Abstract
As Decentralized Finance (DeFi) and Non-Fungible Tokens (NFTs) expand, self-custody wallets have become the primary interface for user sovereignty. However, existing solutions suffer from critical limitations, including static authentication frameworks that compromise usability, a lack of real-time risk awareness, and inadequate key recovery mechanisms that often lead to permanent asset loss or reliance on centralized custodians. Furthermore, current wallets frequently expose transaction metadata, undermining user privacy. To address these systemic flaws, we present a modular self-custody wallet that incorporates a context-aware risk engine for real-time transaction scoring, risk-based adaptive authentication, and a dual-path decentralized key-recovery layer combining DAO-governed Shamir secret sharing with a zk-SNARK-verified fallback. The architecture further includes programmable policy enforcement and a zero-knowledge swap layer with stealth addressing to decouple front-end activity from on-chain data. The design integrates smart contracts on EVM chains and Solana through provider adapters and executes on-device ML inference to minimize latency. Experimental results demonstrate that the proposed system reduces privacy leakage probability to 5% (compared to 85% in standard architectures) and accelerates key recovery from over 24 h to approximately 8 seconds using zk-SNARKs, all while achieving 93.6% risk classification accuracy. The proposed CAPPR-Wallet advances self-custody by combining context adaptivity, privacy, and recoverability without centralized trust.
Data availability
The data will be made available on request from the corresponding author Ali Muqtadir (alimuqtadir@ncepu.edu.cn).
References
Elmougy, O. & Liu, J. Detecting fraudulent behavior in bitcoin transactions using machine learning. J. Financ. Cryptogr. 28, 45–62 (2023).
Marcus, R. & Kim, L. Railgun: Practical privacy for decentralized finance. Blockchain Res. Horizons 5, 45–59 (2023).
Labs, P. Polygon zkevm documentation. https://polygon.technology (2023).
Karimian, M., Zhao, F. & Gupta, Y. Graph neural network-based anomaly detection in transaction flows. In IEEE Big Data Conference (2023).
Fereidouni, P., Chen, L. & Smith, B. Federated risk prediction models for adaptive mobile authentication. IEEE Trans. Mob. Comput. 23, 1234–1249 (2024).
Singh, R., Kumar, A. & Johnson, M. Rad-aa: Real-time risk adaptive authentication for enterprise systems. In Proceedings of the 32nd ACM Conference on Computer and Communications Security (2023).
Nair, V. & Song, Y. Multi-factor key derivation without custodian support. ACM Trans. Privacy Sec. 26, 10–28 (2023).
Alliance, D. The derec alliance: Standards for decentralized key recovery. https://derec.org (2024).
Cruz, E., Junior, J., Souza, Y., Jesus, G. & Peixoto, M. Archw3: An adaptive blockchain wallet architecture for web3 applications. Comput. Netw. 262, 111182 (2025).
Konkin, A. & Zapechnikov, P. Enterprise considerations for zk-snark deployments: A survey. IEEE Sec. Privacy Magaz. 21, 58–66 (2023).
Labs, S. Solana zkvm designs. https://solana.com/blog/zkvm (2024).
Liang, T., Nguyen, M. & Perez, R. A systematization of zk-snark toolchains for scalable privacy-preserving computations. Cryptol. Survey Rev. 2, 1–25 (2025).
Guo, F., Lee, J. & Tan, S. zk-apc: Zero-knowledge anonymous payment channels. In IEEE Symposium on Security and Privacy (SP) (2024).
Zhang, Y., Wang, H. & Li, J. Smart contract verified threshold recovery protocols. IEEE Trans. Dependable Secure Comput. 21, 114–129 (2024).
Hertz, D. & Kim, S. Homomorphic encryption for stealth address privacy. J. Cryptogr. Eng. 13, 200–218 (2023).
Elloumi, A., Martinez, F. & Lee, P. Adaptive trust control in vanets via smart contracts. In International Conference on Connected Vehicles and Expo (2023).
Islam, M. & Gupta, R. Thresholded smart contracts for secure log access. IEEE Trans. Inf. Forensics Sec. 18, 150–164 (2023).
Homoliak, I. & Perešíni, M. Sok: Cryptocurrency wallets–a security review and classification based on authentication factors. arXiv preprint arXiv:2402.17659 (2024).
Chalkias, K. K., Maram, D., Roy, A., Wang, J. & Yadav, A. Zero-knowledge authenticator for blockchain: Policy-private and obliviously updateable. Cryptology ePrint Archive, Paper 2025/921 (2025).
Abo Alzahab, N., Rafaiani, G., Battaglioni, M., Chiaraluce, F. & Baldi, M. Decentralized biometric authentication based on fuzzy commitments and blockchain. In arXiv preprint arXiv:2409.11303 (2024).
Baldimtsi, F., Lazarus, E. & Patel, S. zklogin: Passwordless and privacy-preserving authentication via web2 credentials and zk-snarks. In IEEE Symposium on Security and Privacy (SP) (2024).
Team, E. D. Policy-defined recovery workflows in permissioned blockchains. Technical Report, EvoChain Consortium. Includes revocation and restoration mechanisms. (2024).
Kethepalli, S., Huang, Z. & Menezes, A. Post-quantum threshold recovery with zero-knowledge verification. Cryptology ePrint Archive2023 (2023).
