diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml
index 02381dfc..f10532a8 100644
--- a/.github/workflows/ci.yml
+++ b/.github/workflows/ci.yml
@@ -225,7 +225,7 @@ jobs:
       - uses: ./.github/actions/install-risc0
 
       - name: Install just
-        run: cargo install just
+        run: cargo install --locked just
 
       - name: Build artifacts
         run: just build-artifacts
diff --git a/Cargo.lock b/Cargo.lock
index 8defea3a..e7a116e4 100644
--- a/Cargo.lock
+++ b/Cargo.lock
@@ -627,6 +627,51 @@ version = "0.7.6"
 source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "7c02d123df017efcdfbd739ef81735b36c5ba83ec3c59c80a9d7ecc718f92e50"
 
+[[package]]
+name = "asn1-rs"
+version = "0.7.1"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "56624a96882bb8c26d61312ae18cb45868e5a9992ea73c58e45c3101e56a1e60"
+dependencies = [
+ "asn1-rs-derive",
+ "asn1-rs-impl",
+ "displaydoc",
+ "nom 7.1.3",
+ "num-traits",
+ "rusticata-macros",
+ "thiserror 2.0.18",
+ "time",
+]
+
+[[package]]
+name = "asn1-rs-derive"
+version = "0.6.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "3109e49b1e4909e9db6515a30c633684d68cdeaa252f215214cb4fa1a5bfee2c"
+dependencies = [
+ "proc-macro2",
+ "quote",
+ "syn 2.0.117",
+ "synstructure",
+]
+
+[[package]]
+name = "asn1-rs-impl"
+version = "0.2.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "7b18050c2cd6fe86c3a76584ef5e0baf286d038cda203eb6223df2cc413565f7"
+dependencies = [
+ "proc-macro2",
+ "quote",
+ "syn 2.0.117",
+]
+
+[[package]]
+name = "asn1_der"
+version = "0.7.7"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "4858a9d740c5007a9069007c3b4e91152d0506f13c1b31dd49051fd537656156"
+
 [[package]]
 name = "astral-tokio-tar"
 version = "0.6.1"
@@ -677,6 +722,36 @@ dependencies = [
  "serde",
 ]
 
+[[package]]
+name = "async-channel"
+version = "2.5.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "924ed96dd52d1b75e9c1a3e6275715fd320f5f9439fb5a4a11fa51f4221158d2"
+dependencies = [
+ "concurrent-queue",
+ "event-listener-strategy",
+ "futures-core",
+ "pin-project-lite",
+]
+
+[[package]]
+name = "async-io"
+version = "2.6.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "456b8a8feb6f42d237746d4b3e9a178494627745c3c56c6ea55d92ba50d026fc"
+dependencies = [
+ "autocfg",
+ "cfg-if",
+ "concurrent-queue",
+ "futures-io",
+ "futures-lite",
+ "parking",
+ "polling",
+ "rustix",
+ "slab",
+ "windows-sys 0.61.2",
+]
+
 [[package]]
 name = "async-lock"
 version = "3.4.2"
@@ -694,6 +769,17 @@ version = "0.5.4"
 source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "4288f83726785267c6f2ef073a3d83dc3f9b81464e9f99898240cced85fce35a"
 
+[[package]]
+name = "async-recursion"
+version = "1.1.1"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "3b43422f69d8ff38f95f1b2bb76517c91589a924d1559a0e935d7c8ce0274c11"
+dependencies = [
+ "proc-macro2",
+ "quote",
+ "syn 2.0.117",
+]
+
 [[package]]
 name = "async-stream"
 version = "0.3.6"
@@ -727,6 +813,19 @@ dependencies = [
  "syn 2.0.117",
 ]
 
+[[package]]
+name = "asynchronous-codec"
+version = "0.7.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "a860072022177f903e59730004fb5dc13db9275b79bb2aef7ba8ce831956c233"
+dependencies = [
+ "bytes",
+ "futures-sink",
+ "futures-util",
+ "memchr",
+ "pin-project-lite",
+]
+
 [[package]]
 name = "ata_core"
 version = "0.1.0"
@@ -760,6 +859,29 @@ version = "1.1.2"
 source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "1505bd5d3d116872e7271a6d4e16d81d0c8570876c8de68093a09ac269d8aac0"
 
+[[package]]
+name = "attohttpc"
+version = "0.24.1"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "8d9a9bf8b79a749ee0b911b91b671cc2b6c670bdbc7e3dfd537576ddc94bb2a2"
+dependencies = [
+ "http 0.2.12",
+ "log",
+ "url",
+]
+
+[[package]]
+name = "attohttpc"
+version = "0.30.1"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "16e2cdb6d5ed835199484bb92bb8b3edd526effe995c61732580439c1a67e2e9"
+dependencies = [
+ "base64 0.22.1",
+ "http 1.4.0",
+ "log",
+ "url",
+]
+
 [[package]]
 name = "attribute-derive"
 version = "0.10.5"
@@ -806,7 +928,7 @@ dependencies = [
  "axum-core 0.4.5",
  "bytes",
  "futures-util",
- "http",
+ "http 1.4.0",
  "http-body",
  "http-body-util",
  "hyper",
@@ -840,7 +962,7 @@ dependencies = [
  "bytes",
  "form_urlencoded",
  "futures-util",
- "http",
+ "http 1.4.0",
  "http-body",
  "http-body-util",
  "hyper",
@@ -875,7 +997,7 @@ dependencies = [
  "async-trait",
  "bytes",
  "futures-util",
- "http",
+ "http 1.4.0",
  "http-body",
  "http-body-util",
  "mime",
@@ -894,7 +1016,7 @@ checksum = "08c78f31d7b1291f7ee735c1c6780ccde7785daae9a9206026862dab7d8792d1"
 dependencies = [
  "bytes",
  "futures-core",
- "http",
+ "http 1.4.0",
  "http-body",
  "http-body-util",
  "mime",
@@ -905,6 +1027,17 @@ dependencies = [
  "tracing",
 ]
 
+[[package]]
+name = "backon"
+version = "1.6.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "cffb0e931875b666fc4fcb20fee52e9bbd1ef836fd9e9e04ec21555f9f85f7ef"
+dependencies = [
+ "fastrand",
+ "gloo-timers 0.3.0",
+ "tokio",
+]
+
 [[package]]
 name = "base-x"
 version = "0.2.11"
@@ -957,24 +1090,6 @@ version = "1.8.3"
 source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "2af50177e190e07a26ab74f8b1efbfe2ef87da2116221318cb1c2e82baf7de06"
 
-[[package]]
-name = "bedrock_client"
-version = "0.1.0"
-dependencies = [
- "anyhow",
- "common",
- "futures",
- "humantime-serde",
- "log",
- "logos-blockchain-chain-broadcast-service",
- "logos-blockchain-chain-service",
- "logos-blockchain-common-http-client",
- "logos-blockchain-core",
- "reqwest",
- "serde",
- "tokio-retry",
-]
-
 [[package]]
 name = "bincode"
 version = "1.3.3"
@@ -1101,7 +1216,7 @@ dependencies = [
  "futures-util",
  "hex",
  "home",
- "http",
+ "http 1.4.0",
  "http-body-util",
  "hyper",
  "hyper-named-pipe",
@@ -1354,17 +1469,6 @@ version = "0.2.1"
 source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "613afe47fcd5fac7ccf1db93babcb082c5994d996f20b8b159f2ad1658eb5724"
 
-[[package]]
-name = "cfg_eval"
-version = "0.1.2"
-source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "45565fc9416b9896014f5732ac776f810ee53a66730c17e4020c3ec064a8f88f"
-dependencies = [
- "proc-macro2",
- "quote",
- "syn 2.0.117",
-]
-
 [[package]]
 name = "chacha20"
 version = "0.10.0"
@@ -1374,6 +1478,7 @@ dependencies = [
  "cfg-if",
  "cipher 0.5.1",
  "cpufeatures 0.3.0",
+ "rand_core 0.10.1",
 ]
 
 [[package]]
@@ -1959,7 +2064,7 @@ source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "7ab67060fc6b8ef687992d439ca0fa36e7ed17e9a0b16b25b601e8757df720de"
 dependencies = [
  "data-encoding",
- "syn 1.0.109",
+ "syn 2.0.117",
 ]
 
 [[package]]
@@ -1973,6 +2078,20 @@ dependencies = [
  "zeroize",
 ]
 
+[[package]]
+name = "der-parser"
+version = "10.0.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "07da5016415d5a3c4dd39b11ed26f915f52fc4e0dc197d87908bc916e51bc1a6"
+dependencies = [
+ "asn1-rs",
+ "displaydoc",
+ "nom 7.1.3",
+ "num-bigint 0.4.6",
+ "num-traits",
+ "rusticata-macros",
+]
+
 [[package]]
 name = "deranged"
 version = "0.5.8"
@@ -2123,10 +2242,21 @@ dependencies = [
 ]
 
 [[package]]
-name = "docker-compose-types"
-version = "0.22.0"
+name = "dlopen2"
+version = "0.5.0"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "7edb75a85449fd9c34d9fb3376c6208ec4115d2ca43b965175a52d71349ecab8"
+checksum = "09b4f5f101177ff01b8ec4ecc81eead416a8aa42819a2869311b3420fa114ffa"
+dependencies = [
+ "libc",
+ "once_cell",
+ "winapi",
+]
+
+[[package]]
+name = "docker-compose-types"
+version = "0.23.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "6ea51e75cfa9371c4d760270c3da13516d7206121d668c1fbdd6fd83d1782b0f"
 dependencies = [
  "derive_builder",
  "indexmap 2.13.0",
@@ -2177,6 +2307,12 @@ version = "0.1.3"
 source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "669a445ee724c5c69b1b06fe0b63e70a1c84bc9bb7d9696cd4f4e3ec45050408"
 
+[[package]]
+name = "dtoa"
+version = "1.0.11"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "4c3cf4824e2d5f025c7b531afcb2325364084a16806f6d47fbc1f5fbd9960590"
+
 [[package]]
 name = "duplicate"
 version = "2.0.1"
@@ -2215,6 +2351,7 @@ version = "2.2.3"
 source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "115531babc129696a58c64a4fef0a8bf9e9698629fb97e9e40767d235cfbcd53"
 dependencies = [
+ "pkcs8",
  "serde",
  "signature",
 ]
@@ -2316,6 +2453,18 @@ dependencies = [
  "cfg-if",
 ]
 
+[[package]]
+name = "enum-as-inner"
+version = "0.6.1"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "a1e6a265c649f3f5979b601d26f1d05ada116434c87741c9493cb56218f76cbc"
+dependencies = [
+ "heck",
+ "proc-macro2",
+ "quote",
+ "syn 2.0.117",
+]
+
 [[package]]
 name = "enum-map"
 version = "2.7.3"
@@ -2501,12 +2650,12 @@ checksum = "37909eebbb50d72f9059c3b6d82c0463f2ff062c9e95845c43a6c9c0355411be"
 
 [[package]]
 name = "ferroid"
-version = "0.8.9"
+version = "2.0.0"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "bb330bbd4cb7a5b9f559427f06f98a4f853a137c8298f3bd3f8ca57663e21986"
+checksum = "ee93edf3c501f0035bbeffeccfed0b79e14c311f12195ec0e661e114a0f60da4"
 dependencies = [
  "portable-atomic",
- "rand 0.9.3",
+ "rand 0.10.1",
  "web-time",
 ]
 
@@ -2583,15 +2732,6 @@ version = "0.1.5"
 source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "d9c4f5dac5e15c24eb999c26181a6ca40b39fe946cbe4c263c7209467bc83af2"
 
-[[package]]
-name = "foreign-types"
-version = "0.3.2"
-source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "f6f339eb8adc052cd2ca78910fda869aefa38d22d5cb648e6485e4d3fc06f3b1"
-dependencies = [
- "foreign-types-shared 0.1.1",
-]
-
 [[package]]
 name = "foreign-types"
 version = "0.5.0"
@@ -2599,7 +2739,7 @@ source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "d737d9aa519fb7b749cbc3b962edcf310a8dd1f4b67c91c4f83975dbdd17d965"
 dependencies = [
  "foreign-types-macros",
- "foreign-types-shared 0.3.1",
+ "foreign-types-shared",
 ]
 
 [[package]]
@@ -2613,12 +2753,6 @@ dependencies = [
  "syn 2.0.117",
 ]
 
-[[package]]
-name = "foreign-types-shared"
-version = "0.1.1"
-source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "00b0228411908ca8685dba7fc2cdd70ec9990a6e753e89b6ac91a84c40fbaf4b"
-
 [[package]]
 name = "foreign-types-shared"
 version = "0.3.1"
@@ -2655,6 +2789,16 @@ dependencies = [
  "futures-util",
 ]
 
+[[package]]
+name = "futures-bounded"
+version = "0.2.4"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "91f328e7fb845fc832912fb6a34f40cf6d1888c92f974d1893a54e97b5ff542e"
+dependencies = [
+ "futures-timer",
+ "futures-util",
+]
+
 [[package]]
 name = "futures-channel"
 version = "0.3.32"
@@ -2688,6 +2832,16 @@ version = "0.3.32"
 source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "cecba35d7ad927e23624b22ad55235f2239cfa44fd10428eecbeba6d6a717718"
 
+[[package]]
+name = "futures-lite"
+version = "2.6.1"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "f78e10609fe0e0b3f4157ffab1876319b5b0db102a2c60dc4626306dc46b44ad"
+dependencies = [
+ "futures-core",
+ "pin-project-lite",
+]
+
 [[package]]
 name = "futures-macro"
 version = "0.3.32"
@@ -2699,6 +2853,17 @@ dependencies = [
  "syn 2.0.117",
 ]
 
+[[package]]
+name = "futures-rustls"
+version = "0.26.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "a8f2f12607f92c69b12ed746fabf9ca4f5c482cba46679c1a75b874ed7c26adb"
+dependencies = [
+ "futures-io",
+ "rustls",
+ "rustls-pki-types",
+]
+
 [[package]]
 name = "futures-sink"
 version = "0.3.32"
@@ -2717,7 +2882,7 @@ version = "3.0.3"
 source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "f288b0a4f20f9a56b5d1da57e2227c661b7b16168e2f72365f57b63326e29b24"
 dependencies = [
- "gloo-timers",
+ "gloo-timers 0.2.6",
  "send_wrapper 0.4.0",
 ]
 
@@ -2821,6 +2986,7 @@ dependencies = [
  "js-sys",
  "libc",
  "r-efi 6.0.0",
+ "rand_core 0.10.1",
  "wasip2",
  "wasip3",
  "wasm-bindgen",
@@ -2863,7 +3029,7 @@ dependencies = [
  "futures-core",
  "futures-sink",
  "gloo-utils",
- "http",
+ "http 1.4.0",
  "js-sys",
  "pin-project",
  "serde",
@@ -2886,6 +3052,18 @@ dependencies = [
  "wasm-bindgen",
 ]
 
+[[package]]
+name = "gloo-timers"
+version = "0.3.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "bbb143cf96099802033e0d4f4963b19fd2e0b728bcf076cd9cf7f6634f092994"
+dependencies = [
+ "futures-channel",
+ "futures-core",
+ "js-sys",
+ "wasm-bindgen",
+]
+
 [[package]]
 name = "gloo-utils"
 version = "0.2.0"
@@ -2927,7 +3105,7 @@ dependencies = [
  "fnv",
  "futures-core",
  "futures-sink",
- "http",
+ "http 1.4.0",
  "indexmap 2.13.0",
  "slab",
  "tokio",
@@ -2975,6 +3153,7 @@ source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "9229cfe53dfd69f0609a49f65461bd93001ea1ef889cd5529dd176593f5338a1"
 dependencies = [
  "allocator-api2",
+ "equivalent",
  "foldhash",
 ]
 
@@ -2984,6 +3163,15 @@ version = "0.16.1"
 source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "841d1cc9bed7f9236f321df977030373f4a4163ae1a7dbfe1a51a2c1a51d9100"
 
+[[package]]
+name = "hashlink"
+version = "0.9.1"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "6ba4ff7128dee98c7dc9794b6a411377e1404dba1c97deb8d1a55297bd25d8af"
+dependencies = [
+ "hashbrown 0.14.5",
+]
+
 [[package]]
 name = "hashlink"
 version = "0.10.0"
@@ -3013,6 +3201,12 @@ version = "0.5.0"
 source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "2304e00983f87ffb38b55b444b5e3b60a884b5d30c0fca7d82fe33449bbe55ea"
 
+[[package]]
+name = "hermit-abi"
+version = "0.5.2"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "fc0fef456e4baa96da950455cd02c081ca953b141298e41db3fc7e36b1da849c"
+
 [[package]]
 name = "hex"
 version = "0.4.3"
@@ -3040,6 +3234,59 @@ version = "1.1.0"
 source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "e712f64ec3850b98572bffac52e2c6f282b29fe6c5fa6d42334b30be438d95c1"
 
+[[package]]
+name = "hex_fmt"
+version = "0.3.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "b07f60793ff0a4d9cef0f18e63b5357e06209987153a64648c972c1e5aff336f"
+
+[[package]]
+name = "hickory-proto"
+version = "0.25.0-alpha.5"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "1d00147af6310f4392a31680db52a3ed45a2e0f68eb18e8c3fe5537ecc96d9e2"
+dependencies = [
+ "async-recursion",
+ "async-trait",
+ "cfg-if",
+ "data-encoding",
+ "enum-as-inner",
+ "futures-channel",
+ "futures-io",
+ "futures-util",
+ "idna",
+ "ipnet",
+ "once_cell",
+ "rand 0.9.3",
+ "socket2 0.5.10",
+ "thiserror 2.0.18",
+ "tinyvec",
+ "tokio",
+ "tracing",
+ "url",
+]
+
+[[package]]
+name = "hickory-resolver"
+version = "0.25.0-alpha.5"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "5762f69ebdbd4ddb2e975cd24690bf21fe6b2604039189c26acddbc427f12887"
+dependencies = [
+ "cfg-if",
+ "futures-util",
+ "hickory-proto",
+ "ipconfig",
+ "moka",
+ "once_cell",
+ "parking_lot",
+ "rand 0.9.3",
+ "resolv-conf",
+ "smallvec",
+ "thiserror 2.0.18",
+ "tokio",
+ "tracing",
+]
+
 [[package]]
 name = "hkdf"
 version = "0.12.4"
@@ -3093,6 +3340,17 @@ dependencies = [
  "utf8-width",
 ]
 
+[[package]]
+name = "http"
+version = "0.2.12"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "601cbb57e577e2f5ef5be8e7b83f0f63994f25aa94d673e54a92d5c516d101f1"
+dependencies = [
+ "bytes",
+ "fnv",
+ "itoa",
+]
+
 [[package]]
 name = "http"
 version = "1.4.0"
@@ -3110,7 +3368,7 @@ source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "1efedce1fb8e6913f23e0c92de8e62cd5b772a67e7b3946df930a62566c93184"
 dependencies = [
  "bytes",
- "http",
+ "http 1.4.0",
 ]
 
