Umbra Reaches Phase One on Road to Mainnet

February 23, 2021 / Ben DiFrancesco

Umbra has reached another milestone in our journey to mainnet. Today, we shipped our Phase 1 release of the protocol to the Rinkeby testnet. This release lays the groundwork for Phase 2, which should be done sometime in March. In fact, the version shipped today includes some of the updates that were originally earmarked for the second phase.

Let’s not get ahead of ourselves, though. First, we need your help putting the Phase 1 testnet version through its paces! To do so, visit

Try out our Phase 1 Rinkeby release at

Try out our Phase 1 Rinkeby release at

We’d appreciate it if you’d go through the setup flow and give us some feedback on the experience. Once you have, tag us on Twitter at @UmbraCash with your Rinkeby ENS name, and we’ll use Umbra to send some testnet tokens or ETH your way. You can also try minting your own Rinkeby USDC or Dai and sending some to us at umbra-demo.eth (on Rinkeby testnet only).

Ok, so let’s discuss what’s included in today’s release, then we can review the remainder of the roadmap ahead.

Phase 1: Complete

In late 2020, we organized our remaining protocol development work into two Phases. While somewhat arbitrary, the phases gave us concrete milestones to aim for. Our Phase 1 milestones were focused on improvements to our encryption system.

First, we switched our encryption scheme to use XOR. This simple approach is more performant and reduces gas costs for Umbra transactions, yet it’s just as secure as more complex encryption algorithms given the way it's used by Umbra. We also reduced our entropy to 128 bits, which gave us 128 more bits leftover for "payload extensions." These free bytes add flexibility to the protocol, enabling 3rd party developers to transmit arbitrary encrypted data along with stealth transactions.

Next, we made improvements to the way key generation is done in the client. Taking a lesson from Loopring, zkSync, and other L2 providers, we now ask users to generate a key by signing a message with their existing Ethereum account. This means their stealth addresses remain secure as long as their Ethereum private key does. No extra key material needs to be backed up or kept safe. The updated frontend now automates the key generation process for a much smoother on-boarding experience.

Speaking of that updated frontend, it's worth noting that the app has been completely rewritten from the original hackathon version. The new frontend is written with Vue and Typescript, and leverages the Vue framework's Composition API. This gives us a solid frontend codebase to iterate on moving forward.

Phase 2: In Progress

In addition to hitting our Phase 1 milestones, today's release also includes portions of the work earmarked for Phase 2.  Having a head start on these tasks put us in a good position to ship the second phase sometime in March.

Our first Phase 2 goal is centered around name services. Thanks to some much appreciated help from Nick Johnson, this release includes a custom ENS resolver that allows the user to publish their stealth public keys more efficiently than the text record approach used in our alpha release.

Note that we said plural "keys." Umbra no longer uses a single public key for both encryption and fund withdrawal. Instad, today's release separates each user's viewing key from their spending key. This allows users— at their discretion— to grant a third party view access to their incoming stealth transactions. Users can do this without also granting the ability to also claim those funds.

What's left on the name services side? For one, we want to make it easier for users who don't yet have an ENS name to get set up for Umbra. This will include allowing users to claim an umbra.eth subdomain, rather than purchasing their own ENS name directly.

That reminds us, we're excited to say we now own umbra.eth! Special thanks to Twitter user @BeeCoalie, who was kind enough to donate it to the project.

In addition to rounding out the remaining ENS tasks, we're also working to add the same level of support for CNS. Many thanks to the team at Unstoppable Domains for their continued support and assistance!

Our second Phase 2 goal pertains to the token withdrawal system. In today's release, we include an update to our contracts for generalized meta-transaction withdrawal. Any user can withdraw on behalf of a stealth address owner, so long as they provide a signed message from the receiving stealth address. This allows any relayer system to plug into Umbra.

Today's release leverages this generalized method to integrate with OpenGSN, allowing us to relay “gasless” token withdrawal transactions to the tesntet. Our repo includes custom contracts for optimized integration with OpenGSN. While our final release will use a custom relayer— designed with some extra functionality for UX purposes— the generalized withdrawal method combined with OpenGSN makes it trivial for anyone in the ecosystem to spin up a relayer.

The remaining Phase 2 withdrawal work relates to post-withdrawal hooks. This feature will allow users to optionally specify on-chain actions to trigger atomically after tokens have been withdrawn from a stealth address. We expect these to be used by developers to build integrations with Umbra.

Audits and Roadmap

A security-first posture is one of ScopeLift's core cultural values. We don't take lightly building a product that will move real money for our users.

In late January, Umbra completed a security review with folks at Consensys Diligence. This process is far from a full audit. It's meant to serve only as a "spot check." This initial review revealed no glaring security issues, though the reviewer did have helpful feedback and pointed out areas for optimizations.

The spot check sets us up well to complete a full audit in the near future. Our plan is to have the smart contracts audited by Diligence the week of March 22nd. This means we'll freeze development on our smart contract code the week prior.

Concurrent with the audit, we'll be making all remaining updates to the frontend, and to umbra-js, our first party library that implements the cryptography scheme and provides helper methods for interacting with Umbra seamlessly. If all goes smoothly, we'll be ready for mainnet in late March or early April.

In addition to having the on-chain components audited prior to launch, we also intend to have umbra-js audited. The timeline for this is still pending, but as an off-chain component, there is less urgency.

Of course, all audit reports, whether completed before or after the mainnet launch, will be made publicly available for review.


The journey from hackathon project to mainnet protocol has been a long one so far. With today's Phase 1 testnet release, we now have a clear path forward to make it there soon. We want to reiterate our thanks to the many people and companies that have contributed, both with funding and expertise, to getting us this far. We're excited to complete the work of Phase 2, and to make it to mainnet sometime in the next 6-8 weeks.

If you want to follow along with our progress, you can join us on Telegram, watch our repo on GitHub.

We won’t use your email for anything other than updates about Umbra and its launch. We’ll never share it with third parties.

Thank you!