A confidential salary payment system built using Zama's Fully Homomorphic Encryption Virtual Machine (FHEVM) and OpenZeppelin's Confidential Contracts. This project demonstrates how companies can pay employee salaries while maintaining complete privacy of individual salary amounts on the blockchain.
This system allows companies to:
- โ Pay employee salaries confidentially using FHE encryption
- โ Process bonuses and deductions without exposing amounts
- โ Maintain complete privacy while ensuring regulatory compliance
- โ Provide transparent audit trails without revealing sensitive data
- โ Enable employee-to-employee token transfers
The system is built on:
- Zama FHEVM: For homomorphic encryption operations
- Zama Relayer SDK: For FHEVM interaction and relayer services
- OpenZeppelin Confidential Contracts: For the base confidential token functionality
- Role-based Access Control: For secure permission management
- Hardhat: For development and testing
- ethers.js: For all blockchain and smart contract interactions (no viem)
โโโ contracts/
โ โโโ ConfidentialSalaryToken.sol # Main salary token contract
โโโ test/
โ โโโ ConfidentialSalaryToken.test.js # Comprehensive test suite
โโโ scripts/
โ โโโ deploy.js # Deployment script
โ โโโ demo.js # Demo script
โ โโโ frontend-example.js # Frontend integration example
โโโ package.json # Dependencies
โโโ hardhat.config.js # Hardhat configuration
โโโ README.md # This file
- Node.js (v16 or higher)
- npm or yarn
- Hardhat
-
Clone the repository
git clone <repository-url> cd fhe-payroll
-
Install dependencies
npm install
-
Compile contracts
npm run compile
-
Run tests
npm test -
Deploy contract
npm run deploy
-
Run demo
npm run demo
The Confidential Salary Token has been successfully deployed to the Sepolia testnet:
- Contract Address:
0x5FbDB2315678afecb367f032d93F642f64180aa3 - Network: Sepolia Testnet
- Block Explorer: Sepolia Etherscan
- Token Name: Confidential Salary Token
- Token Symbol: CST
- Decimals: 6
The contract has been verified on Sepolia Etherscan and is publicly accessible for inspection and interaction.
After deployment, the following roles need to be assigned:
// Grant HR role
await confidentialSalaryToken.grantRole(HR_ROLE, hrManagerAddress);
// Grant Payroll role
await confidentialSalaryToken.grantRole(PAYROLL_ROLE, payrollManagerAddress);
// Grant Admin role
await confidentialSalaryToken.grantRole(ADMIN_ROLE, adminAddress);You can interact with the deployed contract using:
- Etherscan: Direct interaction through the verified contract
- Hardhat Console: Connect to Sepolia and interact programmatically
- Frontend Integration: Use the provided frontend example scripts (all using ethers.js)
Make sure you have the following environment variables set for Sepolia deployment:
PRIVATE_KEY=your_private_key_here
SEPOLIA_RPC_URL=your_sepolia_rpc_url_here- All salary amounts are encrypted using FHE
- Only authorized parties can decrypt amounts
- Public blockchain shows transactions occurred, not amounts
- Optional disclosure for compliance purposes
- Employee Management: Add/remove employees with encrypted salaries
- Salary Payments: Process monthly salaries confidentially
- Performance Bonuses: Handle discretionary bonuses privately
- Tax Deductions: Process deductions without exposing amounts
- Promotions: Update salaries confidentially
- Token Transfers: Employees can transfer tokens to each other
- HR Role: Employee management and salary updates
- Payroll Role: Salary payments, bonuses, and deductions
- Admin Role: Contract management and role assignments
// HR Manager adds a new employee with encrypted salary
const encryptedSalary = FHE.encrypt(5000); // $5000 salary
await confidentialSalaryToken.connect(hrManager).addEmployee(
employeeAddress,
encryptedSalary
);
// Payroll Manager pays monthly salary
const paymentAmount = FHE.encrypt(5000); // $5000 payment
await confidentialSalaryToken.connect(payrollManager).paySalary(
employeeAddress,
paymentAmount
);// Payroll Manager pays performance bonus
const bonusAmount = FHE.encrypt(1000); // $1000 bonus
