Skip to main content

Documentation Index

Fetch the complete documentation index at: https://docs.nacrelabs.xyz/llms.txt

Use this file to discover all available pages before exploring further.

Nacre launches as a 3-of-4 validator quorum with a custodial signer, and ships in phases toward full trust minimization. Every phase preserves two protocol guarantees: 1:1 PRL backing and the user’s 7-day emergency exit. This is the public roadmap. Each phase is an admin-authorized upgrade with appropriate timelocks; the protocol structure (Cold Reserve, validator quorum, aggregator pre-flight) is preserved across phases.

Phase 1: Launch · Custodial signer, validator quorum

Live at mainnet. The minimum viable bridge.
  • 1:1 PRL ↔ wPRL backing
  • 3-of-4 P-256 validator quorum signs every mint and burn
  • TEE-backed custody (Privy) translates the P-256 quorum into native Pearl secp256k1 and Solana ed25519 signatures
  • 7-day user emergency exit on every Deposit Address
  • 7-day admin-only Cold Reserve recovery (script-path leaf 0)
What this gets you today: PRL liquidity on Solana, secured by an independent quorum, with a guaranteed unilateral exit if anything goes wrong.

Phase 2: Self-custody · FROST removes the custodian

Target: post-launch upgrade. Validators stop relying on a third-party custodian. The 3-of-4 P-256 quorum is replaced by 3-of-4 FROST-secp256k1-tr threshold signing: validators hold their key shares directly and produce native Schnorr signatures collaboratively. What changes:
  • No more custodial layer. Pearl signatures are produced by FROST, Solana signatures by a parallel FROST-ed25519 (or hybrid) scheme.
  • One Cold Reserve rotation. The Cold Reserve is migrated to a new Taproot internal key derived from the FROST aggregate.
  • Aggregator role narrows. Becomes a FROST coordinator instead of a custody forwarder.
What stays the same: the user-facing flows, the 7-day exit, the admin’s script-path recovery, and the validator set.

Phase 3: Hardware attestation · FROST shares inside enclaves

Target: after FROST is stable in production. Every validator’s FROST share lives inside a remotely-attested TEE (Nitro Enclave, SGX, or equivalent). The share is unusable outside an attested enclave, even by the validator operator. What changes:
  • Each validator publishes a reproducibly-built enclave image; its PCR0 measurement is registered on-chain.
  • Every signing artifact carries an attestation document.
  • The Anchor program verifies the attestation root and PCR0 whitelist before accepting an attestation.
This raises the bar on validator compromise from “steal the key share” to “break the enclave AND match the PCR whitelist.”

Phase 4: ZK validation · Cryptographic proofs replace signatures

Target: long-horizon, in research alongside earlier phases. Validator signatures become redundant alongside cryptographic proofs. Three sub-paths, deployable independently or together:
  • zk-Pearl light client on Solana. Continuous header-chain proof verifies Pearl finality directly on Solana.
  • zk-SPV per deposit. Each deposit ships with a succinct proof of inclusion against the verified header chain.
  • zk-FROST proof of correct validator behavior. Validators prove that their attestations were produced from finalized state per spec.
During an overlap period, both the validator quorum and the ZK proof must agree. Once the ZK path has been validated under production load, the signature requirement is dropped.

Phase 5: Sunset · Removing the admin

Target: when the protocol is provably trust-minimized. The admin multisig retires. Options under consideration:
  • Full ossification: disable program upgrades entirely; the protocol becomes immutable.
  • On-chain governance: replace the admin with a tokenholder DAO.
  • Sunset Cold Reserve leaf 0: remove the admin-only recovery path or replace it with a much broader multisig.
What stays the same: every user keeps their 7-day Deposit Address exit. That guarantee survives every other authority.

Migration ordering

Migration ordering: Phase 1 launch through Phase 5 sunset, with the one-time Cold Reserve sweep happening only between Phase 1 and Phase 2
Only the Phase 1 → 2 transition requires moving funds on Pearl. Every subsequent phase reuses the same Cold Reserve address; once you’ve audited the address, it doesn’t change again until Phase 5.

Timelines

Specific dates and block-heights are not committed in advance. Every phase ships when it’s audited and stable in production. Follow TBD for milestones.