 [[package]]
@@ -3121,7 +3379,7 @@ checksum = "b021d93e26becf5dc7e1b75b1bed1fd93124b374ceb73f43d4d4eafec896a64a"
 dependencies = [
  "bytes",
  "futures-core",
- "http",
+ "http 1.4.0",
  "http-body",
  "pin-project-lite",
 ]
@@ -3196,7 +3454,7 @@ dependencies = [
  "futures-channel",
  "futures-core",
  "h2",
- "http",
+ "http 1.4.0",
  "http-body",
  "httparse",
  "httpdate",
@@ -3229,7 +3487,7 @@ version = "0.27.7"
 source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "e3c93eb611681b207e1fe55d5a71ecf91572ec8a6705cdb6857f7d8d5242cf58"
 dependencies = [
- "http",
+ "http 1.4.0",
  "hyper",
  "hyper-util",
  "log",
@@ -3254,22 +3512,6 @@ dependencies = [
  "tower-service",
 ]
 
-[[package]]
-name = "hyper-tls"
-version = "0.6.0"
-source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "70206fc6890eaca9fde8a0bf71caa2ddfc9fe045ac9e5c70df101a7dbde866e0"
-dependencies = [
- "bytes",
- "http-body-util",
- "hyper",
- "hyper-util",
- "native-tls",
- "tokio",
- "tokio-native-tls",
- "tower-service",
-]
-
 [[package]]
 name = "hyper-util"
 version = "0.1.20"
@@ -3280,19 +3522,17 @@ dependencies = [
  "bytes",
  "futures-channel",
  "futures-util",
- "http",
+ "http 1.4.0",
  "http-body",
  "hyper",
  "ipnet",
  "libc",
  "percent-encoding",
  "pin-project-lite",
- "socket2",
- "system-configuration",
+ "socket2 0.6.3",
  "tokio",
  "tower-service",
  "tracing",
- "windows-registry",
 ]
 
 [[package]]
@@ -3448,6 +3688,81 @@ dependencies = [
  "icu_properties",
 ]
 
+[[package]]
+name = "if-addrs"
+version = "0.15.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "c0a05c691e1fae256cf7013d99dad472dc52d5543322761f83ec8d47eab40d2b"
+dependencies = [
+ "libc",
+ "windows-sys 0.61.2",
+]
+
+[[package]]
+name = "if-watch"
+version = "3.2.2"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "71c02a5161c313f0cbdbadc511611893584a10a7b6153cb554bdf83ddce99ec2"
+dependencies = [
+ "async-io",
+ "core-foundation 0.9.4",
+ "fnv",
+ "futures",
+ "if-addrs",
+ "ipnet",
+ "log",
+ "netlink-packet-core 0.8.1",
+ "netlink-packet-route 0.28.0",
+ "netlink-proto",
+ "netlink-sys",
+ "rtnetlink",
+ "system-configuration 0.7.0",
+ "tokio",
+ "windows",
+]
+
+[[package]]
+name = "igd-next"
+version = "0.15.1"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "76b0d7d4541def58a37bf8efc559683f21edce7c82f0d866c93ac21f7e098f93"
+dependencies = [
+ "async-trait",
+ "attohttpc 0.24.1",
+ "bytes",
+ "futures",
+ "http 1.4.0",
+ "http-body-util",
+ "hyper",
+ "hyper-util",
+ "log",
+ "rand 0.8.5",
+ "tokio",
+ "url",
+ "xmltree",
+]
+
+[[package]]
+name = "igd-next"
+version = "0.16.2"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "516893339c97f6011282d5825ac94fc1c7aad5cad26bdc2d0cee068c0bf97f97"
+dependencies = [
+ "async-trait",
+ "attohttpc 0.30.1",
+ "bytes",
+ "futures",
+ "http 1.4.0",
+ "http-body-util",
+ "hyper",
+ "hyper-util",
+ "log",
+ "rand 0.9.3",
+ "tokio",
+ "url",
+ "xmltree",
+]
+
 [[package]]
 name = "include_bytes_aligned"
 version = "0.1.4"
@@ -3460,13 +3775,13 @@ version = "0.1.0"
 dependencies = [
  "anyhow",
  "async-stream",
- "bedrock_client",
  "borsh",
  "common",
  "futures",
  "humantime-serde",
  "log",
  "logos-blockchain-core",
+ "logos-blockchain-zone-sdk",
  "nssa",
  "nssa_core",
  "serde",
@@ -3608,6 +3923,7 @@ dependencies = [
  "indexer_service",
  "indexer_service_protocol",
  "indexer_service_rpc",
+ "jsonrpsee",
  "key_protocol",
  "log",
  "nssa",
@@ -3641,6 +3957,19 @@ dependencies = [
  "rustversion",
 ]
 
+[[package]]
+name = "ipconfig"
+version = "0.3.4"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "4d40460c0ce33d6ce4b0630ad68ff63d6661961c48b6dba35e5a4d81cfb48222"
+dependencies = [
+ "socket2 0.6.3",
+ "widestring",
+ "windows-registry",
+ "windows-result",
+ "windows-sys 0.61.2",
+]
+
 [[package]]
 name = "ipnet"
 version = "2.12.0"
@@ -3824,7 +4153,7 @@ dependencies = [
  "futures-channel",
  "futures-util",
  "gloo-net",
- "http",
+ "http 1.4.0",
  "jsonrpsee-core",
  "pin-project",
  "rustls",
@@ -3849,7 +4178,7 @@ dependencies = [
  "bytes",
  "futures-timer",
  "futures-util",
- "http",
+ "http 1.4.0",
  "http-body",
  "http-body-util",
  "jsonrpsee-types",
@@ -3910,7 +4239,7 @@ source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "4c51b7c290bb68ce3af2d029648148403863b982f138484a73f02a9dd52dbd7f"
 dependencies = [
  "futures-util",
- "http",
+ "http 1.4.0",
  "http-body",
  "http-body-util",
  "hyper",
@@ -3936,7 +4265,7 @@ version = "0.26.0"
 source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "bc88ff4688e43cc3fa9883a8a95c6fa27aa2e76c96e610b737b6554d650d7fd5"
 dependencies = [
- "http",
+ "http 1.4.0",
  "serde",
  "serde_json",
  "thiserror 2.0.18",
@@ -3960,7 +4289,7 @@ version = "0.26.0"
 source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "9b6fceceeb05301cc4c065ab3bd2fa990d41ff4eb44e4ca1b30fa99c057c3e79"
 dependencies = [
- "http",
+ "http 1.4.0",
  "jsonrpsee-client-transport",
  "jsonrpsee-core",
  "jsonrpsee-types",
@@ -3999,6 +4328,7 @@ dependencies = [
  "aes-gcm",
  "anyhow",
  "base58",
+ "bincode",
  "bip39",
  "common",
  "hex",
@@ -4315,18 +4645,401 @@ version = "0.2.16"
 source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "b6d2cec3eae94f9f509c767b45932f1ada8350c4bdb85af2fcab4a3c14807981"
 
+[[package]]
+name = "libp2p"
+version = "0.55.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "b72dc443ddd0254cb49a794ed6b6728400ee446a0f7ab4a07d0209ee98de20e9"
+dependencies = [
+ "bytes",
+ "either",
+ "futures",
+ "futures-timer",
+ "getrandom 0.2.17",
+ "libp2p-allow-block-list",
+ "libp2p-autonat",
+ "libp2p-connection-limits",
+ "libp2p-core",
+ "libp2p-dns",
+ "libp2p-gossipsub",
+ "libp2p-identify",
+ "libp2p-identity",
+ "libp2p-kad",
+ "libp2p-mdns",
+ "libp2p-metrics",
+ "libp2p-quic",
+ "libp2p-swarm",
+ "libp2p-tcp",
+ "libp2p-upnp",
+ "multiaddr",
+ "pin-project",
+ "rw-stream-sink",
+ "thiserror 2.0.18",
+]
+
+[[package]]
+name = "libp2p-allow-block-list"
+version = "0.5.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "38944b7cb981cc93f2f0fb411ff82d0e983bd226fbcc8d559639a3a73236568b"
+dependencies = [
+ "libp2p-core",
+ "libp2p-identity",
+ "libp2p-swarm",
+]
+
+[[package]]
+name = "libp2p-autonat"
+version = "0.14.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "e297bfc6cabb70c6180707f8fa05661b77ecb9cb67e8e8e1c469301358fa21d0"
+dependencies = [
+ "async-trait",
+ "asynchronous-codec",
+ "either",
+ "futures",
+ "futures-bounded",
+ "futures-timer",
+ "libp2p-core",
+ "libp2p-identity",
+ "libp2p-request-response",
+ "libp2p-swarm",
+ "quick-protobuf",
+ "quick-protobuf-codec",
+ "rand 0.8.5",
+ "rand_core 0.6.4",
+ "thiserror 2.0.18",
+ "tracing",
+ "web-time",
+]
+
+[[package]]
+name = "libp2p-connection-limits"
+version = "0.5.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "efe9323175a17caa8a2ed4feaf8a548eeef5e0b72d03840a0eab4bcb0210ce1c"
+dependencies = [
+ "libp2p-core",
+ "libp2p-identity",
+ "libp2p-swarm",
+]
+
+[[package]]
+name = "libp2p-core"
+version = "0.43.2"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "249128cd37a2199aff30a7675dffa51caf073b51aa612d2f544b19932b9aebca"
+dependencies = [
+ "either",
+ "fnv",
+ "futures",
+ "futures-timer",
+ "libp2p-identity",
+ "multiaddr",
+ "multihash",
+ "multistream-select",
+ "parking_lot",
+ "pin-project",
+ "quick-protobuf",
+ "rand 0.8.5",
+ "rw-stream-sink",
+ "thiserror 2.0.18",
+ "tracing",
+ "unsigned-varint 0.8.0",
+ "web-time",
+]
+
+[[package]]
+name = "libp2p-dns"
+version = "0.43.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "1b780a1150214155b0ed1cdf09fbd2e1b0442604f9146a431d1b21d23eef7bd7"
+dependencies = [
+ "async-trait",
+ "futures",
+ "hickory-resolver",
+ "libp2p-core",
+ "libp2p-identity",
+ "parking_lot",
+ "smallvec",
+ "tracing",
+]
+
+[[package]]
+name = "libp2p-gossipsub"
+version = "0.48.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "d558548fa3b5a8e9b66392f785921e363c57c05dcadfda4db0d41ae82d313e4a"
+dependencies = [
+ "async-channel",
+ "asynchronous-codec",
+ "base64 0.22.1",
+ "byteorder",
+ "bytes",
+ "either",
+ "fnv",
+ "futures",
+ "futures-timer",
+ "getrandom 0.2.17",
+ "hashlink 0.9.1",
+ "hex_fmt",
+ "libp2p-core",
+ "libp2p-identity",
+ "libp2p-swarm",
+ "prometheus-client",
+ "quick-protobuf",
+ "quick-protobuf-codec",
+ "rand 0.8.5",
+ "regex",
+ "serde",
+ "sha2",
+ "tracing",
+ "web-time",
+]
+
+[[package]]
+name = "libp2p-identify"
+version = "0.46.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "e8c06862544f02d05d62780ff590cc25a75f5c2b9df38ec7a370dcae8bb873cf"
+dependencies = [
+ "asynchronous-codec",
+ "either",
+ "futures",
+ "futures-bounded",
+ "futures-timer",
+ "libp2p-core",
+ "libp2p-identity",
+ "libp2p-swarm",
+ "quick-protobuf",
+ "quick-protobuf-codec",
+ "smallvec",
+ "thiserror 2.0.18",
+ "tracing",
+]
+
 [[package]]
 name = "libp2p-identity"
 version = "0.2.13"
 source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "f0c7892c221730ba55f7196e98b0b8ba5e04b4155651736036628e9f73ed6fc3"
 dependencies = [
+ "asn1_der",
  "bs58",
+ "ed25519-dalek",
  "hkdf",
+ "k256",
  "multihash",
+ "quick-protobuf",
+ "rand 0.8.5",
+ "serde",
  "sha2",
  "thiserror 2.0.18",
  "tracing",
+ "zeroize",
+]
+
+[[package]]
+name = "libp2p-kad"
+version = "0.47.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "2bab0466a27ebe955bcbc27328fae5429c5b48c915fd6174931414149802ec23"
+dependencies = [
+ "asynchronous-codec",
+ "bytes",
+ "either",
+ "fnv",
+ "futures",
+ "futures-bounded",
+ "futures-timer",
+ "libp2p-core",
+ "libp2p-identity",
+ "libp2p-swarm",
+ "quick-protobuf",
+ "quick-protobuf-codec",
+ "rand 0.8.5",
+ "serde",
+ "sha2",
+ "smallvec",
+ "thiserror 2.0.18",
+ "tracing",
+ "uint",
+ "web-time",
+]
+
+[[package]]
+name = "libp2p-mdns"
+version = "0.47.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "11d0ba095e1175d797540e16b62e7576846b883cb5046d4159086837b36846cc"
+dependencies = [
+ "futures",
+ "hickory-proto",
+ "if-watch",
+ "libp2p-core",
+ "libp2p-identity",
+ "libp2p-swarm",
+ "rand 0.8.5",
+ "smallvec",
+ "socket2 0.5.10",
+ "tokio",
+ "tracing",
+]
+
+[[package]]
+name = "libp2p-metrics"
+version = "0.16.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "2ce58c64292e87af624fcb86465e7dd8342e46a388d71e8fec0ab37ee789630a"
+dependencies = [
+ "futures",
+ "libp2p-core",
+ "libp2p-gossipsub",
+ "libp2p-identify",
+ "libp2p-identity",
+ "libp2p-kad",
+ "libp2p-swarm",
+ "pin-project",
+ "prometheus-client",
+ "web-time",
+]
+
+[[package]]
+name = "libp2p-quic"
+version = "0.12.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "41432a159b00424a0abaa2c80d786cddff81055ac24aa127e0cf375f7858d880"
+dependencies = [
+ "futures",
+ "futures-timer",
+ "if-watch",
+ "libp2p-core",
+ "libp2p-identity",
+ "libp2p-tls",
+ "quinn",
+ "rand 0.8.5",
+ "ring",
+ "rustls",
+ "socket2 0.5.10",
+ "thiserror 2.0.18",
+ "tokio",
+ "tracing",
+]
+
+[[package]]
+name = "libp2p-request-response"
+version = "0.28.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "548fe44a80ff275d400f1b26b090d441d83ef73efabbeb6415f4ce37e5aed865"
+dependencies = [
+ "async-trait",
+ "futures",
+ "futures-bounded",
+ "libp2p-core",
+ "libp2p-identity",
+ "libp2p-swarm",
+ "rand 0.8.5",
+ "smallvec",
+ "tracing",
+]
+
+[[package]]
+name = "libp2p-stream"
+version = "0.3.0-alpha"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "826716f1ee125895f1fb44911413cba023485b552ff96c7a2159bd037ac619bb"
+dependencies = [
+ "futures",
+ "libp2p-core",
+ "libp2p-identity",
+ "libp2p-swarm",
+ "rand 0.8.5",
+ "tracing",
+]
+
+[[package]]
+name = "libp2p-swarm"
+version = "0.46.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "803399b4b6f68adb85e63ab573ac568154b193e9a640f03e0f2890eabbcb37f8"
+dependencies = [
+ "either",
+ "fnv",
+ "futures",
+ "futures-timer",
+ "libp2p-core",
+ "libp2p-identity",
+ "libp2p-swarm-derive",
+ "lru",
+ "multistream-select",
+ "once_cell",
+ "rand 0.8.5",
+ "smallvec",
+ "tokio",
+ "tracing",
+ "web-time",
+]
+
+[[package]]
+name = "libp2p-swarm-derive"
+version = "0.35.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "206e0aa0ebe004d778d79fb0966aa0de996c19894e2c0605ba2f8524dd4443d8"
+dependencies = [
+ "heck",
+ "proc-macro2",
+ "quote",
+ "syn 2.0.117",
+]
+
+[[package]]
+name = "libp2p-tcp"
+version = "0.43.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "65346fb4d36035b23fec4e7be4c320436ba53537ce9b6be1d1db1f70c905cad0"
+dependencies = [
+ "futures",
+ "futures-timer",
+ "if-watch",
+ "libc",
+ "libp2p-core",
+ "socket2 0.5.10",
+ "tokio",
+ "tracing",
+]
+
+[[package]]
+name = "libp2p-tls"
+version = "0.6.2"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "96ff65a82e35375cbc31ebb99cacbbf28cb6c4fefe26bf13756ddcf708d40080"
+dependencies = [
+ "futures",
+ "futures-rustls",
+ "libp2p-core",
+ "libp2p-identity",
+ "rcgen",
+ "ring",
+ "rustls",
+ "rustls-webpki",
+ "thiserror 2.0.18",
+ "x509-parser",
+ "yasna",
+]
+
+[[package]]
+name = "libp2p-upnp"
+version = "0.4.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "d457b9ecceb66e7199f049926fad447f1f17f040e8d29d690c086b4cab8ed14a"
+dependencies = [
+ "futures",
+ "futures-timer",
+ "igd-next 0.15.1",
+ "libp2p-core",
+ "libp2p-swarm",
+ "tokio",
+ "tracing",
 ]
 
 [[package]]
@@ -4406,8 +5119,8 @@ checksum = "5e5032e24019045c762d3c0f28f5b6b8bbf38563a65908389bf7978758920897"
 
 [[package]]
 name = "logos-blockchain-blend-crypto"
-version = "0.2.1"
-source = "git+https://github.com/logos-blockchain/logos-blockchain.git?rev=1da154c74b911318fb853d37261f8a05ffe513b4#1da154c74b911318fb853d37261f8a05ffe513b4"
+version = "0.1.2"
+source = "git+https://github.com/logos-blockchain/logos-blockchain.git?rev=ee281a447d95a951752461ee0a6e88eb4a0f17cf#ee281a447d95a951752461ee0a6e88eb4a0f17cf"
 dependencies = [
  "blake2",
  "logos-blockchain-groth16",
@@ -4420,8 +5133,8 @@ dependencies = [
 
 [[package]]
 name = "logos-blockchain-blend-message"
-version = "0.2.1"
-source = "git+https://github.com/logos-blockchain/logos-blockchain.git?rev=1da154c74b911318fb853d37261f8a05ffe513b4#1da154c74b911318fb853d37261f8a05ffe513b4"
+version = "0.1.2"
+source = "git+https://github.com/logos-blockchain/logos-blockchain.git?rev=ee281a447d95a951752461ee0a6e88eb4a0f17cf#ee281a447d95a951752461ee0a6e88eb4a0f17cf"
 dependencies = [
  "blake2",
  "derivative",
@@ -4443,8 +5156,8 @@ dependencies = [
 
