Skip to main content

Architectural Summary

CashmereLabs operates a dual-layer architecture that combines:
  • On-chain execution written in Solidity, Move, and Anchor to govern burn, attestation, mint, yield routing, and policy enforcement.
  • Autonomous relayers implemented in Go that handle pricing, attestation retrieval, compliance, and settlement orchestration across EVM and non-EVM networks.
Together, these layers deliver deterministic, zero-slippage mobility for stablecoins while powering autonomous yield, privacy-preserving settlement, and fiat ↔ crypto connectivity.

On-Chain Components

CashmereCCTP (EVM)

  • Verifies relayer-signed fee quotes (ECDSA).
  • Executes burns, emits verifiable events, and enforces minimum output guarantees.
  • Supports transfer, transferV2, and permit variants for gas-optimised execution.

Move / Anchor Modules (Sui, Aptos, Solana)

  • Mirror the burn → attest → mint lifecycle using Ed25519 signature schemes.
  • Integrate chain-native fee handling and deterministic finality.

Smart Account Infrastructure (ERC-4337)

Built on ERC-4337 account abstraction with specialised validator modules:
  • Smart Accounts: Users interact via programmable, non-custodial accounts.
  • Validator Modules: Authenticate relayer/yield-agent actions under cryptographic policies.
  • Session Keys: Grant scoped authority for bridging, yield allocation, or ramp transfers without exposing primary keys.
  • Programmable Policies: Enterprises define limits (e.g., max transfer size, approved protocols, scheduling windows).
This transforms static wallets into autonomous smart accounts—enabling safe delegation to agents while users retain full asset control.

Cross-Chain Execution Model

LayerDescription
EVM ChainsCashmereCCTP contracts handle native burn-and-mint execution with on-chain fee verification.
Non-EVM ChainsMove/Anchor modules and SDKs coordinate attestation-based mints with relayer support.
Unified Policy EngineEnforces compliance, minimum output guarantees, and routing rules on every transaction.

Autonomous Relayers

Relayers are stateless orchestration agents. They never custody user funds; instead they validate events, quote fees, and submit destination transactions.

Runtime Capabilities

  • Subscribe to burn events across supported chains.
  • Estimate fees using issuer feeds, on-chain gas data, and Cashmere policy limits.
  • Sign quotes (ECDSA/Ed25519) with ≈100-second expiries.
  • Retrieve and verify attestations from Circle CCTP, Tether USDT0, and future issuers.
  • Submit destination mints with nonce management and retry logic.
  • Enforce per-chain policy hooks (allowlist/denylist, AML checks).
  • Provide observability via Prometheus metrics, structured logging, and circuit breakers.

Execution Flow

  1. Detect Burn – listen for CashmereTransfer (or equivalent) events on the origin chain.
  2. Retrieve Attestation – fetch issuer proofs and validate signatures.
  3. Mint & Finalise – submit the destination mint, enforcing min finality thresholds (1,000 Fast / 2,000 Normal).
  4. Record & Monitor – persist transaction data and expose it through the Monitoring API for analytics.

Fee Quotation Pipeline

  • Clients call GET /getEcdsaSig_native or GET /getEd25519Sig_native.
  • Relayers compute destination gas, issuer cost, and policy-defined overhead.
  • Response includes fee, deadline, and signature.
  • Users embed these values when invoking on-chain contracts.
  • Quotes expire after ~100 seconds to keep pricing aligned with live network conditions.

Yield Agent Layer

On top of the transfer infrastructure, Cashmere deploys autonomous agents that turn idle stablecoins into self-optimising capital:
  • Continuous monitoring of APRs across integrated venues (Morpho, Euler, Jupiter).
  • Policy-driven allocation using user-approved session keys (no custody risk).
  • Cross-chain rebalancing via the same zero-slippage transfer fabric.
  • Transparent reporting and withdrawal optionality at all times.

Privacy & Compliance Layer

The forthcoming Cashmere Privacy module introduces zk-based settlement with optional selective disclosure:
  • Confidential transfers for users and DAOs.
  • Audit trails and disclosure hooks for regulated institutions.
  • Integration with policy engines to maintain KYC/AML compatibility.

Reliability & Security

MechanismPurpose
Trust minimisationCashmere never holds user funds; all mints/burns occur via issuer contracts.
Deterministic outputsGuaranteed minimum amounts remove MEV and sandwich risk.
Infrastructure hardeningDockerised, load-balanced relayers with automated failover and throttling.
Policy controlsAllowlist/denylist, rate limits, and compliance hooks per chain.
Non-custodial smart accountsAutomation executes via user-controlled accounts with programmable permissions.
For detailed contract interfaces and APIs, see Smart Contracts and Backend APIs.