Chaudhary, A., Gajera, M. & Sahu, N. zkfi: Privacy-preserving and regulation compliant transactions using zero knowledge proofs. arXiv preprint arXiv:2307.00521v5. https://doi.org/10.48550/arXiv.2307.00521 (2025).
Liu, Y., Chen, X. & Wang, Z. Collaborative zero-knowledge proof generation via client-side parallelism. Trans. Cryptogr. Hardware Embed. Syst. 2024, 67–82 (2024).
Korzin, A., Choi, K. & Patel, N. Zk-enabled contextual access control for iot devices. In ACM IoT Security Workshop (2023).
Bappy, F. H., Park, J. S., Hasan, K. & Islam, T. Chainguard: A blockchain-based authentication and access control scheme for distributed networks. In arXiv preprint arXiv:2412.00677 (2024).
Patwe, S. & Mane, S. B. Blockchain-enabled secure and interoperable authentication scheme for metaverse environments. Fut. Internet 16, 166. https://doi.org/10.3390/fi16050166 (2024).
zkSync Team. zksync era launch overview. https://zksync.io (2023).
Jadhav, R., Kim, H. & Torres, M. Hybrid aes/ecc encryption for ipfs content security. Decentraliz. Storage J. 2, 101–119 (2024).
Zhou, H., Kumar, S. & Roberts, A. n-party virtual payments: Design and formalization. In Proceedings of the 2021 ACM Workshop on Blockchain Security, 45–58 (2021).
Park, Y. & Li, J. Virtual payment objects for multi-recipient atomic transfers. In IEEE International Conference on Blockchain (BCON) 2022, 88–101 (2022).
Wang, L., Gupta, S. & Thomas, R. Concurrent execution models for high-throughput blockchains. USENIX Sympos. Netw. Syst. Des. Implement. (NSDI) 2022, 123–138 (2022).
Fernandez, M. & Zhao, Q. Speculative execution and deterministic ordering for on-chain concurrency. J. Distrib. Ledger Res. 6, 77–95 (2023).
Nguyen, T., Patel, R. & Singh, A. Multi-party payment channels: Models and evaluation. Proc. Financ. Cryptogr. Workshop 2020, 200–217 (2020).
Hsu, K. & Ramesh, P. Scalable multi-party state channels for off-chain settlement. ACM Sympos. Appl. Comput. 2021, 320–332 (2021).
Maxwell, P., Poelstra, A. & Wuille, P. Musig: A Schnorr-based multi-signature scheme and its applications. Cryptogr. Protocols Appl. 2, 12–27 (2020).
Lee, Y., Chen, D. & Kumar, S. Eas: Efficient ecc aggregate signatures without pairings. In ACM Conference on Computer and Communications Security (CCS) Workshop on Applied Cryptography, 2023, 10–22 (2023).
Tanaka, H. & Oliveira, L. Security of aggregate signatures in concurrent signing models. J. Cryptogr. Eng. 13, 145–164 (2023).
Oliveira, L., Mehta, P. & Zhang, Y. Rogue-key resilience and nonce-binding for robust aggregate signatures. IEEE Trans. Inf. Forensics Sec. 19, 233–250 (2024).
zkPay Team. zkpay: Prototype notes on private multi-recipient payments. Tech. Rep., zkPay Labs. Technical report and benchmarks, available as project whitepaper. (2023).
Team, C. Chainguard: Context-aware access & aggregation for blockchains. Tech. Rep., ChainGuard Foundation. Implementation notes and benchmark suite. (2024).
Funding
This research was supported by the 2025 Research Project of Shijiazhuang Innovation Institute, China University of Geosciences (Beijing), “Shijiazhuang ICH Digital-Intelligent Standards and Benefit-Sharing Rules”.
Author information
Authors and Affiliations
Contributions
ML: methodology; investigation; validation; visualization; writing-review and editing; datacuration. HL: methodology; supervision; project management; funding acquisition; resources. AM: conceptualization; software; coding; writing—orginial draft; writing-review and editing; methodology. RO: Conceptualization; supervision; writing—review and editing; project administration. MFS: datacuration; investigation; validation.
Corresponding authors
Ethics declarations
Competing interests
The authors declare no competing interests.
Additional information
Publisher’s note
Springer Nature remains neutral with regard to jurisdictional claims in published maps and institutional affiliations.
Rights and permissions
Open Access This article is licensed under a Creative Commons Attribution-NonCommercial-NoDerivatives 4.0 International License, which permits any non-commercial use, sharing, distribution and reproduction in any medium or format, as long as you give appropriate credit to the original author(s) and the source, provide a link to the Creative Commons licence, and indicate if you modified the licensed material. You do not have permission under this licence to share adapted material derived from this article or parts of it. The images or other third party material in this article are included in the article’s Creative Commons licence, unless indicated otherwise in a credit line to the material. If material is not included in the article’s Creative Commons licence and your intended use is not permitted by statutory regulation or exceeds the permitted use, you will need to obtain permission directly from the copyright holder. To view a copy of this licence, visit http://creativecommons.org/licenses/by-nc-nd/4.0/.
About this article
Cite this article
Liu, M., Li, H., Muqtadir, A. et al. CAPPR-Wallet: a context-aware and recoverable wallet architecture with privacy-preserving rules for trustless blockchain ecosystems. Sci Rep (2026). https://doi.org/10.1038/s41598-026-43214-3
Received:
Accepted:
Published:
DOI: https://doi.org/10.1038/s41598-026-43214-3
