Built for ETHOnline 2025

Transaction-BoundZero-Knowledge 2FA

The first TOTP wallet with cryptographically bound proofs. Each transaction requires a ZK proof tied to its exact parameters—making intercepted proofs useless for attackers.

Get Started View Source

Architecture Overview

Three-layer security architecture combining circuits, contracts, and frontend

Zero-Knowledge Circuits

Circom-based TOTP verification

Circuit File

totp_verifier.circom

Constraints

~1,200 R1CS

Proving System

Groth16

Smart Contracts

Solidity-based wallet implementation

Wallet Contract

TOTPWallet.sol

Verifier

TOTPVerifier.sol

Standard

ERC-4337

Frontend Interface

Next.js with Web3 integration

Framework

Next.js 15 + React 19

Web3 Library

Wagmi v2 + Viem

UI Components

shadcn/ui

Authentication Flow

From TOTP generation to on-chain verification

User Device

TOTP code generated locally from secret

123456

ZK Circuit

Proof generated without revealing secret

Smart Contract

On-chain verification without secret access

Transaction

Authorized and executed securely

Key Innovations

What makes ChronoVault different from other TOTP wallets

Transaction-Bound Proofs

Proofs are cryptographically tied to exact transaction parameters (to, value, data, nonce)

Two-Device QR Authentication

True 2FA with device separation—transaction device never sees the secret

One-Time Use Protection

Each time window (30 sec) can only be used once—prevents all replay attacks

Unlimited Lifespan

On-demand TOTP in ZK circuits—no pre-computation, no wallet expiration

ZK-Friendly Hashing

Poseidon hash (~1,200 constraints) vs SHA-1 (~40,000 constraints)

ERC-4337 Native

Smart contract wallet with programmable security and account abstraction

How It Works

Secure authentication without exposing secrets on-chain

Transaction Commitment Calculation

Frontend calculates commitment = hash(to, value, data, nonce) % FIELD_PRIME, binding proof to exact transaction parameters

Two-Device Proof Generation

Authenticator device scans QR, generates ZK proof with TOTP secret + commitment, displays proof as 3 auto-cycling QR codes

On-Chain Verification

Smart contract verifies proof's commitment matches actual transaction—changing any parameter invalidates the proof

One-Time Use + Execution

Time counter marked as used, preventing replay attacks. Transaction executes only after all verifications pass

Technology Stack

Built with cutting-edge Web3 and cryptographic technologies

Zero-Knowledge Circuits

Circom 2.2.1

snarkjs

Groth16 Proofs

Powers of Tau

Smart Contracts

Solidity 0.8.28

Hardhat 3.0

Viem

ERC-4337

Frontend

Next.js 15

React 19

Wagmi v2

Tailwind CSS

What Makes This Different?

Unlike existing TOTP wallet solutions that pre-compute and hash future codes into Merkle trees, ChronoVault implements the actual TOTP algorithm (RFC 6238) inside zero-knowledge circuits.

Eliminates need for client-side storage of authentication data

Removes vulnerability of brute-forcing pre-hashed values if client is compromised

Provides true cryptographic proof of secret knowledge rather than Merkle inclusion proofs

Combines usability of Google Authenticator with genuine zero-knowledge security