await confidentialSalaryToken.connect(payrollManager).payBonus(
employeeAddress,
bonusAmount,
"Q4 Performance Bonus"
);// Payroll Manager processes tax deduction
const deductionAmount = FHE.encrypt(500); // $500 deduction
await confidentialSalaryToken.connect(payrollManager).processDeduction(
employeeAddress,
deductionAmount,
"Tax Deduction"
);// Employee transfers tokens to another employee
const transferAmount = FHE.encrypt(500); // $500 transfer
await confidentialSalaryToken.connect(employee1).transfer(
employee2.address,
transferAmount
);addEmployee(address employee, euint32 encryptedSalary)- Add new employeeremoveEmployee(address employee)- Remove employeeupdateEmployeeSalary(address employee, euint32 newEncryptedSalary)- Update salarygetEmployeeSalary(address employee)- Get encrypted salaryisEmployee(address employee)- Check if address is employee
paySalary(address employee, euint32 amount)- Pay salarypayBonus(address employee, euint32 amount, string reason)- Pay bonusprocessDeduction(address employee, euint32 amount, string reason)- Process deduction
balanceOf(address account)- Get encrypted balancetransfer(address to, euint32 amount)- Transfer tokenstransferFrom(address from, address to, euint32 amount)- Transfer from another address
grantRole(bytes32 role, address account)- Grant rolerevokeRole(bytes32 role, address account)- Revoke rolehasRole(bytes32 role, address account)- Check role
getTotalEmployees()- Get total employee countgetEmployeeAtIndex(uint256 index)- Get employee at indexpause()/unpause()- Pause/unpause contract
The demo script (scripts/demo.js) showcases all features:
- Employee Management: Adding employees with encrypted salaries
- Salary Payments: Processing confidential salary payments
- Bonus Payments: Paying performance bonuses
- Deductions: Processing tax and insurance deductions
- Transfers: Employee-to-employee token transfers
- Salary Updates: Updating employee salaries (promotions)
- Employee Removal: Removing employees from the system
- Contract Pause: Pausing and unpausing operations
- Enumeration: Listing all employees
Run the demo:
npm run demoThe test suite covers:
- โ Contract deployment and role setup
- โ Employee management operations
- โ Salary payment functionality
- โ Bonus and deduction processing
- โ Token transfer operations
- โ Access control and permissions
- โ Pause/unpause functionality
- โ Error handling and edge cases
Run tests:
npm test- All sensitive data is encrypted using FHE
- Only authorized parties can decrypt amounts
- Public blockchain shows transaction existence, not amounts
- Role-based permissions prevent unauthorized access
- HR role for employee management
- Payroll role for salary operations
- Admin role for contract management
- Encrypted transaction logs
- Optional disclosure for compliance
- Immutable payment history
- Privacy of salary information
- Regulatory compliance maintained
- Transparent audit trail without exposing amounts
- Automated payroll processing
- Personal salary information protected
- Verifiable payment history
- Control over disclosure when needed
- Immutable payment records
- Complete transaction history
- Optional disclosure mechanisms
- Public blockchain verification
- Sensitive data protection
Potential improvements for production use:
- Integration with existing payroll systems
- Multi-currency support
- Advanced compliance features
- Mobile wallet integration
- Automated tax calculations
- Performance optimization for large employee bases
- Integration with traditional banking systems
- Zama Documentation: https://docs.zama.ai/
- FHEVM Guides: https://docs.zama.ai/protocol/solidity-guides/
- Zama Relayer SDK: https://docs.zama.ai/protocol/relayer-sdk/
- OpenZeppelin Confidential Contracts: https://docs.openzeppelin.com/confidential-contracts/
This project is licensed under the MIT License.
Note: This is a demonstration project showcasing the capabilities of Zama's FHEVM for real-world privacy applications. For production use, ensure proper security audits and compliance with local regulations.