ShardRegistry
On-chain registry for GhostShard hash verification and emergency wallet locking.
Source
packages/contracts/ShardRegistry.compact
Ledgers
| Ledger | Type | Description |
|---|---|---|
shard_hashes | Map<Bytes, Bytes> | Shard hash by walletId:shardId |
shard_locations | Map<Bytes, Counter> | Storage type by walletId:shardId |
shard_counts | Map<Bytes, Counter> | Shard count per wallet |
wallet_locked | Map<Bytes, Counter> | Lock status per wallet (0 = unlocked, 1 = locked) |
total_shards | Counter | Global shard count |
Circuits
registerShard(wallet_id: Bytes, shard_id: Bytes, shard_hash: Bytes, storage_type: Counter)
Registers a shard hash on-chain. Fails if the wallet is locked.
Storage type encoding:
| Type | Code |
|---|---|
| DID | 1 |
| USB | 2 |
| Password Manager | 3 |
| 4 | |
| Cloud | 5 |
| Device | 6 |
emergencyLock(wallet_id: Bytes)
Locks a wallet, preventing new shard registrations. Use when compromise is suspected.
isLocked(wallet_id: Bytes): Counter
Returns 1 if the wallet is locked, 0 otherwise.
verifyShardHash(wallet_id: Bytes, shard_id: Bytes, hash: Bytes): Counter
Returns 1 if the provided hash matches the registered hash for the shard, 0 otherwise. Does not reveal the hash — the comparison happens inside the ZK circuit.
getShardCount(wallet_id: Bytes): Counter
Returns the number of registered shards for a wallet.
getShardLocation(wallet_id: Bytes, shard_id: Bytes): Counter
Returns the storage type code for a specific shard.
getTotalShards(): Counter
Returns the global shard count across all wallets.
Emergency Lock Flow
User suspects compromise
→ emergencyLock(walletId)
→ All registerShard() calls for this wallet will fail
→ User creates new wallet + new shards
→ Old shards are effectively invalidated
The lock is one-way — once locked, a wallet cannot be unlocked. The user must create a new wallet.