Solana Wallet & Payments
Self-Custodial by Design
The Relay wallet is a self-custodial Solana wallet embedded directly in the messenger. Your private key lives in your device's secure hardware and never touches a server.
The key design decision: the server constructs transactions, but the device signs them. The server acts as an RPC proxy and username resolver, not a custodian. It cannot move your funds.
In plain English: Relay has a built-in crypto wallet, but unlike an exchange or custodial app, nobody but you controls your money. The server helps build transactions (like a bank teller filling out a form), but only your phone can authorize them (like your signature on the check). If Relay disappeared tomorrow, your funds would still be on the blockchain, recoverable with your 12-word seed phrase.
Architecture
Username-Based Transfers
One of Relay's core privacy features: wallet addresses are never exposed to other users. You send money by typing a username.
The flow:
- You type
@boband an amount. - The server resolves
@bobto Bob's wallet address (stored server-side during registration — but never displayed in the app or exposed via API to other users). - The server constructs an unsigned Solana transaction.
- Your device signs it with the wallet private key (behind a biometric gate).
- The signed transaction is submitted to the Solana network via the Helius RPC proxy.
Why this matters: On a public blockchain, wallet addresses are pseudonymous at best. If someone knows your wallet address, they can see your entire transaction history and balance. By hiding addresses behind usernames, Relay keeps this information private.
In plain English: You never need to copy and paste long wallet addresses or scan QR codes. Just type a username. The other person never sees your wallet address, and you never see theirs. This keeps both of your blockchain histories private.
RPC Proxy
All Solana RPC calls are proxied through the Relay server. The app never connects directly to an RPC node.
Why:
- The Helius API key (which provides enhanced RPC access) stays server-side. It is never shipped in the app binary or exposed to users.
- The server can apply rate limiting and access control to RPC calls.
- Users do not need to trust third-party RPC endpoints or configure anything.
The proxy supports standard Solana JSON-RPC methods (getBalance, getTokenAccountsByOwner, sendTransaction, etc.) as well as Helius-specific enhanced APIs for transaction parsing and asset queries.
Token Support
| Token | Status | Details |
|---|---|---|
| SOL | Live | Native Solana token |
| USDC | Planned | SPL token (Circle) |
| USDT | Planned | SPL token (Tether) |
The wallet automatically detects SPL token accounts and displays balances. Token metadata (name, symbol, logo) is resolved via the Helius DAS (Digital Asset Standard) API.
Jupiter DEX Integration
Relay integrates Jupiter — the leading Solana DEX aggregator — for in-app token swaps.
The flow follows the same signing model:
- The server requests a swap route from Jupiter's API.
- Jupiter returns an unsigned versioned transaction.
- The device signs it with the wallet key.
- The signed transaction is submitted via the RPC proxy.
This allows users to swap between any Solana tokens without leaving the app, while maintaining the invariant that the server never holds signing authority.
Private Transfers (via Privacy Cash)
Normal blockchain transfers leave a public trail — anyone can see that address A sent money to address B. For users who need to break that trail, Relay integrates with Privacy Cash, a third-party protocol that uses zero-knowledge proofs to sever the on-chain link between sender and recipient.
Third-party dependency
Privacy Cash is an independent protocol, not built or operated by Relay. The ZK proof generation, the pool contracts, and the cryptographic mixing are all Privacy Cash infrastructure. Relay's role is limited to providing a client integration that connects the Privacy Cash flow to Relay's username resolution and transaction signing.
The Privacy Cash SDK integration is not yet live. The client-side interface is scaffolded and the flow is designed, but the actual SDK for constructing ZK transactions is pending from the Privacy Cash team. This feature will become available when their SDK ships.
How Privacy Cash Works (Conceptually)
- Deposit: Tokens are deposited into a Privacy Cash pool contract on Solana. The deposit generates a cryptographic commitment.
- Prove: Privacy Cash generates a zero-knowledge proof that proves "someone deposited this amount" without revealing who.
- Withdraw: The proof authorizes a withdrawal to the recipient's address. On-chain, there is no traceable link between the deposit and the withdrawal.
Relay's integration layer handles username-to-address resolution and client-side transaction signing (so private keys never touch the server), but the privacy guarantees come entirely from Privacy Cash's protocol.
Supported tokens (per Privacy Cash): SOL is supported. USDC and USDT support is being added by the Privacy Cash team.
Fees (set by Privacy Cash): ~0.35% withdrawal fee + small flat SOL fee for transaction costs.
In plain English: If you want to send money without leaving a public trace on the blockchain, Relay can route the transfer through Privacy Cash — a separate service that uses advanced math to make the transaction untraceable. Think of it like withdrawing cash from an ATM and handing it to someone, instead of doing a bank transfer with both names on the receipt. Relay does not operate this system — it connects to it.
Transaction Signing Security
Every transaction that moves funds requires:
- Biometric authentication (Face ID / Touch ID / device passcode) to access the wallet private key from the secure hardware.
- On-device signing — the private key is loaded into memory, the transaction is signed, and the key bytes are immediately zeroed out.
- No server signing — the server never has access to a private key or a signed blank transaction. It only constructs unsigned transactions.
This applies to all transaction types: SOL transfers, SPL token transfers, Jupiter swaps, and Privacy Cash deposits/withdrawals.