> For the complete documentation index, see [llms.txt](https://docs.hooded.cash/llms.txt). Markdown versions of documentation pages are available by appending `.md` to page URLs; this page is available as [Markdown](https://docs.hooded.cash/protocol-and-architecture/protocol-overview.md).

# Protocol Overview

HoodedCash's on-chain layer is built on Robinhood Chain, using HoodedCash's own confidential token contracts — an encrypted-balance ERC-20 in the Zether lineage — as its privacy primitive. The EVM has no native confidential-transfer feature, so this contract layer is HoodedCash's own, verified on-chain. Unlike a typical fintech product, HoodedCash doesn't run its own settlement ledger. Settlement is Robinhood Chain itself, secured by Ethereum.

***

## What the protocol layer does

1. **Custody and signing:** every account is an ERC-4337 smart account controlled by a keypair generated client-side. HoodedCash never holds keys.
2. **Confidential transfers:** transfer amounts are encrypted by the confidential token contracts, with proof generation happening on the client.
3. **Gas abstraction:** a small ETH reserve is maintained per account automatically and topped up via an internal swap when it drops below threshold, so users only ever think in USDG.
4. **Agent policy enforcement:** spend policies are checked client-side in the agent's signing flow, and enforced on-chain by the agent account's validation contract.
5. **Indexing:** on-chain events are indexed off-chain via contract event streams, powering the real-time feed and webhook system without requiring any party to poll the chain directly.

Everything that requires trust, meaning custody of funds and the validity of a transfer, is enforced by Robinhood Chain and HoodedCash's on-chain contracts — with correctness ultimately secured by Ethereum through the rollup's fraud-proof settlement. Everything else, UI rendering, notifications, indexing, is a convenience layer on top.

***

## Stack

```
+-----------------------------------------------+
|              HoodedCash App Layer               |
|      Web app . Mobile (iOS/Android) . SDK      |
+---------------------+---------------------------+
                       |
+---------------------v---------------------------+
|              HoodedCash API Layer                |
|   REST + WebSocket . Agent API . Webhooks       |
+---------------------+---------------------------+
                       |
+---------------------v---------------------------+
|            HoodedCash Core Services              |
|                                                 |
|  Wallet Engine   Privacy Engine   Agent Engine  |
|  (key mgmt,      (ZK proof gen,   (spend        |
|   tx building)    client-side)    policies,     |
|                                    x402 handler) |
|                                                 |
|  Indexer (contract event streams + PostgreSQL)  |
+---------------------+---------------------------+
                       |
+---------------------v---------------------------+
|            Robinhood Chain Mainnet              |
|  Confidential Tokens . ZK Verifier . x402       |
+-----------------------------------------------+
```

***

## Trust model

* **Users** don't need to trust HoodedCash with their funds. Keys are generated and held on-device; HoodedCash's servers see signed transactions, never private keys.
* **Users** don't need to trust HoodedCash with their transaction amounts. Proof generation and decryption happen client-side. HoodedCash's backend only ever handles ciphertext.
* **Agents** operate under spend policies enforced at the signing layer and in the account's on-chain validation contract, not by HoodedCash's discretion after the fact. A transaction that violates policy is never produced.

***

## Further reading

* [On-Chain Architecture](/protocol-and-architecture/on-chain-architecture.md): the contract state layout underneath HoodedCash
* [Trust & Security Model](/protocol-and-architecture/trust-and-security.md): the full security layer breakdown


---

# Agent Instructions
This documentation is published with GitBook. GitBook is the documentation platform designed so that both humans and AI agents can read, navigate, and reason over technical content effectively. Learn more at gitbook.com.

## Querying This Documentation
If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter, and the optional `goal` query parameter:

```
GET https://docs.hooded.cash/protocol-and-architecture/protocol-overview.md?ask=<question>&goal=<endgoal>
```

`ask` is the immediate question: it should be specific, self-contained, and written in natural language.
`goal` is optional and describes the broader end goal you are ultimately trying to accomplish on behalf of the user. GitBook uses it to tailor the answer towards what is most useful for that goal.

The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.
