Skip to content

PugarHuda/diam

BranchesTags

Repository files navigation

Diam

Tests

Your trade. Their guess. Nobody knows.

diam — Indonesian for "silent". A confidential OTC desk where amounts stay hidden, bids stay sealed, and trades stay quiet.

On-chain OTC desk with hidden amounts and Vickrey-fair price discovery, built on the iExec Nox confidential computing protocol.

Submission for the iExec Vibe Coding Challenge (April–May 2026).
🚀 Live demo https://private-otc.vercel.app
🎥 Demo video https://youtu.be/_tMBT32r_kQ
🐦 Twitter post https://x.com/BangDropID/status/2050295042296984047
📦 Source https://github.com/PugarHuda/diam
📡 Network Arbitrum Sepolia (chain id 421614)
🔑 Stack Next.js 16 · Solidity 0.8.27 · iExec Nox · ChainGPT · MCP

Why Diam exists

When a whale wants to swap 1,000 ETH for USDC on-chain today, they hit two walls:

  1. Public DEX (Uniswap, Curve, etc.) — ~8% slippage on size, MEV sandwich attacks, leaked alpha as the order sits in the mempool.
  2. OTC desk via Telegram (GSR, Cumberland, Wintermute) — manual chat, fiat wires, no audit trail, full counterparty trust.

$30B+ flows through OTC desks every month. All of it via Telegram, in 2026.

Diam is the third option: on-chain OTC where amounts are encrypted end-to-end.

  • ✅ Settlement on-chain via ERC-7984 confidential tokens
  • ✅ Direct OTC (1 maker ↔ 1 taker) or RFQ Mode (1 maker ↔ N takers, Vickrey pricing)
  • ✅ Atomic settlement, no trusted intermediary
  • ✅ Composable with any ERC-20 through the Nox Confidential Token wrapper
  • ✅ Auditable via selective ACL disclosure — regulators can decrypt logs through key sharing

Three-Layer Architecture

flowchart TB
    subgraph "🤖 MCP Plugin Layer"
        Claude[Claude Code / Cursor / ChainGPT AI]
        MCPSrv[MCP Server<br/><i>private-otc-mcp</i>]
        Claude -->|stdio prompts| MCPSrv
        MCPSrv -.->|browse_intents<br/>create_intent<br/>decrypt_balance| ContractsAPI
    end

    subgraph "⚙️ Compound Engineering Layer"
        MM[MarketMaker<br/><i>auto-bid on RFQs</i>]
        SW[RFQ Sweeper<br/><i>finalize expired</i>]
        SM[Settlement Monitor<br/><i>webhook on Settled</i>]
        SC[Strategy Coach<br/><i>daily AI digest</i>]
        MM & SW & SM & SC -.->|viem<br/>watchContractEvent| ContractsAPI
    end

    subgraph "🔒 Core Protocol"
        Web[Next.js 16 Frontend<br/><i>wagmi · RainbowKit</i>]
        ContractsAPI[PrivateOTC.sol<br/>+ DiamCToken cUSDC/cETH<br/><i>Arbitrum Sepolia</i>]
        Web --> ContractsAPI
    end

    subgraph "🎟️ Receipt Layer"
        Receipt[DiamReceipt.sol<br/><i>ERC-721 with onchain SVG</i>]
        Web -->|mint after settle| Receipt
    end

    subgraph "🌐 External Services"
        Nox[iExec Nox<br/><i>NoxCompute TEE precompile</i>]
        CGT[ChainGPT API<br/><i>fair price · NFT image · signal</i>]
        ContractsAPI <-->|encrypted ops<br/>Nox.gt · Nox.select<br/>Nox.transfer| Nox
        Web -.-> CGT
        SC -.-> CGT
    end

    style ContractsAPI fill:#0a0a0a,stroke:#00ff41,stroke-width:2px,color:#00ff41
    style Receipt fill:#0a0a0a,stroke:#00ff41,stroke-width:1px,color:#00ff41
    style Nox fill:#0a0a0a,stroke:#00e639,stroke-width:2px,color:#00e639
    style CGT fill:#0a0a0a,stroke:#ff6b6b,stroke-width:1px,color:#ff6b6b
Loading

Reading the diagram:

  • Solid arrows are write paths (transactions, RPC calls).
  • Dotted arrows are read paths or AI-only side channels.
  • The Core Protocol is the only layer with on-chain authority; everything else is composition.