 [[package]]
 name = "logos-blockchain-blend-proofs"
-version = "0.2.1"
-source = "git+https://github.com/logos-blockchain/logos-blockchain.git?rev=1da154c74b911318fb853d37261f8a05ffe513b4#1da154c74b911318fb853d37261f8a05ffe513b4"
+version = "0.1.2"
+source = "git+https://github.com/logos-blockchain/logos-blockchain.git?rev=ee281a447d95a951752461ee0a6e88eb4a0f17cf#ee281a447d95a951752461ee0a6e88eb4a0f17cf"
 dependencies = [
  "ed25519-dalek",
  "generic-array 1.3.5",
@@ -4462,8 +5175,8 @@ dependencies = [
 
 [[package]]
 name = "logos-blockchain-chain-broadcast-service"
-version = "0.2.1"
-source = "git+https://github.com/logos-blockchain/logos-blockchain.git?rev=1da154c74b911318fb853d37261f8a05ffe513b4#1da154c74b911318fb853d37261f8a05ffe513b4"
+version = "0.1.2"
+source = "git+https://github.com/logos-blockchain/logos-blockchain.git?rev=ee281a447d95a951752461ee0a6e88eb4a0f17cf#ee281a447d95a951752461ee0a6e88eb4a0f17cf"
 dependencies = [
  "async-trait",
  "derivative",
@@ -4478,11 +5191,12 @@ dependencies = [
 
 [[package]]
 name = "logos-blockchain-chain-service"
-version = "0.2.1"
-source = "git+https://github.com/logos-blockchain/logos-blockchain.git?rev=1da154c74b911318fb853d37261f8a05ffe513b4#1da154c74b911318fb853d37261f8a05ffe513b4"
+version = "0.1.2"
+source = "git+https://github.com/logos-blockchain/logos-blockchain.git?rev=ee281a447d95a951752461ee0a6e88eb4a0f17cf#ee281a447d95a951752461ee0a6e88eb4a0f17cf"
 dependencies = [
  "async-trait",
  "bytes",
+ "derivative",
  "futures",
  "logos-blockchain-chain-broadcast-service",
  "logos-blockchain-core",
@@ -4496,7 +5210,6 @@ dependencies = [
  "logos-blockchain-time-service",
  "logos-blockchain-tracing",
  "logos-blockchain-utils",
- "num-bigint 0.4.6",
  "overwatch",
  "serde",
  "serde_with",
@@ -4509,8 +5222,8 @@ dependencies = [
 
 [[package]]
 name = "logos-blockchain-circuits-prover"
-version = "0.2.1"
-source = "git+https://github.com/logos-blockchain/logos-blockchain.git?rev=1da154c74b911318fb853d37261f8a05ffe513b4#1da154c74b911318fb853d37261f8a05ffe513b4"
+version = "0.1.2"
+source = "git+https://github.com/logos-blockchain/logos-blockchain.git?rev=ee281a447d95a951752461ee0a6e88eb4a0f17cf#ee281a447d95a951752461ee0a6e88eb4a0f17cf"
 dependencies = [
  "logos-blockchain-circuits-utils",
  "tempfile",
@@ -4518,16 +5231,16 @@ dependencies = [
 
 [[package]]
 name = "logos-blockchain-circuits-utils"
-version = "0.2.1"
-source = "git+https://github.com/logos-blockchain/logos-blockchain.git?rev=1da154c74b911318fb853d37261f8a05ffe513b4#1da154c74b911318fb853d37261f8a05ffe513b4"
+version = "0.1.2"
+source = "git+https://github.com/logos-blockchain/logos-blockchain.git?rev=ee281a447d95a951752461ee0a6e88eb4a0f17cf#ee281a447d95a951752461ee0a6e88eb4a0f17cf"
 dependencies = [
  "dirs",
 ]
 
 [[package]]
 name = "logos-blockchain-common-http-client"
-version = "0.2.1"
-source = "git+https://github.com/logos-blockchain/logos-blockchain.git?rev=1da154c74b911318fb853d37261f8a05ffe513b4#1da154c74b911318fb853d37261f8a05ffe513b4"
+version = "0.1.2"
+source = "git+https://github.com/logos-blockchain/logos-blockchain.git?rev=ee281a447d95a951752461ee0a6e88eb4a0f17cf#ee281a447d95a951752461ee0a6e88eb4a0f17cf"
 dependencies = [
  "futures",
  "hex",
@@ -4546,8 +5259,8 @@ dependencies = [
 
 [[package]]
 name = "logos-blockchain-core"
-version = "0.2.1"
-source = "git+https://github.com/logos-blockchain/logos-blockchain.git?rev=1da154c74b911318fb853d37261f8a05ffe513b4#1da154c74b911318fb853d37261f8a05ffe513b4"
+version = "0.1.2"
+source = "git+https://github.com/logos-blockchain/logos-blockchain.git?rev=ee281a447d95a951752461ee0a6e88eb4a0f17cf#ee281a447d95a951752461ee0a6e88eb4a0f17cf"
 dependencies = [
  "ark-ff 0.4.2",
  "bincode",
@@ -4560,6 +5273,7 @@ dependencies = [
  "logos-blockchain-cryptarchia-engine",
  "logos-blockchain-groth16",
  "logos-blockchain-key-management-system-keys",
+ "logos-blockchain-mmr",
  "logos-blockchain-poc",
  "logos-blockchain-pol",
  "logos-blockchain-poseidon2",
@@ -4568,6 +5282,7 @@ dependencies = [
  "multiaddr",
  "nom 8.0.0",
  "num-bigint 0.4.6",
+ "rpds",
  "serde",
  "strum",
  "thiserror 1.0.69",
@@ -4576,10 +5291,9 @@ dependencies = [
 
 [[package]]
 name = "logos-blockchain-cryptarchia-engine"
-version = "0.2.1"
-source = "git+https://github.com/logos-blockchain/logos-blockchain.git?rev=1da154c74b911318fb853d37261f8a05ffe513b4#1da154c74b911318fb853d37261f8a05ffe513b4"
+version = "0.1.2"
+source = "git+https://github.com/logos-blockchain/logos-blockchain.git?rev=ee281a447d95a951752461ee0a6e88eb4a0f17cf#ee281a447d95a951752461ee0a6e88eb4a0f17cf"
 dependencies = [
- "cfg_eval",
  "logos-blockchain-pol",
  "logos-blockchain-utils",
  "serde",
@@ -4592,11 +5306,13 @@ dependencies = [
 
 [[package]]
 name = "logos-blockchain-cryptarchia-sync"
-version = "0.2.1"
-source = "git+https://github.com/logos-blockchain/logos-blockchain.git?rev=1da154c74b911318fb853d37261f8a05ffe513b4#1da154c74b911318fb853d37261f8a05ffe513b4"
+version = "0.1.2"
+source = "git+https://github.com/logos-blockchain/logos-blockchain.git?rev=ee281a447d95a951752461ee0a6e88eb4a0f17cf#ee281a447d95a951752461ee0a6e88eb4a0f17cf"
 dependencies = [
  "bytes",
  "futures",
+ "libp2p",
+ "libp2p-stream",
  "logos-blockchain-core",
  "logos-blockchain-cryptarchia-engine",
  "rand 0.8.5",
@@ -4609,8 +5325,8 @@ dependencies = [
 
 [[package]]
 name = "logos-blockchain-groth16"
-version = "0.2.1"
-source = "git+https://github.com/logos-blockchain/logos-blockchain.git?rev=1da154c74b911318fb853d37261f8a05ffe513b4#1da154c74b911318fb853d37261f8a05ffe513b4"
+version = "0.1.2"
+source = "git+https://github.com/logos-blockchain/logos-blockchain.git?rev=ee281a447d95a951752461ee0a6e88eb4a0f17cf#ee281a447d95a951752461ee0a6e88eb4a0f17cf"
 dependencies = [
  "ark-bn254 0.4.0",
  "ark-ec 0.4.2",
@@ -4627,8 +5343,8 @@ dependencies = [
 
 [[package]]
 name = "logos-blockchain-http-api-common"
-version = "0.2.1"
-source = "git+https://github.com/logos-blockchain/logos-blockchain.git?rev=1da154c74b911318fb853d37261f8a05ffe513b4#1da154c74b911318fb853d37261f8a05ffe513b4"
+version = "0.1.2"
+source = "git+https://github.com/logos-blockchain/logos-blockchain.git?rev=ee281a447d95a951752461ee0a6e88eb4a0f17cf#ee281a447d95a951752461ee0a6e88eb4a0f17cf"
 dependencies = [
  "axum 0.7.9",
  "logos-blockchain-core",
@@ -4642,8 +5358,8 @@ dependencies = [
 
 [[package]]
 name = "logos-blockchain-key-management-system-keys"
-version = "0.2.1"
-source = "git+https://github.com/logos-blockchain/logos-blockchain.git?rev=1da154c74b911318fb853d37261f8a05ffe513b4#1da154c74b911318fb853d37261f8a05ffe513b4"
+version = "0.1.2"
+source = "git+https://github.com/logos-blockchain/logos-blockchain.git?rev=ee281a447d95a951752461ee0a6e88eb4a0f17cf#ee281a447d95a951752461ee0a6e88eb4a0f17cf"
 dependencies = [
  "async-trait",
  "bytes",
@@ -4668,8 +5384,8 @@ dependencies = [
 
 [[package]]
 name = "logos-blockchain-key-management-system-macros"
-version = "0.2.1"
-source = "git+https://github.com/logos-blockchain/logos-blockchain.git?rev=1da154c74b911318fb853d37261f8a05ffe513b4#1da154c74b911318fb853d37261f8a05ffe513b4"
+version = "0.1.2"
+source = "git+https://github.com/logos-blockchain/logos-blockchain.git?rev=ee281a447d95a951752461ee0a6e88eb4a0f17cf#ee281a447d95a951752461ee0a6e88eb4a0f17cf"
 dependencies = [
  "proc-macro2",
  "quote",
@@ -4678,8 +5394,8 @@ dependencies = [
 
 [[package]]
 name = "logos-blockchain-key-management-system-operators"
-version = "0.2.1"
-source = "git+https://github.com/logos-blockchain/logos-blockchain.git?rev=1da154c74b911318fb853d37261f8a05ffe513b4#1da154c74b911318fb853d37261f8a05ffe513b4"
+version = "0.1.2"
+source = "git+https://github.com/logos-blockchain/logos-blockchain.git?rev=ee281a447d95a951752461ee0a6e88eb4a0f17cf#ee281a447d95a951752461ee0a6e88eb4a0f17cf"
 dependencies = [
  "async-trait",
  "logos-blockchain-blend-proofs",
@@ -4694,8 +5410,8 @@ dependencies = [
 
 [[package]]
 name = "logos-blockchain-key-management-system-service"
-version = "0.2.1"
-source = "git+https://github.com/logos-blockchain/logos-blockchain.git?rev=1da154c74b911318fb853d37261f8a05ffe513b4#1da154c74b911318fb853d37261f8a05ffe513b4"
+version = "0.1.2"
+source = "git+https://github.com/logos-blockchain/logos-blockchain.git?rev=ee281a447d95a951752461ee0a6e88eb4a0f17cf#ee281a447d95a951752461ee0a6e88eb4a0f17cf"
 dependencies = [
  "async-trait",
  "log",
@@ -4711,8 +5427,8 @@ dependencies = [
 
 [[package]]
 name = "logos-blockchain-ledger"
-version = "0.2.1"
-source = "git+https://github.com/logos-blockchain/logos-blockchain.git?rev=1da154c74b911318fb853d37261f8a05ffe513b4#1da154c74b911318fb853d37261f8a05ffe513b4"
+version = "0.1.2"
+source = "git+https://github.com/logos-blockchain/logos-blockchain.git?rev=ee281a447d95a951752461ee0a6e88eb4a0f17cf#ee281a447d95a951752461ee0a6e88eb4a0f17cf"
 dependencies = [
  "derivative",
  "logos-blockchain-blend-crypto",
@@ -4722,6 +5438,7 @@ dependencies = [
  "logos-blockchain-cryptarchia-engine",
  "logos-blockchain-groth16",
  "logos-blockchain-key-management-system-keys",
+ "logos-blockchain-mmr",
  "logos-blockchain-pol",
  "logos-blockchain-utils",
  "logos-blockchain-utxotree",
@@ -4734,17 +5451,61 @@ dependencies = [
  "tracing",
 ]
 
+[[package]]
+name = "logos-blockchain-libp2p"
+version = "0.1.2"
+source = "git+https://github.com/logos-blockchain/logos-blockchain.git?rev=ee281a447d95a951752461ee0a6e88eb4a0f17cf#ee281a447d95a951752461ee0a6e88eb4a0f17cf"
+dependencies = [
+ "async-trait",
+ "backon",
+ "blake2",
+ "either",
+ "futures",
+ "hex",
+ "igd-next 0.16.2",
+ "libp2p",
+ "logos-blockchain-cryptarchia-sync",
+ "logos-blockchain-utils",
+ "multiaddr",
+ "natpmp",
+ "netdev",
+ "num_enum",
+ "rand 0.8.5",
+ "serde",
+ "serde_with",
+ "thiserror 1.0.69",
+ "tokio",
+ "tracing",
+ "zerocopy",
+]
+
+[[package]]
+name = "logos-blockchain-mmr"
+version = "0.1.2"
+source = "git+https://github.com/logos-blockchain/logos-blockchain.git?rev=ee281a447d95a951752461ee0a6e88eb4a0f17cf#ee281a447d95a951752461ee0a6e88eb4a0f17cf"
+dependencies = [
+ "ark-ff 0.4.2",
+ "logos-blockchain-groth16",
+ "logos-blockchain-poseidon2",
+ "rpds",
+ "serde",
+ "thiserror 2.0.18",
+]
+
 [[package]]
 name = "logos-blockchain-network-service"
-version = "0.2.1"
-source = "git+https://github.com/logos-blockchain/logos-blockchain.git?rev=1da154c74b911318fb853d37261f8a05ffe513b4#1da154c74b911318fb853d37261f8a05ffe513b4"
+version = "0.1.2"
+source = "git+https://github.com/logos-blockchain/logos-blockchain.git?rev=ee281a447d95a951752461ee0a6e88eb4a0f17cf#ee281a447d95a951752461ee0a6e88eb4a0f17cf"
 dependencies = [
  "async-trait",
  "futures",
  "logos-blockchain-core",
  "logos-blockchain-cryptarchia-sync",
+ "logos-blockchain-libp2p",
  "logos-blockchain-tracing",
  "overwatch",
+ "rand 0.8.5",
+ "rand_chacha 0.3.1",
  "serde",
  "tokio",
  "tokio-stream",
@@ -4753,8 +5514,8 @@ dependencies = [
 
 [[package]]
 name = "logos-blockchain-poc"
-version = "0.2.1"
-source = "git+https://github.com/logos-blockchain/logos-blockchain.git?rev=1da154c74b911318fb853d37261f8a05ffe513b4#1da154c74b911318fb853d37261f8a05ffe513b4"
+version = "0.1.2"
+source = "git+https://github.com/logos-blockchain/logos-blockchain.git?rev=ee281a447d95a951752461ee0a6e88eb4a0f17cf#ee281a447d95a951752461ee0a6e88eb4a0f17cf"
 dependencies = [
  "logos-blockchain-circuits-prover",
  "logos-blockchain-circuits-utils",
@@ -4769,8 +5530,8 @@ dependencies = [
 
 [[package]]
 name = "logos-blockchain-pol"
-version = "0.2.1"
-source = "git+https://github.com/logos-blockchain/logos-blockchain.git?rev=1da154c74b911318fb853d37261f8a05ffe513b4#1da154c74b911318fb853d37261f8a05ffe513b4"
+version = "0.1.2"
+source = "git+https://github.com/logos-blockchain/logos-blockchain.git?rev=ee281a447d95a951752461ee0a6e88eb4a0f17cf#ee281a447d95a951752461ee0a6e88eb4a0f17cf"
 dependencies = [
  "astro-float",
  "logos-blockchain-circuits-prover",
@@ -4788,8 +5549,8 @@ dependencies = [
 
 [[package]]
 name = "logos-blockchain-poq"
-version = "0.2.1"
-source = "git+https://github.com/logos-blockchain/logos-blockchain.git?rev=1da154c74b911318fb853d37261f8a05ffe513b4#1da154c74b911318fb853d37261f8a05ffe513b4"
+version = "0.1.2"
+source = "git+https://github.com/logos-blockchain/logos-blockchain.git?rev=ee281a447d95a951752461ee0a6e88eb4a0f17cf#ee281a447d95a951752461ee0a6e88eb4a0f17cf"
 dependencies = [
  "logos-blockchain-circuits-prover",
  "logos-blockchain-circuits-utils",
@@ -4805,8 +5566,8 @@ dependencies = [
 
 [[package]]
 name = "logos-blockchain-poseidon2"
-version = "0.2.1"
-source = "git+https://github.com/logos-blockchain/logos-blockchain.git?rev=1da154c74b911318fb853d37261f8a05ffe513b4#1da154c74b911318fb853d37261f8a05ffe513b4"
+version = "0.1.2"
+source = "git+https://github.com/logos-blockchain/logos-blockchain.git?rev=ee281a447d95a951752461ee0a6e88eb4a0f17cf#ee281a447d95a951752461ee0a6e88eb4a0f17cf"
 dependencies = [
  "ark-bn254 0.4.0",
  "ark-ff 0.4.2",
@@ -4816,8 +5577,8 @@ dependencies = [
 
 [[package]]
 name = "logos-blockchain-services-utils"
-version = "0.2.1"
-source = "git+https://github.com/logos-blockchain/logos-blockchain.git?rev=1da154c74b911318fb853d37261f8a05ffe513b4#1da154c74b911318fb853d37261f8a05ffe513b4"
+version = "0.1.2"
+source = "git+https://github.com/logos-blockchain/logos-blockchain.git?rev=ee281a447d95a951752461ee0a6e88eb4a0f17cf#ee281a447d95a951752461ee0a6e88eb4a0f17cf"
 dependencies = [
  "async-trait",
  "futures",
@@ -4831,8 +5592,8 @@ dependencies = [
 
 [[package]]
 name = "logos-blockchain-storage-service"
-version = "0.2.1"
-source = "git+https://github.com/logos-blockchain/logos-blockchain.git?rev=1da154c74b911318fb853d37261f8a05ffe513b4#1da154c74b911318fb853d37261f8a05ffe513b4"
+version = "0.1.2"
+source = "git+https://github.com/logos-blockchain/logos-blockchain.git?rev=ee281a447d95a951752461ee0a6e88eb4a0f17cf#ee281a447d95a951752461ee0a6e88eb4a0f17cf"
 dependencies = [
  "async-trait",
  "bytes",
@@ -4849,15 +5610,18 @@ dependencies = [
 
