BitShade Pro

A non-custodial privacy-preserving bridge for Bitcoin to Starknet

Comment

💡 Inspiration

We wanted to make Bitcoin more useful — not just something you hold, but something you can actually use in DeFi. Most Bitcoin bridges today are risky or controlled by middlemen. You lose control of your funds, and privacy is gone. So we built BitShade-Pro — a private Bitcoin-to-Starknet bridge that keeps everything in your hands. It’s trustless, private, and all the logic runs right in your browser.

⚙️ What it does

BitShade-Pro lets anyone move BTC value into Starknet without a custodian or central bridge.

  • You deposit Bitcoin (see demo), and it creates a private “note.”
  • These notes are added to a Merkle tree, so you can prove ownership later without revealing who you are.
  • You can withdraw by proving your note exists — and the system prevents double-spending using nullifiers.
  • Everything stays private, and your wallet can be backed up securely with encrypted files. In simple terms: it’s a private, verifiable bridge between Bitcoin and Starknet.

🛠️ How we built it

We built a Merkle proof generator, a visual inspector, and an encrypted backup system. On-chain, on the backend side, we designed three Cairo 1.0 contracts:

  • ERC20_wSTRK.cairo — a wrapped STRK token that represents BTC on Starknet.
  • MerkleRegistry.cairo — stores Merkle roots and helps verify inclusion proofs.
  • Bridge.cairo — manages deposits, withdrawals, and proof verification.

The UI has two modes — Beginner and Advanced — so both new users and developers can explore how the privacy layer works.

We used the Web Crypto API to handle real cryptographic operations:

  • SHA-256 for hashing notes and tree leaves.
  • AES-GCM + PBKDF2 for password-based encryption, so users can safely export and import encrypted backups. Every deposit creates a unique note (a string that combines a secret, a hash, and an amount). These notes act like private keys for each UTXO, giving users full control of their funds.

When users deposit, their note becomes a leaf in a Merkle tree. The app calculates the Merkle root live in the browser and stores it. When users withdraw, a Merkle proof is built to confirm that their note exists in the tree — without exposing which one it was. We also generate a nullifier (a one-time hash) to prevent any double spending.

🚧 Challenges we ran into

  • Making privacy tools easy for beginners to understand.
  • Implementing AES-GCM and PBKDF2 encryption directly without bugs.
  • Keeping the UI smooth while rendering real Merkle tree updates.
  • Designing a frontend that matches real on-chain logic, for live contracts.

🏆 Accomplishments we’re proud of

  • Built a full working prototype that’s private, secure, and interactive.
  • Created working Cairo contracts for the bridge logic.
  • Designed a clean, futuristic UI that clearly explains cryptographic steps.
  • Made the system ready for integration with Glock (Alpen) — Starknet’s trust-minimized BTC verifier.
  • Most of all, we made complex blockchain privacy understandable.

📚 What we learned

  • Privacy and usability must go hand in hand.
  • Starknet’s ecosystem is ready for Bitcoin-scale applications.
  • A good user experience is just as important as strong cryptography.

🚀 What’s next for BitShade-Pro

  • Add Paymaster support for gasless transactions.
  • Connect to Starknet.js and Noir SDK for L2 execution.
  • Release a public BitShade Alpha where users can try private BTC transfers.
  • Work with Starknet and Alpen teams to make this bridge production-ready.

✨ Final note

BitShade-Pro shows how Bitcoin can finally join DeFi — safely, privately, and without trusting anyone.

Built for privacy. Powered by Starknet.

Built With

  • aes-gcm
  • alpen
  • cairo
  • glock
  • noir
  • pbkdf2
  • sha-256
  • starknet
  • zk-proof
Share this project:

Updates