Tech Stack

Layer Tech
Smart Contracts Solidity 0.8.27 · Foundry · @iexec-nox/nox-protocol-contracts@0.2.2 · OpenZeppelin ERC-721
Confidential primitives iExec Nox (TEE-based) · NoxCompute proxy on Arbitrum Sepolia
Encryption @iexec-nox/handle@0.1.0-beta.10 — Viem v2 client
Frontend Next.js 16 (App Router · Turbopack) · wagmi v2 · RainbowKit · Tailwind v4
AI ChainGPT API — fair-price advisor, market signal, NFT receipt image
NFT receipts DiamReceipt ERC-721 — fully onchain Base64-encoded SVG metadata
Autonomous agents Node 22 · viem watchContractEvent · Vercel Cron + Functions
MCP server @modelcontextprotocol/sdk · stdio transport
Hosting Vercel (production)

Project Structure

diam/
├── packages/
│   ├── contracts/        # Solidity + Foundry (PrivateOTC.sol on-chain)
│   ├── web/              # Next.js frontend
│   ├── agents/           # Compound Engineering autonomous agents
│   └── mcp-server/       # MCP server exposing OTC as AI-native tools
├── .claude-plugin/       # Claude Code plugin companion (/otc-* slash commands)
├── feedback.md           # Builder feedback for the iExec Nox team
├── DEMO-SCRIPT.md        # 4-minute demo video storyboard
├── X-POST.md             # Submission post drafts
└── README.md             # This file

Quick Start

Prerequisites

  • Node.js 22+
  • pnpm 10+
  • Foundry: curl -L https://foundry.paradigm.xyz | bash
  • A wallet with Arbitrum Sepolia ETH (Alchemy faucet)
  • A ChainGPT API key (free hackathon credits via Telegram @vladnazarxyz)

Install

git clone https://github.com/PugarHuda/diam.git
cd diam
pnpm install
cp .env.example .env
# Fill .env with your values (see .env.example for the full list)

Run the frontend

pnpm dev
# Open http://localhost:3000

Build, test, and deploy contracts

pnpm contracts:build         # forge build
pnpm contracts:test          # forge test (local) — fork tests skip-by-default
pnpm contracts:deploy:sepolia

Run agents

pnpm agents:dev              # all 4 agents in watch mode
pnpm --filter agents market-maker   # individual agent

Run the MCP server

pnpm mcp:dev                 # stdio transport, ready for Claude Code / Cursor

End-to-End Demo (5 minutes)

  1. Visit https://private-otc.vercel.app
  2. Connect a wallet on Arbitrum Sepolia
  3. Go to Faucet → mint 10,000 cUSDC and 10 cETH (encrypted via Nox). Each token row shows an Authorize Diam banner — click it once per token to approve the OTC contract as operator (60-day expiry).
  4. Go to Portfolio → click Decrypt to confirm the JS SDK can read your hidden balance
  5. Create Intent → Direct OTC: sell 1 cETH for at least 3,500 cUSDC. The create form blocks submit until your sell-side setOperator is in place, so dead-on-arrival intents can't ship.
  6. Browse /intents — paginated orderbook (10 per page) with status, mode, pair, and "mine only" filters. URL params (?status=open&p=2) are shareable. Seed data covers Open / Filled / Cancelled / Expired / PendingReveal so every state path is demo-ready.
  7. With another wallet, Accept the intent (Direct) or Submit Bid (RFQ). The accept page shows a red banner if either party hasn't authorized — saves gas on a doomed tx.
  8. Both parties decrypt their new balances on Portfolio.
  9. Mint your NFT receipt — on the settled intent page, click MINT RECEIPT. One click triggers two things: a ChainGPT-generated image previews above, and a DiamReceipt.mint(...) ERC-721 commits onchain to your wallet. The button hides afterwards (one-mint-per- participant per intent), and you get an Arbiscan link to the NFT.

The transaction shows up on Arbiscan — but the amount is a 32-byte handle, not a number. Settled trades produce a real ERC-721 with fully onchain SVG metadata that survives any image host going dark.