 [[package]]
 name = "logos-blockchain-time-service"
-version = "0.2.1"
-source = "git+https://github.com/logos-blockchain/logos-blockchain.git?rev=1da154c74b911318fb853d37261f8a05ffe513b4#1da154c74b911318fb853d37261f8a05ffe513b4"
+version = "0.1.2"
+source = "git+https://github.com/logos-blockchain/logos-blockchain.git?rev=ee281a447d95a951752461ee0a6e88eb4a0f17cf#ee281a447d95a951752461ee0a6e88eb4a0f17cf"
 dependencies = [
  "async-trait",
  "futures",
  "log",
  "logos-blockchain-cryptarchia-engine",
  "logos-blockchain-tracing",
+ "logos-blockchain-utils",
  "overwatch",
+ "serde",
+ "serde_with",
  "sntpc",
  "thiserror 2.0.18",
  "time",
@@ -4868,8 +5632,8 @@ dependencies = [
 
 [[package]]
 name = "logos-blockchain-tracing"
-version = "0.2.1"
-source = "git+https://github.com/logos-blockchain/logos-blockchain.git?rev=1da154c74b911318fb853d37261f8a05ffe513b4#1da154c74b911318fb853d37261f8a05ffe513b4"
+version = "0.1.2"
+source = "git+https://github.com/logos-blockchain/logos-blockchain.git?rev=ee281a447d95a951752461ee0a6e88eb4a0f17cf#ee281a447d95a951752461ee0a6e88eb4a0f17cf"
 dependencies = [
  "opentelemetry",
  "opentelemetry-appender-tracing",
@@ -4880,6 +5644,7 @@ dependencies = [
  "rand 0.8.5",
  "serde",
  "tokio",
+ "tonic",
  "tracing",
  "tracing-appender",
  "tracing-gelf",
@@ -4891,8 +5656,8 @@ dependencies = [
 
 [[package]]
 name = "logos-blockchain-utils"
-version = "0.2.1"
-source = "git+https://github.com/logos-blockchain/logos-blockchain.git?rev=1da154c74b911318fb853d37261f8a05ffe513b4#1da154c74b911318fb853d37261f8a05ffe513b4"
+version = "0.1.2"
+source = "git+https://github.com/logos-blockchain/logos-blockchain.git?rev=ee281a447d95a951752461ee0a6e88eb4a0f17cf#ee281a447d95a951752461ee0a6e88eb4a0f17cf"
 dependencies = [
  "async-trait",
  "blake2",
@@ -4908,8 +5673,8 @@ dependencies = [
 
 [[package]]
 name = "logos-blockchain-utxotree"
-version = "0.2.1"
-source = "git+https://github.com/logos-blockchain/logos-blockchain.git?rev=1da154c74b911318fb853d37261f8a05ffe513b4#1da154c74b911318fb853d37261f8a05ffe513b4"
+version = "0.1.2"
+source = "git+https://github.com/logos-blockchain/logos-blockchain.git?rev=ee281a447d95a951752461ee0a6e88eb4a0f17cf#ee281a447d95a951752461ee0a6e88eb4a0f17cf"
 dependencies = [
  "ark-ff 0.4.2",
  "logos-blockchain-groth16",
@@ -4922,16 +5687,16 @@ dependencies = [
 
 [[package]]
 name = "logos-blockchain-witness-generator"
-version = "0.2.1"
-source = "git+https://github.com/logos-blockchain/logos-blockchain.git?rev=1da154c74b911318fb853d37261f8a05ffe513b4#1da154c74b911318fb853d37261f8a05ffe513b4"
+version = "0.1.2"
+source = "git+https://github.com/logos-blockchain/logos-blockchain.git?rev=ee281a447d95a951752461ee0a6e88eb4a0f17cf#ee281a447d95a951752461ee0a6e88eb4a0f17cf"
 dependencies = [
  "tempfile",
 ]
 
 [[package]]
 name = "logos-blockchain-zksign"
-version = "0.2.1"
-source = "git+https://github.com/logos-blockchain/logos-blockchain.git?rev=1da154c74b911318fb853d37261f8a05ffe513b4#1da154c74b911318fb853d37261f8a05ffe513b4"
+version = "0.1.2"
+source = "git+https://github.com/logos-blockchain/logos-blockchain.git?rev=ee281a447d95a951752461ee0a6e88eb4a0f17cf#ee281a447d95a951752461ee0a6e88eb4a0f17cf"
 dependencies = [
  "logos-blockchain-circuits-prover",
  "logos-blockchain-circuits-utils",
@@ -4945,6 +5710,26 @@ dependencies = [
  "tracing",
 ]
 
+[[package]]
+name = "logos-blockchain-zone-sdk"
+version = "0.1.2"
+source = "git+https://github.com/logos-blockchain/logos-blockchain.git?rev=ee281a447d95a951752461ee0a6e88eb4a0f17cf#ee281a447d95a951752461ee0a6e88eb4a0f17cf"
+dependencies = [
+ "async-trait",
+ "futures",
+ "logos-blockchain-common-http-client",
+ "logos-blockchain-core",
+ "logos-blockchain-groth16",
+ "logos-blockchain-key-management-system-service",
+ "rand 0.8.5",
+ "reqwest",
+ "rpds",
+ "serde",
+ "thiserror 2.0.18",
+ "tokio",
+ "tracing",
+]
+
 [[package]]
 name = "loki-api"
 version = "0.1.3"
@@ -4955,6 +5740,15 @@ dependencies = [
  "prost-types 0.13.5",
 ]
 
+[[package]]
+name = "lru"
+version = "0.12.5"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "234cf4f4a04dc1f57e24b96cc0cd600cf2af460d4161ac5ecdd0af8e1f3b2a38"
+dependencies = [
+ "hashbrown 0.15.5",
+]
+
 [[package]]
 name = "lru-slab"
 version = "0.1.2"
@@ -5159,7 +5953,7 @@ dependencies = [
  "bitflags 2.11.0",
  "block",
  "core-graphics-types",
- "foreign-types 0.5.0",
+ "foreign-types",
  "log",
  "objc",
  "paste",
@@ -5208,6 +6002,23 @@ dependencies = [
  "windows-sys 0.61.2",
 ]
 
+[[package]]
+name = "moka"
+version = "0.12.15"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "957228ad12042ee839f93c8f257b62b4c0ab5eaae1d4fa60de53b27c9d7c5046"
+dependencies = [
+ "crossbeam-channel",
+ "crossbeam-epoch",
+ "crossbeam-utils",
+ "equivalent",
+ "parking_lot",
+ "portable-atomic",
+ "smallvec",
+ "tagptr",
+ "uuid",
+]
+
 [[package]]
 name = "multer"
 version = "3.1.0"
@@ -5217,7 +6028,7 @@ dependencies = [
  "bytes",
  "encoding_rs",
  "futures-util",
- "http",
+ "http 1.4.0",
  "httparse",
  "memchr",
  "mime",
@@ -5240,7 +6051,8 @@ dependencies = [
  "percent-encoding",
  "serde",
  "static_assertions",
- "unsigned-varint",
+ "unsigned-varint 0.8.0",
+ "url",
 ]
 
 [[package]]
@@ -5262,24 +6074,34 @@ source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "89ace881e3f514092ce9efbcb8f413d0ad9763860b828981c2de51ddc666936c"
 dependencies = [
  "no_std_io2",
- "unsigned-varint",
+ "serde",
+ "unsigned-varint 0.8.0",
 ]
 
 [[package]]
-name = "native-tls"
-version = "0.2.18"
+name = "multistream-select"
+version = "0.13.0"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "465500e14ea162429d264d44189adc38b199b62b1c21eea9f69e4b73cb03bbf2"
+checksum = "ea0df8e5eec2298a62b326ee4f0d7fe1a6b90a09dfcf9df37b38f947a8c42f19"
 dependencies = [
- "libc",
+ "bytes",
+ "futures",
  "log",
- "openssl",
- "openssl-probe",
- "openssl-sys",
- "schannel",
- "security-framework",
- "security-framework-sys",
- "tempfile",
+ "pin-project",
+ "smallvec",
+ "unsigned-varint 0.7.2",
+]
+
+[[package]]
+name = "natpmp"
+version = "0.5.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "77366fa8ce34e2e1322dd97da65f11a62f451bd3daae8be6993c00800f61dd07"
+dependencies = [
+ "async-trait",
+ "cc",
+ "netdev",
+ "tokio",
 ]
 
 [[package]]
@@ -5298,6 +6120,108 @@ dependencies = [
  "rayon",
 ]
 
+[[package]]
+name = "netdev"
+version = "0.31.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "f901362e84cd407be6f8cd9d3a46bccf09136b095792785401ea7d283c79b91d"
+dependencies = [
+ "dlopen2",
+ "ipnet",
+ "libc",
+ "netlink-packet-core 0.7.0",
+ "netlink-packet-route 0.17.1",
+ "netlink-sys",
+ "once_cell",
+ "system-configuration 0.6.1",
+ "windows-sys 0.52.0",
+]
+
+[[package]]
+name = "netlink-packet-core"
+version = "0.7.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "72724faf704479d67b388da142b186f916188505e7e0b26719019c525882eda4"
+dependencies = [
+ "anyhow",
+ "byteorder",
+ "netlink-packet-utils",
+]
+
+[[package]]
+name = "netlink-packet-core"
+version = "0.8.1"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "3463cbb78394cb0141e2c926b93fc2197e473394b761986eca3b9da2c63ae0f4"
+dependencies = [
+ "paste",
+]
+
+[[package]]
+name = "netlink-packet-route"
+version = "0.17.1"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "053998cea5a306971f88580d0829e90f270f940befd7cf928da179d4187a5a66"
+dependencies = [
+ "anyhow",
+ "bitflags 1.3.2",
+ "byteorder",
+ "libc",
+ "netlink-packet-core 0.7.0",
+ "netlink-packet-utils",
+]
+
+[[package]]
+name = "netlink-packet-route"
+version = "0.28.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "4ce3636fa715e988114552619582b530481fd5ef176a1e5c1bf024077c2c9445"
+dependencies = [
+ "bitflags 2.11.0",
+ "libc",
+ "log",
+ "netlink-packet-core 0.8.1",
+]
+
+[[package]]
+name = "netlink-packet-utils"
+version = "0.5.2"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "0ede8a08c71ad5a95cdd0e4e52facd37190977039a4704eb82a283f713747d34"
+dependencies = [
+ "anyhow",
+ "byteorder",
+ "paste",
+ "thiserror 1.0.69",
+]
+
+[[package]]
+name = "netlink-proto"
+version = "0.12.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "b65d130ee111430e47eed7896ea43ca693c387f097dd97376bffafbf25812128"
+dependencies = [
+ "bytes",
+ "futures",
+ "log",
+ "netlink-packet-core 0.8.1",
+ "netlink-sys",
+ "thiserror 2.0.18",
+]
+
+[[package]]
+name = "netlink-sys"
+version = "0.8.8"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "cd6c30ed10fa69cc491d491b85cc971f6bdeb8e7367b7cde2ee6cc878d583fae"
+dependencies = [
+ "bytes",
+ "futures-util",
+ "libc",
+ "log",
+ "tokio",
+]
+
 [[package]]
 name = "next_tuple"
 version = "0.1.0"
@@ -5322,6 +6246,18 @@ dependencies = [
  "zeroize",
 ]
 
+[[package]]
+name = "nix"
+version = "0.30.1"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "74523f3a35e05aba87a1d978330aef40f67b0304ac79c1c00b294c9830543db6"
+dependencies = [
+ "bitflags 2.11.0",
+ "cfg-if",
+ "cfg_aliases",
+ "libc",
+]
+
 [[package]]
 name = "no_std_io2"
 version = "0.8.1"
@@ -5405,7 +6341,7 @@ version = "0.50.3"
 source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "7957b9740744892f114936ab4a57b3f487491bbeafaf8083688b16841a4240e5"
 dependencies = [
- "windows-sys 0.59.0",
+ "windows-sys 0.61.2",
 ]
 
 [[package]]
@@ -5586,6 +6522,15 @@ dependencies = [
  "thiserror 2.0.18",
 ]
 
+[[package]]
+name = "oid-registry"
+version = "0.8.1"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "12f40cff3dde1b6087cc5d5f5d4d65712f34016a03ed60e9c08dcc392736b5b7"
+dependencies = [
+ "asn1-rs",
+]
+
 [[package]]
 name = "once_cell"
 version = "1.21.3"
@@ -5604,50 +6549,12 @@ version = "0.3.1"
 source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "c08d65885ee38876c4f86fa503fb49d7b507c2b62552df7c70b2fce627e06381"
 
-[[package]]
-name = "openssl"
-version = "0.10.75"
-source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "08838db121398ad17ab8531ce9de97b244589089e290a384c900cb9ff7434328"
-dependencies = [
- "bitflags 2.11.0",
- "cfg-if",
- "foreign-types 0.3.2",
- "libc",
- "once_cell",
- "openssl-macros",
- "openssl-sys",
-]
-
-[[package]]
-name = "openssl-macros"
-version = "0.1.1"
-source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "a948666b637a0f465e8564c73e89d4dde00d72d4d473cc972f390fc3dcee7d9c"
-dependencies = [
- "proc-macro2",
- "quote",
- "syn 2.0.117",
-]
-
 [[package]]
 name = "openssl-probe"
 version = "0.2.1"
 source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "7c87def4c32ab89d880effc9e097653c8da5d6ef28e6b539d313baaacfbafcbe"
 
-[[package]]
-name = "openssl-sys"
-version = "0.9.111"
-source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "82cab2d520aa75e3c58898289429321eb788c3106963d0dc886ec7a5f4adc321"
-dependencies = [
- "cc",
- "libc",
- "pkg-config",
- "vcpkg",
-]
-
 [[package]]
 name = "opentelemetry"
 version = "0.31.0"
@@ -5681,7 +6588,7 @@ checksum = "d7a6d09a73194e6b66df7c8f1b680f156d916a1a942abf2de06823dd02b7855d"
 dependencies = [
  "async-trait",
  "bytes",
- "http",
+ "http 1.4.0",
  "opentelemetry",
  "reqwest",
 ]
@@ -5692,7 +6599,7 @@ version = "0.31.1"
 source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "1f69cd6acbb9af919df949cd1ec9e5e7fdc2ef15d234b6b795aaa525cc02f71f"
 dependencies = [
- "http",
+ "http 1.4.0",
  "opentelemetry",
  "opentelemetry-http",
  "opentelemetry-proto",
@@ -5856,6 +6763,16 @@ version = "0.2.3"
 source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "df94ce210e5bc13cb6651479fa48d14f601d9858cfe0467f43ae157023b938d3"
 
+[[package]]
+name = "pem"
+version = "3.0.6"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "1d30c53c26bc5b31a98cd02d20f25a7c8567146caf63ed593a9d87b2775291be"
+dependencies = [
+ "base64 0.22.1",
+ "serde_core",
+]
+
 [[package]]
 name = "pem-rfc7468"
 version = "0.7.0"
@@ -5936,6 +6853,20 @@ version = "0.2.3"
 source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "b4596b6d070b27117e987119b4dac604f3c58cfb0b191112e24771b2faeac1a6"
 
+[[package]]
+name = "polling"
+version = "3.11.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "5d0e4f59085d47d8241c88ead0f274e8a0cb551f3625263c05eb8dd897c34218"
+dependencies = [
+ "cfg-if",
+ "concurrent-queue",
+ "hermit-abi",
+ "pin-project-lite",
+ "rustix",
+ "windows-sys 0.61.2",
+]
+
 [[package]]
 name = "polyval"
 version = "0.6.2"
@@ -6110,6 +7041,29 @@ dependencies = [
  "token_program",
 ]
 
+[[package]]
+name = "prometheus-client"
+version = "0.22.3"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "504ee9ff529add891127c4827eb481bd69dc0ebc72e9a682e187db4caa60c3ca"
+dependencies = [
+ "dtoa",
+ "itoa",
+ "parking_lot",
+ "prometheus-client-derive-encode",
+]
+
+[[package]]
+name = "prometheus-client-derive-encode"
+version = "0.4.2"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "440f724eba9f6996b75d63681b0a92b06947f1457076d503a4d2e2c8f56442b8"
+dependencies = [
+ "proc-macro2",
+ "quote",
+ "syn 2.0.117",
+]
+
 [[package]]
 name = "proptest"
 version = "1.10.0"
@@ -6202,6 +7156,28 @@ dependencies = [
  "parking_lot",
 ]
 
+[[package]]
+name = "quick-protobuf"
+version = "0.8.1"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "9d6da84cc204722a989e01ba2f6e1e276e190f22263d0cb6ce8526fcdb0d2e1f"
+dependencies = [
+ "byteorder",
+]
+
+[[package]]
+name = "quick-protobuf-codec"
+version = "0.3.1"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "15a0580ab32b169745d7a39db2ba969226ca16738931be152a3209b409de2474"
+dependencies = [
+ "asynchronous-codec",
+ "bytes",
+ "quick-protobuf",
+ "thiserror 1.0.69",
+ "unsigned-varint 0.8.0",
+]
+
 [[package]]
 name = "quinn"
 version = "0.11.9"
@@ -6210,12 +7186,13 @@ checksum = "b9e20a958963c291dc322d98411f541009df2ced7b5a4f2bd52337638cfccf20"
 dependencies = [
  "bytes",
  "cfg_aliases",
+ "futures-io",
  "pin-project-lite",
  "quinn-proto",
  "quinn-udp",
  "rustc-hash",
  "rustls",
- "socket2",
+ "socket2 0.6.3",
  "thiserror 2.0.18",
  "tokio",
  "tracing",
@@ -6252,7 +7229,7 @@ dependencies = [
  "cfg_aliases",
  "libc",
  "once_cell",
- "socket2",
+ "socket2 0.6.3",
  "tracing",
  "windows-sys 0.59.0",
 ]
@@ -6327,6 +7304,17 @@ dependencies = [
  "rand_core 0.9.5",
 ]
 
+[[package]]
+name = "rand"
+version = "0.10.1"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "d2e8e8bcc7961af1fdac401278c6a831614941f6164ee3bf4ce61b7edb162207"
+dependencies = [
+ "chacha20",
+ "getrandom 0.4.2",
+ "rand_core 0.10.1",
+]
+
 [[package]]
 name = "rand_chacha"
 version = "0.3.1"
@@ -6365,6 +7353,12 @@ dependencies = [
  "getrandom 0.3.4",
 ]
 
+[[package]]
+name = "rand_core"
+version = "0.10.1"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "63b8176103e19a2643978565ca18b50549f6101881c443590420e4dc998a3c69"
+
 [[package]]
 name = "rand_xorshift"
 version = "0.4.0"
@@ -6400,6 +7394,19 @@ dependencies = [
  "crossbeam-utils",
 ]
 
