 1. Their transaction history remains confidential within the shielded account, and Alice can use her viewing key to selectively reveal details for taxation purposes or as and when required. 1. If Alice's account raises red flags due to unusual activity, the compliance mechanism might analyze her transactions. However, if her funds are clean, her privacy remains intact.