Deployed Contracts (Arbitrum Sepolia)

Contract Address
PrivateOTC (the Diam orchestrator) 0x5b2C0c83e41bF9ef072d742096C49DFDB814CEB4
DiamCToken cUSDC 0x57736B816F6cb53c6B2c742D3A162E89Db162ADE
DiamCToken cETH 0xCdD84bA9415DFE3Dd5c0c05077B1FE194Bcf695d
DiamReceipt (ERC-721 keepsake) 0xE011E57ff89a9b1450551A7cE402b75c5Bd27B85

NoxCompute proxy (provided by iExec): 0xd464B198f06756a1d00be223634b85E0a731c229

The on-chain contract name remains PrivateOTC (immutable). "Diam" is the user-facing brand and product name.

Key Design Decision — Strategy B: Atomic Conditional Settlement

When a taker bid falls below the maker's hidden minimum, naive contracts either:

  • ❌ Revert (leaks "bid too low" via the failed transaction), or
  • ❌ Trust the client to validate (defeats the purpose of confidentiality)

Diam uses Nox.safeSub + Nox.select to make the trade an atomic no-op when the bid is insufficient:

(ebool sufficient, ) = Nox.safeSub(buyAmount, intent.minBuyAmount);

euint256 zero = Nox.toEuint256(0);
euint256 effectiveSell = Nox.select(sufficient, intent.sellAmount, zero);
euint256 effectiveBuy  = Nox.select(sufficient, buyAmount,        zero);

// Always settle. Whether amounts are real or zero stays encrypted.
intent.sellToken.confidentialTransferFrom(maker, taker, euint256.unwrap(effectiveSell));
intent.buyToken.confidentialTransferFrom(taker, maker, euint256.unwrap(effectiveBuy));
intent.status = IntentStatus.Filled;

The branch (real vs zero) lives entirely inside encrypted handles. The on-chain status is always Filled — observers cannot distinguish a successful trade from a no-op rejection. Privacy preserved on rejection.

DiamReceipt — Onchain ERC-721 Keepsake

Every settled trade can be commemorated with an NFT minted directly to the participant's wallet. Both image and metadata are stored fully onchain:

  • DiamReceipt.mint(intentId, mode, settleTxHash, pair) — open mint at the contract level, idempotency enforced at the UI via useExistingReceipt reading past ReceiptMinted events.
  • tokenURI(tokenId) returns a data:application/json;base64,... URI containing inline SVG art + structured attributes. No IPFS, no off-chain image host — the keepsake survives forever as long as Arbitrum does.
  • Frontend collapses image generation + onchain mint into a single click; ChainGPT failures don't block the onchain commit.
  • Receipt mint is gated to actual participants: maker (from intent struct), Direct taker (from Settled event log via useSettledTaker), or RFQ winner bidder (same event log). Random visitors see a read-only notice.
Token What's onchain
Diam Receipt #N name, description, SVG image, attributes (Mode, Pair, Intent ID, Settled At)

What's Real vs. Mock

Per hackathon brief: "using mock data leads to disqualification". Honest audit:

Real (verified on-chain)

  • All three contracts deployed and responding to read calls
  • cUSDC.confidentialTotalSupply() returns a real Nox handle (NoxCompute proxy actually responded during constructor)
  • @iexec-nox/handle and @iexec-nox/nox-protocol-contracts are the real iExec packages from npm
  • Vickrey logic compiles against the real Nox library
  • Frontend lives at https://private-otc.vercel.app, returns HTTP 200 on every route

🛠️ Self-deployed (real, but written by us)

  • DiamCToken.sol — Diam's full ERC-7984 implementation (~180 LOC) using real Nox.transfer / Nox.mint primitives. We deployed it because the cdefi.iex.ec faucet does not publicly expose token addresses. Implements all 8 ERC-7984 transfer functions (4 plain + 4 transfer-and-call), IERC7984Receiver callback verification, and the operator pattern with uint48 timestamp expiry. Full spec compliance per EIP-7984 — no partial.
  • DiamReceipt.sol — ERC-721 trade receipt with fully onchain Base64-encoded SVG tokenURI. ~200 LOC, no IPFS dependency.

There is no fake data anywhere. Every encrypted handle is a real reference to TEE-encrypted state.

Documentation

License

MIT

About

Diam — Confidential OTC desk on iExec Nox. Hidden amounts, Vickrey-fair RFQ pricing, AI-native via MCP. iExec Vibe Coding Challenge 2026.

private-otc.vercel.app

Resources

Readme
Activity

Stars

0 stars

Watchers

0 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

 
 
 

Contributors

Languages