+[[package]]
+name = "rcgen"
+version = "0.13.2"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "75e669e5202259b5314d1ea5397316ad400819437857b90861765f24c4cf80a2"
+dependencies = [
+ "pem",
+ "ring",
+ "rustls-pki-types",
+ "time",
+ "yasna",
+]
+
 [[package]]
 name = "reactive_graph"
 version = "0.2.13"
@@ -6540,22 +7547,18 @@ checksum = "eddd3ca559203180a307f12d114c268abf583f59b03cb906fd0b3ff8646c1147"
 dependencies = [
  "base64 0.22.1",
  "bytes",
- "encoding_rs",
  "futures-channel",
  "futures-core",
  "futures-util",
  "h2",
- "http",
+ "http 1.4.0",
  "http-body",
  "http-body-util",
  "hyper",
  "hyper-rustls",
- "hyper-tls",
  "hyper-util",
  "js-sys",
  "log",
- "mime",
- "native-tls",
  "percent-encoding",
  "pin-project-lite",
  "quinn",
@@ -6566,7 +7569,6 @@ dependencies = [
  "serde_urlencoded",
  "sync_wrapper",
  "tokio",
- "tokio-native-tls",
  "tokio-rustls",
  "tokio-util",
  "tower",
@@ -6580,6 +7582,12 @@ dependencies = [
  "webpki-roots",
 ]
 
+[[package]]
+name = "resolv-conf"
+version = "0.7.6"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "1e061d1b48cb8d38042de4ae0a7a6401009d6143dc80d2e2d6f31f0bdd6470c7"
+
 [[package]]
 name = "rfc6979"
 version = "0.4.0"
@@ -7038,6 +8046,24 @@ dependencies = [
  "thiserror 2.0.18",
 ]
 
+[[package]]
+name = "rtnetlink"
+version = "0.20.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "4b960d5d873a75b5be9761b1e73b146f52dddcd27bac75263f40fba686d4d7b5"
+dependencies = [
+ "futures-channel",
+ "futures-util",
+ "log",
+ "netlink-packet-core 0.8.1",
+ "netlink-packet-route 0.28.0",
+ "netlink-proto",
+ "netlink-sys",
+ "nix",
+ "thiserror 1.0.69",
+ "tokio",
+]
+
 [[package]]
 name = "ruint"
 version = "1.17.2"
@@ -7081,6 +8107,15 @@ dependencies = [
  "semver",
 ]
 
+[[package]]
+name = "rusticata-macros"
+version = "4.1.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "faf0c4a6ece9950b9abdb62b1cfcf2a68b3b67a10ba445b3bb85be2a293d0632"
+dependencies = [
+ "nom 7.1.3",
+]
+
 [[package]]
 name = "rustix"
 version = "1.1.4"
@@ -7184,6 +8219,17 @@ dependencies = [
  "twox-hash",
 ]
 
+[[package]]
+name = "rw-stream-sink"
+version = "0.4.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "d8c9026ff5d2f23da5e45bbc283f156383001bfb09c4e44256d02c1a685fe9a1"
+dependencies = [
+ "futures",
+ "pin-project",
+ "static_assertions",
+]
+
 [[package]]
 name = "ryu"
 version = "1.0.23"
@@ -7347,17 +8393,16 @@ name = "sequencer_core"
 version = "0.1.0"
 dependencies = [
  "anyhow",
- "bedrock_client",
  "borsh",
  "bytesize",
  "chrono",
  "common",
  "futures",
  "humantime-serde",
- "jsonrpsee",
  "log",
  "logos-blockchain-core",
  "logos-blockchain-key-management-system-service",
+ "logos-blockchain-zone-sdk",
  "mempool",
  "nssa",
  "nssa_core",
@@ -7383,7 +8428,6 @@ dependencies = [
  "common",
  "env_logger",
  "futures",
- "indexer_service_rpc",
  "jsonrpsee",
  "log",
  "mempool",
@@ -7614,7 +8658,7 @@ dependencies = [
  "const_format",
  "futures",
  "gloo-net",
- "http",
+ "http 1.4.0",
  "http-body-util",
  "hyper",
  "inventory",
@@ -7766,6 +8810,16 @@ dependencies = [
  "tokio",
 ]
 
+[[package]]
+name = "socket2"
+version = "0.5.10"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "e22376abed350d73dd1cd119b57ffccad95b4e585a7cda43e286245ce23c0678"
+dependencies = [
+ "libc",
+ "windows-sys 0.52.0",
+]
+
 [[package]]
 name = "socket2"
 version = "0.6.3"
@@ -7785,7 +8839,7 @@ dependencies = [
  "base64 0.22.1",
  "bytes",
  "futures",
- "http",
+ "http 1.4.0",
  "httparse",
  "log",
  "rand 0.8.5",
@@ -7955,6 +9009,17 @@ dependencies = [
  "syn 2.0.117",
 ]
 
+[[package]]
+name = "system-configuration"
+version = "0.6.1"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "3c879d448e9d986b661742763247d3693ed13609438cf3d006f51f5368a5ba6b"
+dependencies = [
+ "bitflags 2.11.0",
+ "core-foundation 0.9.4",
+ "system-configuration-sys",
+]
+
 [[package]]
 name = "system-configuration"
 version = "0.7.0"
@@ -8008,6 +9073,12 @@ dependencies = [
  "web-sys",
 ]
 
+[[package]]
+name = "tagptr"
+version = "0.2.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "7b2093cf4c8eb1e67749a6762251bc9cd836b6fc171623bd0a9d324d37af2417"
+
 [[package]]
 name = "tap"
 version = "1.0.1"
@@ -8079,9 +9150,9 @@ dependencies = [
 
 [[package]]
 name = "testcontainers"
-version = "0.27.2"
+version = "0.27.3"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "0bd36b06a2a6c0c3c81a83be1ab05fe86460d054d4d51bf513bc56b3e15bdc22"
+checksum = "bfd5785b5483672915ed5fe3cddf9f546802779fc1eceff0a6fb7321fac81c1e"
 dependencies = [
  "astral-tokio-tar",
  "async-trait",
@@ -8093,7 +9164,7 @@ dependencies = [
  "etcetera",
  "ferroid",
  "futures",
- "http",
+ "http 1.4.0",
  "itertools 0.14.0",
  "log",
  "memchr",
@@ -8273,7 +9344,7 @@ dependencies = [
  "parking_lot",
  "pin-project-lite",
  "signal-hook-registry",
- "socket2",
+ "socket2 0.6.3",
  "tokio-macros",
  "windows-sys 0.61.2",
 ]
@@ -8289,27 +9360,6 @@ dependencies = [
  "syn 2.0.117",
 ]
 
-[[package]]
-name = "tokio-native-tls"
-version = "0.3.1"
-source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "bbae76ab933c85776efabc971569dd6119c580d8f5d448769dec1764bf796ef2"
-dependencies = [
- "native-tls",
- "tokio",
-]
-
-[[package]]
-name = "tokio-retry"
-version = "0.3.0"
-source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "7f57eb36ecbe0fc510036adff84824dd3c24bb781e21bfa67b69d556aa85214f"
-dependencies = [
- "pin-project",
- "rand 0.8.5",
- "tokio",
-]
-
 [[package]]
 name = "tokio-rustls"
 version = "0.26.4"
@@ -8470,7 +9520,7 @@ dependencies = [
  "base64 0.22.1",
  "bytes",
  "h2",
- "http",
+ "http 1.4.0",
  "http-body",
  "http-body-util",
  "hyper",
@@ -8478,7 +9528,7 @@ dependencies = [
  "hyper-util",
  "percent-encoding",
  "pin-project",
- "socket2",
+ "socket2 0.6.3",
  "sync_wrapper",
  "tokio",
  "tokio-stream",
@@ -8528,7 +9578,7 @@ dependencies = [
  "bytes",
  "futures-core",
  "futures-util",
- "http",
+ "http 1.4.0",
  "http-body",
  "http-body-util",
  "http-range-header",
@@ -8736,7 +9786,7 @@ checksum = "8628dcc84e5a09eb3d8423d6cb682965dea9133204e8fb3efee74c2a0c259442"
 dependencies = [
  "bytes",
  "data-encoding",
- "http",
+ "http 1.4.0",
  "httparse",
  "log",
  "rand 0.9.3",
@@ -8817,6 +9867,18 @@ dependencies = [
  "syn 2.0.117",
 ]
 
+[[package]]
+name = "uint"
+version = "0.10.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "909988d098b2f738727b161a106cfc7cab00c539c2687a8836f8e565976fb53e"
+dependencies = [
+ "byteorder",
+ "crunchy",
+ "hex",
+ "static_assertions",
+]
+
 [[package]]
 name = "unarray"
 version = "0.1.4"
@@ -8884,6 +9946,12 @@ version = "0.2.11"
 source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "673aac59facbab8a9007c7f6108d11f63b603f7cabff99fabf650fea5c32b861"
 
+[[package]]
+name = "unsigned-varint"
+version = "0.7.2"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "6889a77d49f1f013504cec6bf97a2c730394adedaeb1deb5ea08949a50541105"
+
 [[package]]
 name = "unsigned-varint"
 version = "0.8.0"
@@ -8918,7 +9986,7 @@ source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "d81f9efa9df032be5934a46a068815a10a042b494b6a58cb0a1a97bb5467ed6f"
 dependencies = [
  "base64 0.22.1",
- "http",
+ "http 1.4.0",
  "httparse",
  "log",
 ]
@@ -9285,6 +10353,12 @@ dependencies = [
  "safe_arch",
 ]
 
+[[package]]
+name = "widestring"
+version = "1.2.1"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "72069c3113ab32ab29e5584db3c6ec55d416895e60715417b5b883a357c3e471"
+
 [[package]]
 name = "winapi"
 version = "0.3.9"
@@ -9316,6 +10390,27 @@ version = "0.4.0"
 source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "712e227841d057c1ee1cd2fb22fa7e5a5461ae8e48fa2ca79ec42cfc1931183f"
 
+[[package]]
+name = "windows"
+version = "0.62.2"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "527fadee13e0c05939a6a05d5bd6eec6cd2e3dbd648b9f8e447c6518133d8580"
+dependencies = [
+ "windows-collections",
+ "windows-core",
+ "windows-future",
+ "windows-numerics",
+]
+
+[[package]]
+name = "windows-collections"
+version = "0.3.2"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "23b2d95af1a8a14a3c7367e1ed4fc9c20e0a26e79551b1454d72583c97cc6610"
+dependencies = [
+ "windows-core",
+]
+
 [[package]]
 name = "windows-core"
 version = "0.62.2"
@@ -9329,6 +10424,17 @@ dependencies = [
  "windows-strings",
 ]
 
+[[package]]
+name = "windows-future"
+version = "0.3.2"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "e1d6f90251fe18a279739e78025bd6ddc52a7e22f921070ccdc67dde84c605cb"
+dependencies = [
+ "windows-core",
+ "windows-link",
+ "windows-threading",
+]
+
 [[package]]
 name = "windows-implement"
 version = "0.60.2"
@@ -9357,6 +10463,16 @@ version = "0.2.1"
 source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "f0805222e57f7521d6a62e36fa9163bc891acd422f971defe97d64e70d0a4fe5"
 
+[[package]]
+name = "windows-numerics"
+version = "0.3.1"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "6e2e40844ac143cdb44aead537bbf727de9b044e107a0f1220392177d15b0f26"
+dependencies = [
+ "windows-core",
+ "windows-link",
+]
+
 [[package]]
 name = "windows-registry"
 version = "0.6.1"
@@ -9453,6 +10569,15 @@ dependencies = [
  "windows_x86_64_msvc 0.52.6",
 ]
 
+[[package]]
+name = "windows-threading"
+version = "0.2.1"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "3949bd5b99cafdf1c7ca86b43ca564028dfe27d66958f2470940f73d86d75b37"
+dependencies = [
+ "windows-link",
+]
+
 [[package]]
 name = "windows_aarch64_gnullvm"
 version = "0.42.2"
@@ -9667,6 +10792,23 @@ dependencies = [
  "zeroize",
 ]
 
+[[package]]
+name = "x509-parser"
+version = "0.17.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "4569f339c0c402346d4a75a9e39cf8dad310e287eef1ff56d4c68e5067f53460"
+dependencies = [
+ "asn1-rs",
+ "data-encoding",
+ "der-parser",
+ "lazy_static",
+ "nom 7.1.3",
+ "oid-registry",
+ "rusticata-macros",
+ "thiserror 2.0.18",
+ "time",
+]
+
 [[package]]
 name = "xattr"
 version = "1.6.1"
@@ -9677,6 +10819,21 @@ dependencies = [
  "rustix",
 ]
 
+[[package]]
+name = "xml-rs"
+version = "0.8.28"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "3ae8337f8a065cfc972643663ea4279e04e7256de865aa66fe25cec5fb912d3f"
+
+[[package]]
+name = "xmltree"
+version = "0.10.3"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "d7d8a75eaf6557bb84a65ace8609883db44a29951042ada9b393151532e41fcb"
+dependencies = [
+ "xml-rs",
+]
+
 [[package]]
 name = "xxhash-rust"
 version = "0.8.15"
@@ -9691,7 +10848,7 @@ checksum = "2462ea039c445496d8793d052e13787f2b90e750b833afee748e601c17621ed9"
 dependencies = [
  "arraydeque",
  "encoding_rs",
- "hashlink",
+ "hashlink 0.10.0",
 ]
 
 [[package]]
@@ -9700,6 +10857,15 @@ version = "1.0.1"
 source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "cfe53a6657fd280eaa890a3bc59152892ffa3e30101319d168b781ed6529b049"
 
+[[package]]
+name = "yasna"
+version = "0.5.2"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "e17bb3549cc1321ae1296b9cdc2698e2b6cb1992adfa19a8c72e5b7a738f44cd"
+dependencies = [
+ "time",
+]
+
 [[package]]
 name = "yoke"
 version = "0.8.1"
diff --git a/Cargo.toml b/Cargo.toml
index 96b06460..4fcaf9f6 100644
--- a/Cargo.toml
+++ b/Cargo.toml
@@ -36,7 +36,6 @@ members = [
   "examples/program_deployment",
   "examples/program_deployment/methods",
   "examples/program_deployment/methods/guest",
-  "bedrock_client",
   "testnet_initial_state",
   "indexer_ffi",
 ]
@@ -67,7 +66,6 @@ amm_program = { path = "programs/amm" }
 ata_core = { path = "programs/associated_token_account/core" }
 ata_program = { path = "programs/associated_token_account" }
 test_program_methods = { path = "test_program_methods" }
-bedrock_client = { path = "bedrock_client" }
 testnet_initial_state = { path = "testnet_initial_state" }
 
 tokio = { version = "1.50", features = [
@@ -122,11 +120,12 @@ tokio-retry = "0.3.0"
 schemars = "1.2"
 async-stream = "0.3.6"
 
-logos-blockchain-common-http-client = { git = "https://github.com/logos-blockchain/logos-blockchain.git", rev = "1da154c74b911318fb853d37261f8a05ffe513b4" }
-logos-blockchain-key-management-system-service = { git = "https://github.com/logos-blockchain/logos-blockchain.git", rev = "1da154c74b911318fb853d37261f8a05ffe513b4" }
-logos-blockchain-core = { git = "https://github.com/logos-blockchain/logos-blockchain.git", rev = "1da154c74b911318fb853d37261f8a05ffe513b4" }
-logos-blockchain-chain-broadcast-service = { git = "https://github.com/logos-blockchain/logos-blockchain.git", rev = "1da154c74b911318fb853d37261f8a05ffe513b4" }
-logos-blockchain-chain-service = { git = "https://github.com/logos-blockchain/logos-blockchain.git", rev = "1da154c74b911318fb853d37261f8a05ffe513b4" }
+logos-blockchain-common-http-client = { git = "https://github.com/logos-blockchain/logos-blockchain.git", rev = "ee281a447d95a951752461ee0a6e88eb4a0f17cf" }
+logos-blockchain-key-management-system-service = { git = "https://github.com/logos-blockchain/logos-blockchain.git", rev = "ee281a447d95a951752461ee0a6e88eb4a0f17cf" }
+logos-blockchain-core = { git = "https://github.com/logos-blockchain/logos-blockchain.git", rev = "ee281a447d95a951752461ee0a6e88eb4a0f17cf" }
+logos-blockchain-chain-broadcast-service = { git = "https://github.com/logos-blockchain/logos-blockchain.git", rev = "ee281a447d95a951752461ee0a6e88eb4a0f17cf" }
+logos-blockchain-chain-service = { git = "https://github.com/logos-blockchain/logos-blockchain.git", rev = "ee281a447d95a951752461ee0a6e88eb4a0f17cf" }
+logos-blockchain-zone-sdk = { git = "https://github.com/logos-blockchain/logos-blockchain.git", rev = "ee281a447d95a951752461ee0a6e88eb4a0f17cf" }
 
 rocksdb = { version = "0.24.0", default-features = false, features = [
   "snappy",
diff --git a/artifacts/program_methods/amm.bin b/artifacts/program_methods/amm.bin
index 148a9403..a7ddba52 100644
Binary files a/artifacts/program_methods/amm.bin and b/artifacts/program_methods/amm.bin differ
diff --git a/artifacts/program_methods/associated_token_account.bin b/artifacts/program_methods/associated_token_account.bin
index 46326067..b0e5def5 100644
Binary files a/artifacts/program_methods/associated_token_account.bin and b/artifacts/program_methods/associated_token_account.bin differ
diff --git a/artifacts/program_methods/authenticated_transfer.bin b/artifacts/program_methods/authenticated_transfer.bin
index ad40805f..f6d9672c 100644
Binary files a/artifacts/program_methods/authenticated_transfer.bin and b/artifacts/program_methods/authenticated_transfer.bin differ
diff --git a/artifacts/program_methods/clock.bin b/artifacts/program_methods/clock.bin
index e2a6f120..c24f463c 100644
Binary files a/artifacts/program_methods/clock.bin and b/artifacts/program_methods/clock.bin differ
diff --git a/artifacts/program_methods/pinata.bin b/artifacts/program_methods/pinata.bin
index d0460713..415c8ce3 100644
Binary files a/artifacts/program_methods/pinata.bin and b/artifacts/program_methods/pinata.bin differ
diff --git a/artifacts/program_methods/pinata_token.bin b/artifacts/program_methods/pinata_token.bin
index b0f81f79..9a292cbe 100644
Binary files a/artifacts/program_methods/pinata_token.bin and b/artifacts/program_methods/pinata_token.bin differ
diff --git a/artifacts/program_methods/privacy_preserving_circuit.bin b/artifacts/program_methods/privacy_preserving_circuit.bin
index dcbee51a..3580ef74 100644
Binary files a/artifacts/program_methods/privacy_preserving_circuit.bin and b/artifacts/program_methods/privacy_preserving_circuit.bin differ
diff --git a/artifacts/program_methods/token.bin b/artifacts/program_methods/token.bin
index e0358fa4..bf0f0571 100644
Binary files a/artifacts/program_methods/token.bin and b/artifacts/program_methods/token.bin differ
diff --git a/artifacts/test_program_methods/auth_asserting_noop.bin b/artifacts/test_program_methods/auth_asserting_noop.bin
index 9bd40a30..7292d329 100644
Binary files a/artifacts/test_program_methods/auth_asserting_noop.bin and b/artifacts/test_program_methods/auth_asserting_noop.bin differ
diff --git a/artifacts/test_program_methods/burner.bin b/artifacts/test_program_methods/burner.bin
index 0353d78f..30fdcaee 100644
Binary files a/artifacts/test_program_methods/burner.bin and b/artifacts/test_program_methods/burner.bin differ
diff --git a/artifacts/test_program_methods/chain_caller.bin b/artifacts/test_program_methods/chain_caller.bin
index cd74cf3f..68edc95c 100644
Binary files a/artifacts/test_program_methods/chain_caller.bin and b/artifacts/test_program_methods/chain_caller.bin differ
diff --git a/artifacts/test_program_methods/changer_claimer.bin b/artifacts/test_program_methods/changer_claimer.bin
index 1f966bef..5a71455c 100644
Binary files a/artifacts/test_program_methods/changer_claimer.bin and b/artifacts/test_program_methods/changer_claimer.bin differ
diff --git a/artifacts/test_program_methods/claimer.bin b/artifacts/test_program_methods/claimer.bin
index 8a48effd..42ca125b 100644
Binary files a/artifacts/test_program_methods/claimer.bin and b/artifacts/test_program_methods/claimer.bin differ
diff --git a/artifacts/test_program_methods/clock_chain_caller.bin b/artifacts/test_program_methods/clock_chain_caller.bin
index e08df712..3e84cd25 100644
Binary files a/artifacts/test_program_methods/clock_chain_caller.bin and b/artifacts/test_program_methods/clock_chain_caller.bin differ
diff --git a/artifacts/test_program_methods/data_changer.bin b/artifacts/test_program_methods/data_changer.bin
index 37abf0f7..705a1ec5 100644
Binary files a/artifacts/test_program_methods/data_changer.bin and b/artifacts/test_program_methods/data_changer.bin differ
diff --git a/artifacts/test_program_methods/extra_output.bin b/artifacts/test_program_methods/extra_output.bin
index ebd53621..9f077174 100644
Binary files a/artifacts/test_program_methods/extra_output.bin and b/artifacts/test_program_methods/extra_output.bin differ
diff --git a/artifacts/test_program_methods/flash_swap_callback.bin b/artifacts/test_program_methods/flash_swap_callback.bin
index 29c660cd..ec26c2ca 100644
Binary files a/artifacts/test_program_methods/flash_swap_callback.bin and b/artifacts/test_program_methods/flash_swap_callback.bin differ
diff --git a/artifacts/test_program_methods/flash_swap_initiator.bin b/artifacts/test_program_methods/flash_swap_initiator.bin
index a560d477..73b3bb32 100644
Binary files a/artifacts/test_program_methods/flash_swap_initiator.bin and b/artifacts/test_program_methods/flash_swap_initiator.bin differ
diff --git a/artifacts/test_program_methods/malicious_authorization_changer.bin b/artifacts/test_program_methods/malicious_authorization_changer.bin
index c9d0facd..dba3f365 100644
Binary files a/artifacts/test_program_methods/malicious_authorization_changer.bin and b/artifacts/test_program_methods/malicious_authorization_changer.bin differ
diff --git a/artifacts/test_program_methods/malicious_caller_program_id.bin b/artifacts/test_program_methods/malicious_caller_program_id.bin
index 9b31fd7e..4762d25d 100644
Binary files a/artifacts/test_program_methods/malicious_caller_program_id.bin and b/artifacts/test_program_methods/malicious_caller_program_id.bin differ
diff --git a/artifacts/test_program_methods/malicious_self_program_id.bin b/artifacts/test_program_methods/malicious_self_program_id.bin
index c4a2c039..653ece66 100644
Binary files a/artifacts/test_program_methods/malicious_self_program_id.bin and b/artifacts/test_program_methods/malicious_self_program_id.bin differ
diff --git a/artifacts/test_program_methods/minter.bin b/artifacts/test_program_methods/minter.bin
index 42d2171d..a0144fce 100644
Binary files a/artifacts/test_program_methods/minter.bin and b/artifacts/test_program_methods/minter.bin differ
diff --git a/artifacts/test_program_methods/missing_output.bin b/artifacts/test_program_methods/missing_output.bin
index d2b99291..cbf3e467 100644
Binary files a/artifacts/test_program_methods/missing_output.bin and b/artifacts/test_program_methods/missing_output.bin differ
diff --git a/artifacts/test_program_methods/modified_transfer.bin b/artifacts/test_program_methods/modified_transfer.bin
index f57ac2f1..e2b7fb47 100644
Binary files a/artifacts/test_program_methods/modified_transfer.bin and b/artifacts/test_program_methods/modified_transfer.bin differ
diff --git a/artifacts/test_program_methods/nonce_changer.bin b/artifacts/test_program_methods/nonce_changer.bin
index 6b79e074..a99aa6ae 100644
Binary files a/artifacts/test_program_methods/nonce_changer.bin and b/artifacts/test_program_methods/nonce_changer.bin differ
diff --git a/artifacts/test_program_methods/noop.bin b/artifacts/test_program_methods/noop.bin
index eb89f4a9..d7bffd5f 100644
Binary files a/artifacts/test_program_methods/noop.bin and b/artifacts/test_program_methods/noop.bin differ
diff --git a/artifacts/test_program_methods/pda_claimer.bin b/artifacts/test_program_methods/pda_claimer.bin
index 092a2191..b1dfd47f 100644
Binary files a/artifacts/test_program_methods/pda_claimer.bin and b/artifacts/test_program_methods/pda_claimer.bin differ
diff --git a/artifacts/test_program_methods/pinata_cooldown.bin b/artifacts/test_program_methods/pinata_cooldown.bin
index 559adea4..eaad2613 100644
Binary files a/artifacts/test_program_methods/pinata_cooldown.bin and b/artifacts/test_program_methods/pinata_cooldown.bin differ
diff --git a/artifacts/test_program_methods/private_pda_claimer.bin b/artifacts/test_program_methods/private_pda_claimer.bin
new file mode 100644
index 00000000..5a64c66d
Binary files /dev/null and b/artifacts/test_program_methods/private_pda_claimer.bin differ
diff --git a/artifacts/test_program_methods/private_pda_delegator.bin b/artifacts/test_program_methods/private_pda_delegator.bin
index d7e81a9f..c1caf235 100644
Binary files a/artifacts/test_program_methods/private_pda_delegator.bin and b/artifacts/test_program_methods/private_pda_delegator.bin differ
diff --git a/artifacts/test_program_methods/private_pda_spender.bin b/artifacts/test_program_methods/private_pda_spender.bin
new file mode 100644
index 00000000..70e4c5a0
Binary files /dev/null and b/artifacts/test_program_methods/private_pda_spender.bin differ
diff --git a/artifacts/test_program_methods/program_owner_changer.bin b/artifacts/test_program_methods/program_owner_changer.bin
index 880e03b1..2e22bfaa 100644
Binary files a/artifacts/test_program_methods/program_owner_changer.bin and b/artifacts/test_program_methods/program_owner_changer.bin differ
diff --git a/artifacts/test_program_methods/simple_balance_transfer.bin b/artifacts/test_program_methods/simple_balance_transfer.bin
index 3a4e811f..1f744230 100644
Binary files a/artifacts/test_program_methods/simple_balance_transfer.bin and b/artifacts/test_program_methods/simple_balance_transfer.bin differ
diff --git a/artifacts/test_program_methods/time_locked_transfer.bin b/artifacts/test_program_methods/time_locked_transfer.bin
index eeb80385..90723ae0 100644
Binary files a/artifacts/test_program_methods/time_locked_transfer.bin and b/artifacts/test_program_methods/time_locked_transfer.bin differ
diff --git a/artifacts/test_program_methods/two_pda_claimer.bin b/artifacts/test_program_methods/two_pda_claimer.bin
index b71d87ab..05c17133 100644
Binary files a/artifacts/test_program_methods/two_pda_claimer.bin and b/artifacts/test_program_methods/two_pda_claimer.bin differ
diff --git a/artifacts/test_program_methods/validity_window.bin b/artifacts/test_program_methods/validity_window.bin
index 8d749f3c..fd6423fc 100644
Binary files a/artifacts/test_program_methods/validity_window.bin and b/artifacts/test_program_methods/validity_window.bin differ
diff --git a/artifacts/test_program_methods/validity_window_chain_caller.bin b/artifacts/test_program_methods/validity_window_chain_caller.bin
index 109829d2..0c86a460 100644
Binary files a/artifacts/test_program_methods/validity_window_chain_caller.bin and b/artifacts/test_program_methods/validity_window_chain_caller.bin differ
diff --git a/bedrock/deployment-settings.yaml b/bedrock/deployment-settings.yaml
index d0c05e24..7ef63f03 100644
--- a/bedrock/deployment-settings.yaml
+++ b/bedrock/deployment-settings.yaml
@@ -39,42 +39,42 @@ cryptarchia:
       threshold: 1
       timestamp: 0
   gossipsub_protocol: /integration/logos-blockchain/cryptarchia/proto/1.0.0
-  genesis_state:
-    mantle_tx:
-      ops:
+  genesis_block:
+    header:
+      version: Bedrock
+      parent_block: '0000000000000000000000000000000000000000000000000000000000000000'
+      slot: 0
+      block_root: b5f8787ac23674822414c70eea15d842da38f2e806ede1a73cf7b5cf0277da07
+      proof_of_leadership:
+        proof: '0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000'
+        entropy_contribution: '0000000000000000000000000000000000000000000000000000000000000000'
+        leader_key: '0000000000000000000000000000000000000000000000000000000000000000'
+        voucher_cm: '0000000000000000000000000000000000000000000000000000000000000000'
+    signature: '00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000'
+    transactions:
+    - mantle_tx:
+        ops:
         - opcode: 0
           payload:
-            inputs: [ ]
+            inputs: []
             outputs:
-              - value: 1
-                pk: d204000000000000000000000000000000000000000000000000000000000000
-              - value: 100
-                pk: 2e03b2eff5a45478e7e79668d2a146cf2c5c7925bce927f2b1c67f2ab4fc0d26
+            - value: 1
+              pk: d204000000000000000000000000000000000000000000000000000000000000
+            - value: 100
+              pk: '2e03b2eff5a45478e7e79668d2a146cf2c5c7925bce927f2b1c67f2ab4fc0d26'
+            - value: 1
+              pk: ed266e6e887b9b97059dc1aa1b7b2e19b934291753c6336a163fe4ebaa28e717
         - opcode: 17
           payload:
-            channel_id: "0000000000000000000000000000000000000000000000000000000000000000"
-            inscription: [ 103, 101, 110, 101, 115, 105, 115 ]  # "genesis" in bytes
-            parent: "0000000000000000000000000000000000000000000000000000000000000000"
-            signer: "0000000000000000000000000000000000000000000000000000000000000000"
-      execution_gas_price: 0
-      storage_gas_price: 0
-    ops_proofs:
-      - !ZkSig
-        pi_a: [
-          0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
-          0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0
-        ]
-        pi_b: [
-          0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
-          0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
-          0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
-          0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0
-        ]
-        pi_c: [
-          0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
-          0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0
-        ]
-      - NoProof
+            channel_id: '0000000000000000000000000000000000000000000000000000000000000000'
+            inscription: '67656e65736973'
+            parent: '0000000000000000000000000000000000000000000000000000000000000000'
+            signer: '0000000000000000000000000000000000000000000000000000000000000000'
+        execution_gas_price: 0
+        storage_gas_price: 0
+      ops_proofs:
+      - !Ed25519Sig '00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000'
+      - !Ed25519Sig '00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000'
 time:
   slot_duration: '1.0'
   chain_start_time: PLACEHOLDER_CHAIN_START_TIME
diff --git a/bedrock/docker-compose.yml b/bedrock/docker-compose.yml
index 73795666..e16e505b 100644
--- a/bedrock/docker-compose.yml
+++ b/bedrock/docker-compose.yml
@@ -1,7 +1,7 @@
 services:
 
   logos-blockchain-node-0:
-    image: ghcr.io/logos-blockchain/logos-blockchain@sha256:c5243681b353278cabb562a176f0a5cfbefc2056f18cebc47fe0e3720c29fb12
+    image: ghcr.io/logos-blockchain/logos-blockchain@sha256:9f1829dea335c56f6ff68ae37ea872ed5313b96b69e8ffe143c02b7217de85fc
     ports:
       - "${PORT:-8080}:18080/tcp"
     volumes:
diff --git a/bedrock_client/Cargo.toml b/bedrock_client/Cargo.toml
deleted file mode 100644
index 2137cb74..00000000
--- a/bedrock_client/Cargo.toml
+++ /dev/null
@@ -1,23 +0,0 @@
-[package]
-name = "bedrock_client"
-version = "0.1.0"
-edition = "2024"
-license = { workspace = true }
-
-[lints]
-workspace = true
-
-[dependencies]
-common.workspace = true
-
-reqwest.workspace = true
-anyhow.workspace = true
-tokio-retry.workspace = true
-futures.workspace = true
-log.workspace = true
-serde.workspace = true
-humantime-serde.workspace = true
-logos-blockchain-common-http-client.workspace = true
-logos-blockchain-core.workspace = true
-logos-blockchain-chain-broadcast-service.workspace = true
-logos-blockchain-chain-service.workspace = true
diff --git a/bedrock_client/src/lib.rs b/bedrock_client/src/lib.rs
deleted file mode 100644
index 4e9bfffd..00000000
--- a/bedrock_client/src/lib.rs
+++ /dev/null
@@ -1,121 +0,0 @@
-use std::time::Duration;
-
-use anyhow::{Context as _, Result};
-use common::config::BasicAuth;
-use futures::{Stream, TryFutureExt as _};
-#[expect(clippy::single_component_path_imports, reason = "Satisfy machete")]
-use humantime_serde;
-use log::{info, warn};
-pub use logos_blockchain_chain_broadcast_service::BlockInfo;
-use logos_blockchain_chain_service::CryptarchiaInfo;
-pub use logos_blockchain_common_http_client::{CommonHttpClient, Error};
-pub use logos_blockchain_core::{block::Block, header::HeaderId, mantle::SignedMantleTx};
-use reqwest::{Client, Url};
-use serde::{Deserialize, Serialize};
-use tokio_retry::Retry;
-
-/// Fibonacci backoff retry strategy configuration.
-#[derive(Debug, Copy, Clone, Serialize, Deserialize)]
-pub struct BackoffConfig {
-    #[serde(with = "humantime_serde")]
-    pub start_delay: Duration,
-    pub max_retries: usize,
-}
-
-impl Default for BackoffConfig {
-    fn default() -> Self {
-        Self {
-            start_delay: Duration::from_millis(100),
-            max_retries: 5,
-        }
-    }
-}
-
-/// Simple wrapper
-/// maybe extend in the future for our purposes
-/// `Clone` is cheap because `CommonHttpClient` is internally reference counted (`Arc`).
-#[derive(Clone)]
-pub struct BedrockClient {
-    http_client: CommonHttpClient,
-    node_url: Url,
-    backoff: BackoffConfig,
-}
-
-impl BedrockClient {
-    pub fn new(backoff: BackoffConfig, node_url: Url, auth: Option<BasicAuth>) -> Result<Self> {
-        info!("Creating Bedrock client with node URL {node_url}");
-        let client = Client::builder()
-                //Add more fields if needed
-                .timeout(std::time::Duration::from_mins(1))
-                .build()
-                .context("Failed to build HTTP client")?;
-
-        let auth = auth.map(|a| {
-            logos_blockchain_common_http_client::BasicAuthCredentials::new(a.username, a.password)
-        });
-
-        let http_client = CommonHttpClient::new_with_client(client, auth);
-        Ok(Self {
-            http_client,
-            node_url,
-            backoff,
-        })
-    }
-
-    pub async fn post_transaction(&self, tx: SignedMantleTx) -> Result<Result<(), Error>, Error> {
-        Retry::spawn(self.backoff_strategy(), || async {
-            match self
-                .http_client
-                .post_transaction(self.node_url.clone(), tx.clone())
-                .await
-            {
-                Ok(()) => Ok(Ok(())),
-                Err(err) => match err {
-                    // Retry arm.
-                    // Retrying only reqwest errors: mainly connected to http.
-                    Error::Request(_) => Err(err),
-                    // Returning non-retryable error
-                    Error::Server(_) | Error::Client(_) | Error::Url(_) => Ok(Err(err)),
-                },
-            }
-        })
-        .await
-    }
-
-    pub async fn get_lib_stream(&self) -> Result<impl Stream<Item = BlockInfo>, Error> {
-        self.http_client.get_lib_stream(self.node_url.clone()).await
-    }
-
-    pub async fn get_block_by_id(
-        &self,
-        header_id: HeaderId,
-    ) -> Result<Option<Block<SignedMantleTx>>, Error> {
-        Retry::spawn(self.backoff_strategy(), || {
-            self.http_client
-                .get_block_by_id(self.node_url.clone(), header_id)
-                .inspect_err(|err| warn!("Block fetching failed with error: {err:#}"))
-        })
-        .await
-    }
-
-    pub async fn get_consensus_info(&self) -> Result<CryptarchiaInfo, Error> {
-        Retry::spawn(self.backoff_strategy(), || {
-            self.http_client
-                .consensus_info(self.node_url.clone())
-                .inspect_err(|err| warn!("Block fetching failed with error: {err:#}"))
-        })
-        .await
-    }
-
-    fn backoff_strategy(&self) -> impl Iterator<Item = Duration> {
-        let start_delay_millis = self
-            .backoff
-            .start_delay
-            .as_millis()
-            .try_into()
-            .expect("Start delay must be less than u64::MAX milliseconds");
-
-        tokio_retry::strategy::FibonacciBackoff::from_millis(start_delay_millis)
-            .take(self.backoff.max_retries)
-    }
-}
diff --git a/common/src/block.rs b/common/src/block.rs
index 92adbdb1..fbc4c9a6 100644
--- a/common/src/block.rs
+++ b/common/src/block.rs
@@ -85,9 +85,20 @@ impl HashableBlockData {
         signing_key: &nssa::PrivateKey,
         bedrock_parent_id: MantleMsgId,
     ) -> Block {
+        const PREFIX: &[u8; 32] = b"/LEE/v0.3/Message/Block/\x00\x00\x00\x00\x00\x00\x00\x00";
+
         let data_bytes = borsh::to_vec(&self).unwrap();
-        let signature = nssa::Signature::new(signing_key, &data_bytes);
-        let hash = OwnHasher::hash(&data_bytes);
+        let mut bytes = Vec::with_capacity(
+            PREFIX
+                .len()
+                .checked_add(data_bytes.len())
+                .expect("length overflow"),
+        );
+        bytes.extend_from_slice(PREFIX);
+        bytes.extend_from_slice(&data_bytes);
+
+        let hash = OwnHasher::hash(&bytes);
+        let signature = nssa::Signature::new(signing_key, &hash.0);
         Block {
             header: BlockHeader {
                 block_id: self.block_id,
@@ -103,11 +114,6 @@ impl HashableBlockData {
             bedrock_parent_id,
         }
     }
-
-    #[must_use]
-    pub fn block_hash(&self) -> BlockHash {
-        OwnHasher::hash(&borsh::to_vec(&self).unwrap())
-    }
 }
 
 impl From<Block> for HashableBlockData {
diff --git a/completions/README.md b/completions/README.md
index d274774c..b12f1823 100644
--- a/completions/README.md
+++ b/completions/README.md
@@ -93,6 +93,12 @@ Only `Public/2gJJjtG9UivBGEhA1Jz6waZQx1cwfYupC5yvKEweHaeH` is used for completio
    exec zsh
    ```
 
+> **Note:** After updating the completion script, re-run step 1 to copy the new file, then rebuild the cache:
+> ```sh
+> cp _wallet ~/.oh-my-zsh/custom/plugins/wallet/
+> rm -rf ~/.zcompdump* && exec zsh
+> ```
+
 ### Requirements
 
 The completion script calls `wallet account list` to dynamically fetch account IDs. Ensure the `wallet` command is in your `$PATH`.
@@ -197,8 +203,7 @@ wallet account get --account-id <TAB>
 2. Rebuild the completion cache:
 
    ```sh
-   rm -f ~/.zcompdump*
-   exec zsh
+   rm -rf ~/.zcompdump* && exec zsh
    ```
 
 ### Account IDs not completing
diff --git a/completions/bash/wallet b/completions/bash/wallet
index b01e5607..a4d390f6 100644
--- a/completions/bash/wallet
+++ b/completions/bash/wallet
@@ -46,7 +46,7 @@ _wallet() {
         cword=$COMP_CWORD
     }
 
-    local commands="auth-transfer chain-info account pinata token amm check-health config restore-keys deploy-program help"
+    local commands="auth-transfer chain-info account pinata token amm ata check-health config restore-keys deploy-program help"
 
     # Find the main command and subcommand by scanning words before the cursor.
     # Global options that take a value are skipped along with their argument.
@@ -127,10 +127,10 @@ _wallet() {
                         --to-label)
                             _wallet_complete_account_label "$cur"
                             ;;
-                        --to-npk | --to-vpk | --amount)
+                        --to-npk | --to-vpk | --to-identifier | --amount)
                             ;; # no specific completion
                         *)
-                            COMPREPLY=($(compgen -W "--from --from-label --to --to-label --to-npk --to-vpk --amount" -- "$cur"))
+                            COMPREPLY=($(compgen -W "--from --from-label --to --to-label --to-npk --to-vpk --to-identifier --amount" -- "$cur"))
                             ;;
                     esac
                     ;;
@@ -187,11 +187,11 @@ _wallet() {
                 sync-private)
                     ;; # no options
                 new)
-                    # `account new` is itself a subcommand: public | private
+                    # `account new` is itself a subcommand: public | private-accounts-key
                     local new_subcmd=""
                     for ((i = subcmd_idx + 1; i < cword; i++)); do
                         case "${words[$i]}" in
-                            public | private)
+                            public | private-accounts-key)
                                 new_subcmd="${words[$i]}"
                                 break
                                 ;;
@@ -199,13 +199,26 @@ _wallet() {
                     done
 
                     if [[ -z "$new_subcmd" ]]; then
-                        COMPREPLY=($(compgen -W "public private" -- "$cur"))
+                        COMPREPLY=($(compgen -W "public private-accounts-key" -- "$cur"))
                     else
-                        case "$prev" in
-                            --cci | -l | --label)
-                                ;; # no specific completion
-                            *)
-                                COMPREPLY=($(compgen -W "--cci -l --label" -- "$cur"))
+                        case "$new_subcmd" in
+                            public)
+                                case "$prev" in
+                                    --cci | -l | --label)
+                                        ;; # no specific completion
+                                    *)
+                                        COMPREPLY=($(compgen -W "--cci -l --label" -- "$cur"))
+                                        ;;
+                                esac
+                                ;;
+                            private-accounts-key)
+                                case "$prev" in
+                                    --cci)
+                                        ;; # no specific completion
+                                    *)
+                                        COMPREPLY=($(compgen -W "--cci" -- "$cur"))
+                                        ;;
+                                esac
                                 ;;
                         esac
                     fi
@@ -289,10 +302,10 @@ _wallet() {
                         --to-label)
                             _wallet_complete_account_label "$cur"
                             ;;
-                        --to-npk | --to-vpk | --amount)
+                        --to-npk | --to-vpk | --to-identifier | --amount)
                             ;; # no specific completion
                         *)
-                            COMPREPLY=($(compgen -W "--from --from-label --to --to-label --to-npk --to-vpk --amount" -- "$cur"))
+                            COMPREPLY=($(compgen -W "--from --from-label --to --to-label --to-npk --to-vpk --to-identifier --amount" -- "$cur"))
                             ;;
                     esac
                     ;;
@@ -331,10 +344,10 @@ _wallet() {
                         --holder-label)
                             _wallet_complete_account_label "$cur"
                             ;;
-                        --holder-npk | --holder-vpk | --amount)
+                        --holder-npk | --holder-vpk | --holder-identifier | --amount)
                             ;; # no specific completion
                         *)
-                            COMPREPLY=($(compgen -W "--definition --definition-label --holder --holder-label --holder-npk --holder-vpk --amount" -- "$cur"))
+                            COMPREPLY=($(compgen -W "--definition --definition-label --holder --holder-label --holder-npk --holder-vpk --holder-identifier --amount" -- "$cur"))
                             ;;
                     esac
                     ;;
@@ -344,7 +357,7 @@ _wallet() {
         amm)
             case "$subcmd" in
                 "")
-                    COMPREPLY=($(compgen -W "new swap add-liquidity remove-liquidity help" -- "$cur"))
+                    COMPREPLY=($(compgen -W "new swap-exact-input swap-exact-output add-liquidity remove-liquidity help" -- "$cur"))
                     ;;
                 new)
                     case "$prev" in
@@ -373,7 +386,7 @@ _wallet() {
                             ;;
                     esac
                     ;;
-                swap)
+                swap-exact-input)
                     case "$prev" in
                         --user-holding-a)
                             _wallet_complete_account_id "$cur"
@@ -394,6 +407,15 @@ _wallet() {
                             ;;
                     esac
                     ;;
+                swap-exact-output)
+                    case "$prev" in
+                        --user-holding-a | --user-holding-b | --exact-amount-out | --max-amount-in | --token-definition)
+                            ;; # no specific completion
+                        *)
+                            COMPREPLY=($(compgen -W "--user-holding-a --user-holding-b --exact-amount-out --max-amount-in --token-definition" -- "$cur"))
+                            ;;
+                    esac
+                    ;;
                 add-liquidity)
                     case "$prev" in
                         --user-holding-a)
@@ -451,6 +473,68 @@ _wallet() {
             esac
             ;;
 
+        ata)
+            case "$subcmd" in
+                "")
+                    COMPREPLY=($(compgen -W "address create send burn list help" -- "$cur"))
+                    ;;
+                address)
+                    case "$prev" in
+                        --owner | --token-definition)
+                            ;; # no specific completion
+                        *)
+                            COMPREPLY=($(compgen -W "--owner --token-definition" -- "$cur"))
+                            ;;
+                    esac
+                    ;;
+                create)
+                    case "$prev" in
+                        --owner)
+                            _wallet_complete_account_id "$cur"
+                            ;;
+                        --token-definition)
+                            ;; # no specific completion
+                        *)
+                            COMPREPLY=($(compgen -W "--owner --token-definition" -- "$cur"))
+                            ;;
+                    esac
+                    ;;
+                send)
+                    case "$prev" in
+                        --from)
+                            _wallet_complete_account_id "$cur"
+                            ;;
+                        --to | --token-definition | --amount)
+                            ;; # no specific completion
+                        *)
+                            COMPREPLY=($(compgen -W "--from --token-definition --to --amount" -- "$cur"))
+                            ;;
+                    esac
+                    ;;
+                burn)
+                    case "$prev" in
+                        --holder)
+                            _wallet_complete_account_id "$cur"
+                            ;;
+                        --token-definition | --amount)
+                            ;; # no specific completion
+                        *)
+                            COMPREPLY=($(compgen -W "--holder --token-definition --amount" -- "$cur"))
+                            ;;
+                    esac
+                    ;;
+                list)
+                    case "$prev" in
+                        --owner | --token-definition)
+                            ;; # no specific completion
+                        *)
+                            COMPREPLY=($(compgen -W "--owner --token-definition" -- "$cur"))
+                            ;;
+                    esac
+                    ;;
+            esac
+            ;;
+
         config)
             case "$subcmd" in
                 "")
diff --git a/completions/zsh/_wallet b/completions/zsh/_wallet
index 2d4fe26b..8f573ab0 100644
--- a/completions/zsh/_wallet
+++ b/completions/zsh/_wallet
@@ -24,6 +24,7 @@ _wallet() {
                 'pinata:Pinata program interaction subcommand'
                 'token:Token program interaction subcommand'
                 'amm:AMM program interaction subcommand'
+                'ata:Associated Token Account program interaction subcommand'
                 'check-health:Check the wallet can connect to the node and builtin local programs match the remote versions'
                 'config:Command to setup config, get and set config fields'
                 'restore-keys:Restoring keys from given password at given depth'
@@ -52,6 +53,9 @@ _wallet() {
                 amm)
                     _wallet_amm
                     ;;
+                ata)
+                    _wallet_ata
+                    ;;
                 config)
                     _wallet_config
                     ;;
@@ -72,7 +76,7 @@ _wallet() {
 # auth-transfer subcommand
 _wallet_auth_transfer() {
     local -a subcommands
-    
+
     _arguments -C \
         '1: :->subcommand' \
         '*:: :->args'
@@ -91,16 +95,17 @@ _wallet_auth_transfer() {
                 init)
                     _arguments \
                         '--account-id[Account ID to initialize]:account_id:_wallet_account_ids' \
-                        '--account-label[Account label (alternative to --account-id)]:label:_wallet_account_labels'
+                        '--account-label[Account label (alternative to --account-id)]:label:'
                     ;;
                 send)
                     _arguments \
                         '--from[Source account ID]:from_account:_wallet_account_ids' \
-                        '--from-label[Source account label (alternative to --from)]:label:_wallet_account_labels' \
+                        '--from-label[From account label (alternative to --from)]:label:' \
                         '--to[Destination account ID (for owned accounts)]:to_account:_wallet_account_ids' \
-                        '--to-label[Destination account label (alternative to --to)]:label:_wallet_account_labels' \
+                        '--to-label[To account label (alternative to --to)]:label:' \
                         '--to-npk[Destination nullifier public key (for foreign private accounts)]:npk:' \
                         '--to-vpk[Destination viewing public key (for foreign private accounts)]:vpk:' \
+                        '--to-identifier[Identifier for the recipient private account]:identifier:' \
                         '--amount[Amount of native tokens to send]:amount:'
                     ;;
             esac
@@ -111,7 +116,7 @@ _wallet_auth_transfer() {
 # chain-info subcommand
 _wallet_chain_info() {
     local -a subcommands
-    
+
     _arguments -C \
         '1: :->subcommand' \
         '*:: :->args'
@@ -144,7 +149,7 @@ _wallet_chain_info() {
 # account subcommand
 _wallet_account() {
     local -a subcommands
-    
+
     _arguments -C \
         '1: :->subcommand' \
         '*:: :->args'
@@ -169,7 +174,7 @@ _wallet_account() {
                         '(-r --raw)'{-r,--raw}'[Get raw account data]' \
                         '(-k --keys)'{-k,--keys}'[Display keys (pk for public accounts, npk/vpk for private accounts)]' \
                         '(-a --account-id)'{-a,--account-id}'[Account ID to query]:account_id:_wallet_account_ids' \
-                        '--account-label[Account label (alternative to --account-id)]:label:_wallet_account_labels'
+                        '--account-label[Account label (alternative to --account-id)]:label:'
                     ;;
                 list|ls)
                     _arguments \
@@ -181,19 +186,27 @@ _wallet_account() {
                         '*:: :->new_args'
                     case $state in
                         account_type)
-                            compadd public private
+                            compadd public private-accounts-key
                             ;;
                         new_args)
-                            _arguments \
-                                '--cci[Chain index of a parent node]:chain_index:' \
-                                '(-l --label)'{-l,--label}'[Label to assign to the new account]:label:'
+                            case $line[1] in
+                                public)
+                                    _arguments \
+                                        '--cci[Chain index of a parent node]:chain_index:' \
+                                        '(-l --label)'{-l,--label}'[Label to assign to the new account]:label:'
+                                    ;;
+                                private-accounts-key)
+                                    _arguments \
+                                        '--cci[Chain index of a parent node]:chain_index:'
+                                    ;;
+                            esac
                             ;;
                     esac
                     ;;
                 label)
                     _arguments \
                         '(-a --account-id)'{-a,--account-id}'[Account ID to label]:account_id:_wallet_account_ids' \
-                        '--account-label[Account label (alternative to --account-id)]:label:_wallet_account_labels' \
+                        '--account-label[Account label (alternative to --account-id)]:label:' \
                         '(-l --label)'{-l,--label}'[The label to assign to the account]:label:'
                     ;;
             esac
@@ -204,7 +217,7 @@ _wallet_account() {
 # pinata subcommand
 _wallet_pinata() {
     local -a subcommands
-    
+
     _arguments -C \
         '1: :->subcommand' \
         '*:: :->args'
@@ -222,7 +235,7 @@ _wallet_pinata() {
                 claim)
                     _arguments \
                         '--to[Destination account ID to receive claimed tokens]:to_account:_wallet_account_ids' \
-                        '--to-label[Destination account label (alternative to --to)]:label:_wallet_account_labels'
+                        '--to-label[To account label (alternative to --to)]:label:'
                     ;;
             esac
             ;;
@@ -255,36 +268,38 @@ _wallet_token() {
                         '--name[Token name]:name:' \
                         '--total-supply[Total supply of tokens to mint]:total_supply:' \
                         '--definition-account-id[Account ID for token definition]:definition_account:_wallet_account_ids' \
-                        '--definition-account-label[Definition account label (alternative to --definition-account-id)]:label:_wallet_account_labels' \
+                        '--definition-account-label[Definition account label (alternative to --definition-account-id)]:label:' \
                         '--supply-account-id[Account ID to receive initial supply]:supply_account:_wallet_account_ids' \
-                        '--supply-account-label[Supply account label (alternative to --supply-account-id)]:label:_wallet_account_labels'
+                        '--supply-account-label[Supply account label (alternative to --supply-account-id)]:label:'
                     ;;
                 send)
                     _arguments \
                         '--from[Source holding account ID]:from_account:_wallet_account_ids' \
-                        '--from-label[Source account label (alternative to --from)]:label:_wallet_account_labels' \
+                        '--from-label[From account label (alternative to --from)]:label:' \
                         '--to[Destination holding account ID (for owned accounts)]:to_account:_wallet_account_ids' \
-                        '--to-label[Destination account label (alternative to --to)]:label:_wallet_account_labels' \
+                        '--to-label[To account label (alternative to --to)]:label:' \
                         '--to-npk[Destination nullifier public key (for foreign private accounts)]:npk:' \
                         '--to-vpk[Destination viewing public key (for foreign private accounts)]:vpk:' \
+                        '--to-identifier[Identifier for the recipient private account]:identifier:' \
                         '--amount[Amount of tokens to send]:amount:'
                     ;;
                 burn)
                     _arguments \
                         '--definition[Definition account ID]:definition_account:_wallet_account_ids' \
-                        '--definition-label[Definition account label (alternative to --definition)]:label:_wallet_account_labels' \
+                        '--definition-label[Definition account label (alternative to --definition)]:label:' \
                         '--holder[Holder account ID]:holder_account:_wallet_account_ids' \
-                        '--holder-label[Holder account label (alternative to --holder)]:label:_wallet_account_labels' \
+                        '--holder-label[Holder account label (alternative to --holder)]:label:' \
                         '--amount[Amount of tokens to burn]:amount:'
                     ;;
                 mint)
                     _arguments \
                         '--definition[Definition account ID]:definition_account:_wallet_account_ids' \
-                        '--definition-label[Definition account label (alternative to --definition)]:label:_wallet_account_labels' \
+                        '--definition-label[Definition account label (alternative to --definition)]:label:' \
                         '--holder[Holder account ID (for owned accounts)]:holder_account:_wallet_account_ids' \
-                        '--holder-label[Holder account label (alternative to --holder)]:label:_wallet_account_labels' \
+                        '--holder-label[Holder account label (alternative to --holder)]:label:' \
                         '--holder-npk[Holder nullifier public key (for foreign private accounts)]:npk:' \
                         '--holder-vpk[Holder viewing public key (for foreign private accounts)]:vpk:' \
+                        '--holder-identifier[Identifier for the holder private account]:identifier:' \
                         '--amount[Amount of tokens to mint]:amount:'
                     ;;
             esac
@@ -295,7 +310,7 @@ _wallet_token() {
 # amm subcommand
 _wallet_amm() {
     local -a subcommands
-    
+
     _arguments -C \
         '1: :->subcommand' \
         '*:: :->args'
@@ -304,7 +319,8 @@ _wallet_amm() {
         subcommand)
             subcommands=(
                 'new:Create a new liquidity pool'
-                'swap:Swap tokens using the AMM'
+                'swap-exact-input:Swap specifying exact input amount'
+                'swap-exact-output:Swap specifying exact output amount'
                 'add-liquidity:Add liquidity to an existing pool'
                 'remove-liquidity:Remove liquidity from a pool'
                 'help:Print this message or the help of the given subcommand(s)'
@@ -316,32 +332,40 @@ _wallet_amm() {
                 new)
                     _arguments \
                         '--user-holding-a[User token A holding account ID]:holding_a:_wallet_account_ids' \
-                        '--user-holding-a-label[User holding A account label (alternative to --user-holding-a)]:label:_wallet_account_labels' \
+                        '--user-holding-a-label[User holding A label (alternative to --user-holding-a)]:label:' \
                         '--user-holding-b[User token B holding account ID]:holding_b:_wallet_account_ids' \
-                        '--user-holding-b-label[User holding B account label (alternative to --user-holding-b)]:label:_wallet_account_labels' \
+                        '--user-holding-b-label[User holding B label (alternative to --user-holding-b)]:label:' \
                         '--user-holding-lp[User LP token holding account ID]:holding_lp:_wallet_account_ids' \
-                        '--user-holding-lp-label[User holding LP account label (alternative to --user-holding-lp)]:label:_wallet_account_labels' \
+                        '--user-holding-lp-label[User holding LP label (alternative to --user-holding-lp)]:label:' \
                         '--balance-a[Amount of token A to deposit]:balance_a:' \
                         '--balance-b[Amount of token B to deposit]:balance_b:'
                     ;;
-                swap)
+                swap-exact-input)
                     _arguments \
                         '--user-holding-a[User token A holding account ID]:holding_a:_wallet_account_ids' \
-                        '--user-holding-a-label[User holding A account label (alternative to --user-holding-a)]:label:_wallet_account_labels' \
+                        '--user-holding-a-label[User holding A label (alternative to --user-holding-a)]:label:' \
                         '--user-holding-b[User token B holding account ID]:holding_b:_wallet_account_ids' \
-                        '--user-holding-b-label[User holding B account label (alternative to --user-holding-b)]:label:_wallet_account_labels' \
+                        '--user-holding-b-label[User holding B label (alternative to --user-holding-b)]:label:' \
                         '--amount-in[Amount of tokens to swap]:amount_in:' \
                         '--min-amount-out[Minimum tokens expected in return]:min_amount_out:' \
                         '--token-definition[Definition ID of the token being provided]:token_def:'
                     ;;
+                swap-exact-output)
+                    _arguments \
+                        '--user-holding-a[User token A holding account ID]:holding_a:' \
+                        '--user-holding-b[User token B holding account ID]:holding_b:' \
+                        '--exact-amount-out[Exact amount of tokens expected out]:exact_amount_out:' \
+                        '--max-amount-in[Maximum tokens to spend]:max_amount_in:' \
+                        '--token-definition[Definition ID of the token being provided]:token_def:'
+                    ;;
                 add-liquidity)
                     _arguments \
                         '--user-holding-a[User token A holding account ID]:holding_a:_wallet_account_ids' \
-                        '--user-holding-a-label[User holding A account label (alternative to --user-holding-a)]:label:_wallet_account_labels' \
+                        '--user-holding-a-label[User holding A label (alternative to --user-holding-a)]:label:' \
                         '--user-holding-b[User token B holding account ID]:holding_b:_wallet_account_ids' \
-                        '--user-holding-b-label[User holding B account label (alternative to --user-holding-b)]:label:_wallet_account_labels' \
+                        '--user-holding-b-label[User holding B label (alternative to --user-holding-b)]:label:' \
                         '--user-holding-lp[User LP token holding account ID]:holding_lp:_wallet_account_ids' \
-                        '--user-holding-lp-label[User holding LP account label (alternative to --user-holding-lp)]:label:_wallet_account_labels' \
+                        '--user-holding-lp-label[User holding LP label (alternative to --user-holding-lp)]:label:' \
                         '--max-amount-a[Maximum amount of token A to deposit]:max_amount_a:' \
                         '--max-amount-b[Maximum amount of token B to deposit]:max_amount_b:' \
                         '--min-amount-lp[Minimum LP tokens to receive]:min_amount_lp:'
@@ -349,11 +373,11 @@ _wallet_amm() {
                 remove-liquidity)
                     _arguments \
                         '--user-holding-a[User token A holding account ID]:holding_a:_wallet_account_ids' \
-                        '--user-holding-a-label[User holding A account label (alternative to --user-holding-a)]:label:_wallet_account_labels' \
+                        '--user-holding-a-label[User holding A label (alternative to --user-holding-a)]:label:' \
                         '--user-holding-b[User token B holding account ID]:holding_b:_wallet_account_ids' \
-                        '--user-holding-b-label[User holding B account label (alternative to --user-holding-b)]:label:_wallet_account_labels' \
+                        '--user-holding-b-label[User holding B label (alternative to --user-holding-b)]:label:' \
                         '--user-holding-lp[User LP token holding account ID]:holding_lp:_wallet_account_ids' \
-                        '--user-holding-lp-label[User holding LP account label (alternative to --user-holding-lp)]:label:_wallet_account_labels' \
+                        '--user-holding-lp-label[User holding LP label (alternative to --user-holding-lp)]:label:' \
                         '--balance-lp[Amount of LP tokens to burn]:balance_lp:' \
                         '--min-amount-a[Minimum token A to receive]:min_amount_a:' \
                         '--min-amount-b[Minimum token B to receive]:min_amount_b:'
@@ -363,6 +387,61 @@ _wallet_amm() {
     esac
 }
 
+# ata subcommand
+_wallet_ata() {
+    local -a subcommands
+
+    _arguments -C \
+        '1: :->subcommand' \
+        '*:: :->args'
+
+    case $state in
+        subcommand)
+            subcommands=(
+                'address:Derive and print the Associated Token Account address (local only)'
+                'create:Create (or idempotently no-op) the Associated Token Account'
+                'send:Send tokens from owner ATA to a recipient token holding account'
+                'burn:Burn tokens from holder ATA'
+                'list:List all ATAs for a given owner across multiple token definitions'
+                'help:Print this message or the help of the given subcommand(s)'
+            )
+            _describe -t subcommands 'ata subcommands' subcommands
+            ;;
+        args)
+            case $line[1] in
+                address)
+                    _arguments \
+                        '--owner[Owner account (no privacy prefix)]:owner:' \
+                        '--token-definition[Token definition account (no privacy prefix)]:token_def:'
+                    ;;
+                create)
+                    _arguments \
+                        '--owner[Owner account with privacy prefix]:owner:_wallet_account_ids' \
+                        '--token-definition[Token definition account (no privacy prefix)]:token_def:'
+                    ;;
+                send)
+                    _arguments \
+                        '--from[Sender account with privacy prefix]:from:_wallet_account_ids' \
+                        '--token-definition[Token definition account (no privacy prefix)]:token_def:' \
+                        '--to[Recipient account (no privacy prefix)]:to:' \
+                        '--amount[Amount of tokens to send]:amount:'
+                    ;;
+                burn)
+                    _arguments \
+                        '--holder[Holder account with privacy prefix]:holder:_wallet_account_ids' \
+                        '--token-definition[Token definition account (no privacy prefix)]:token_def:' \
+                        '--amount[Amount of tokens to burn]:amount:'
+                    ;;
+                list)
+                    _arguments \
+                        '--owner[Owner account (no privacy prefix)]:owner:' \
+                        '--token-definition[Token definition accounts (no privacy prefix)]:token_def:'
+                    ;;
+            esac
+            ;;
+    esac
+}
+
 # config subcommand
 _wallet_config() {
     local -a subcommands
@@ -435,6 +514,7 @@ _wallet_help() {
         'pinata:Pinata program interaction subcommand'
         'token:Token program interaction subcommand'
         'amm:AMM program interaction subcommand'
+        'ata:Associated Token Account program interaction subcommand'
         'check-health:Check the wallet can connect to the node'
         'config:Command to setup config, get and set config fields'
         'restore-keys:Restoring keys from given password at given depth'
@@ -468,25 +548,4 @@ _wallet_account_ids() {
     _multi_parts / accounts
 }
 
-# Helper function to complete account labels
-# Uses `wallet account list` to get available labels
-_wallet_account_labels() {
-    local -a labels
-    local line
-
-    if command -v wallet &>/dev/null; then
-        while IFS= read -r line; do
-            local label
-            # Extract label from [...] at end of line
-            label="${line##*\[}"
-            label="${label%\]}"
-            [[ -n "$label" && "$label" != "$line" ]] && labels+=("$label")
-        done < <(wallet account list 2>/dev/null)
-    fi
-
-    if (( ${#labels} > 0 )); then
-        compadd -a labels
-    fi
-}
-
 _wallet "$@"
diff --git a/configs/docker-all-in-one/indexer_config.json b/configs/docker-all-in-one/indexer_config.json
index c2b07e3e..ca99a90c 100644
--- a/configs/docker-all-in-one/indexer_config.json
+++ b/configs/docker-all-in-one/indexer_config.json
@@ -1,12 +1,8 @@
 {
     "home": "./indexer/service",
     "consensus_info_polling_interval": "1s",
-    "bedrock_client_config": {
-        "addr": "http://logos-blockchain-node-0:18080",
-        "backoff": {
-            "start_delay": "100ms",
-            "max_retries": 5
-        }
+    "bedrock_config": {
+        "addr": "http://logos-blockchain-node-0:18080"
     },
     "channel_id": "0101010101010101010101010101010101010101010101010101010101010101",
     "initial_accounts": [
diff --git a/docs/LEZ testnet v0.1 tutorials/token-transfer.md b/docs/LEZ testnet v0.1 tutorials/token-transfer.md
index 156f0b1f..3a1ef43f 100644
--- a/docs/LEZ testnet v0.1 tutorials/token-transfer.md	
+++ b/docs/LEZ testnet v0.1 tutorials/token-transfer.md	
@@ -5,6 +5,7 @@ This tutorial walks through native token transfers between public and private ac
 4. Private account creation.
 5. Native token transfer from a public account to a private account.
 6. Native token transfer from a public account to a private account owned by someone else.
+7. Sending to a private accounts key from multiple independent senders.
 
 ---
 
@@ -142,7 +143,7 @@ Account owned by authenticated-transfer program
 > Private accounts are structurally identical to public accounts, but their values are stored off-chain. On-chain, only a 32-byte commitment is recorded.
 > Transactions include encrypted private values so the owner can recover them, and the decryption keys are never shared.
 > Private accounts use two keypairs: nullifier keys for privacy-preserving executions and viewing keys for encrypting and decrypting values.
-> The private account ID is derived from the nullifier public key.
+> The private account ID is derived from the nullifier public key and a numeric identifier: `SHA256(prefix || npk || identifier)`. The same `npk` paired with different identifiers yields different, independent account IDs.
 > Private accounts can be initialized by anyone, but once initialized they can only be modified by the owner’s keys.
 > Updates include a new commitment and a nullifier for the old state, which prevents linkage between versions.
 
@@ -158,7 +159,9 @@ With vpk 02ddc96d0eb56e00ce14994cfdaec5ae1f76244180a919545983156e3519940a17
 ```
 
 > [!Tip]
-> Focus on the account ID for now. The `npk` and `vpk` values are stored locally and used to build privacy-preserving transactions. The private account ID is derived from `npk`.
+> Save this account ID. You will use it in later commands.
+
+### b. Check the account status
 
 Just like public accounts, new private accounts start out uninitialized:
 
@@ -218,21 +221,23 @@ Account owned by authenticated-transfer program
 ## 6. Native token transfer from a public account to a private account owned by someone else
 
 > [!Important]
-> We’ll simulate transferring to someone else by creating a new private account we own and treating it as if it belonged to another user.
+> We’ll simulate transferring to someone else by creating a new private accounts key and treating it as if it belonged to another user. When the recipient is someone else, you only have their `npk` and `vpk` — not an account ID.
 
-### a. Create a new uninitialized private account
+### a. Create a new private accounts key to simulate a foreign recipient
 
 ```bash
-wallet account new private
+wallet account new private-accounts-key
 
 # Output:
-Generated new account with account_id Private/AukXPRBmrYVqoqEW2HTs7N3hvTn3qdNFDcxDHVr5hMm5
+Generated new private accounts key at path /1
 With npk 0c95ebc4b3830f53da77bb0b80a276a776cdcf6410932acc718dcdb3f788a00e
 With vpk 039fd12a3674a880d3e917804129141e4170d419d1f9e28a3dcf979c1f2369cb72
 ```
 
 > [!Tip]
-> Ignore the private account ID here and use the `npk` and `vpk` values to send to a foreign private account.
+> Ignore the account ID here and use the `npk` and `vpk` values to send to a foreign private account.
+
+### b. Send 3 tokens using the recipient’s npk and vpk
 
 ```bash
 wallet auth-transfer send \
@@ -242,9 +247,74 @@ wallet auth-transfer send \
     --amount 3
 ```
 
+> [!Note]
+> `--to-identifier` is omitted here. When omitted, the wallet picks a random identifier, which is usually fine. Use the flag explicitly when a specific identifier is required.
+
 > [!Warning]
 > This command creates a privacy-preserving transaction, which may take a few minutes. The updated values are encrypted and included in the transaction.
 > Once accepted, the recipient must run `wallet account sync-private` to scan the chain for their encrypted updates and refresh local state.
 
 > [!Note]
 > You have seen transfers between two public accounts and from a public sender to a private recipient. Transfers from a private sender, whether to a public account or to another private account, follow the same pattern.
+
+## 7. Sending to a private accounts key from multiple independent senders
+
+> [!Important]
+> A private accounts key (`npk` + `vpk`) can be shared with multiple senders. Each sender independently chooses an identifier; the recipient's account ID is derived from `(npk, identifier)`. Two senders using different identifiers produce two separate private accounts under the same key.
+
+### a. Alice creates a private accounts key
+
+```bash
+wallet account new private-accounts-key
+
+# Output:
+Generated new private accounts key at path /2
+With npk a3f7c21b8e905d4f6a1bc783d0e2f94c1d5a6b7e8f9012345678abcdef012345
+With vpk 03b1d2e3f4a5b6c7d8e9f0a1b2c3d4e5f6071819202122232425262728292a2b2c
+```
+
+Alice shares the `npk` and `vpk` values with Bob and Charlie out of band.
+
+### b. Bob sends 10 tokens to Alice using identifier 1
+
+```bash
+wallet auth-transfer send \
+    --from Public/BobXqJprP9BmhbFVQyBcbznU8bAXcwrzwRoPTetXdQPA \
+    --to-npk a3f7c21b8e905d4f6a1bc783d0e2f94c1d5a6b7e8f9012345678abcdef012345 \
+    --to-vpk 03b1d2e3f4a5b6c7d8e9f0a1b2c3d4e5f6071819202122232425262728292a2b2c \
+    --to-identifier 1 \
+    --amount 10
+```
+
+### c. Charlie sends 5 tokens to Alice using identifier 2
+
+```bash
+wallet auth-transfer send \
+    --from Public/CharlieYrP9BmhbFVQyBcbznU8bAXcwrzwRoPTetXdQPB \
+    --to-npk a3f7c21b8e905d4f6a1bc783d0e2f94c1d5a6b7e8f9012345678abcdef012345 \
+    --to-vpk 03b1d2e3f4a5b6c7d8e9f0a1b2c3d4e5f6071819202122232425262728292a2b2c \
+    --to-identifier 2 \
+    --amount 5
+```
+
+> [!Note]
+> Bob and Charlie each chose a different identifier. They do not need to coordinate — any two distinct values work.
+
+### d. Alice syncs to discover the new accounts
+
+```bash
+wallet account sync-private
+```
+
+```bash
+wallet account list
+
+# Output (private account entries under key /2):
+/2 Private/AliceBobAcctXxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
+/2 Private/AliceCharlieAcctXxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
+```
+
+Alice now has two separate private accounts, one funded by Bob and one by Charlie, both controlled by the same key at path `/2`.
+
+> [!Tip]
+> Alice can check each account balance with `wallet account get --account-id Private/...`. Neither balance is visible on-chain.
diff --git a/indexer/core/Cargo.toml b/indexer/core/Cargo.toml
index 33fe2d9d..d609f5cb 100644
--- a/indexer/core/Cargo.toml
+++ b/indexer/core/Cargo.toml
@@ -9,7 +9,7 @@ workspace = true
 
 [dependencies]
 common.workspace = true
-bedrock_client.workspace = true
+logos-blockchain-zone-sdk.workspace = true
 nssa.workspace = true
 nssa_core.workspace = true
 storage.workspace = true
@@ -19,13 +19,13 @@ anyhow.workspace = true
 log.workspace = true
 serde.workspace = true
 humantime-serde.workspace = true
-tokio.workspace = true
 borsh.workspace = true
 futures.workspace = true
 url.workspace = true
 logos-blockchain-core.workspace = true
 serde_json.workspace = true
 async-stream.workspace = true
+tokio.workspace = true
 
 [dev-dependencies]
 tempfile.workspace = true
diff --git a/indexer/core/src/block_store.rs b/indexer/core/src/block_store.rs
index cff07b0f..71ddfd82 100644
--- a/indexer/core/src/block_store.rs
+++ b/indexer/core/src/block_store.rs
@@ -1,11 +1,12 @@
 use std::{path::Path, sync::Arc};
 
-use anyhow::Result;
-use bedrock_client::HeaderId;
+use anyhow::{Context as _, Result};
 use common::{
     block::{BedrockStatus, Block},
     transaction::{NSSATransaction, clock_invocation},
 };
+use logos_blockchain_core::{header::HeaderId, mantle::ops::channel::MsgId};
+use logos_blockchain_zone_sdk::Slot;
 use nssa::{Account, AccountId, V03State};
 use nssa_core::BlockId;
 use storage::indexer::RocksDBIO;
@@ -103,6 +104,22 @@ impl IndexerStore {
         Ok(self.dbio.calculate_state_for_id(block_id)?)
     }
 
+    pub fn get_zone_cursor(&self) -> Result<Option<(MsgId, Slot)>> {
+        let Some(bytes) = self.dbio.get_zone_sdk_indexer_cursor_bytes()? else {
+            return Ok(None);
+        };
+        let cursor: (MsgId, Slot) = serde_json::from_slice(&bytes)
+            .context("Failed to deserialize stored zone-sdk indexer cursor")?;
+        Ok(Some(cursor))
+    }
+
+    pub fn set_zone_cursor(&self, cursor: &(MsgId, Slot)) -> Result<()> {
+        let bytes =
+            serde_json::to_vec(cursor).context("Failed to serialize zone-sdk indexer cursor")?;
+        self.dbio.put_zone_sdk_indexer_cursor_bytes(&bytes)?;
+        Ok(())
+    }
+
     /// Recalculation of final state directly from DB.
     ///
     /// Used for indexer healthcheck.
diff --git a/indexer/core/src/config.rs b/indexer/core/src/config.rs
index 291e54f5..40ac0870 100644
--- a/indexer/core/src/config.rs
+++ b/indexer/core/src/config.rs
@@ -6,7 +6,6 @@ use std::{
 };
 
 use anyhow::{Context as _, Result};
-pub use bedrock_client::BackoffConfig;
 use common::config::BasicAuth;
 use humantime_serde;
 pub use logos_blockchain_core::mantle::ops::channel::ChannelId;
@@ -16,8 +15,6 @@ use url::Url;
 
 #[derive(Debug, Clone, Serialize, Deserialize)]
 pub struct ClientConfig {
-    /// For individual RPC requests we use Fibonacci backoff retry strategy.
-    pub backoff: BackoffConfig,
     pub addr: Url,
     #[serde(default, skip_serializing_if = "Option::is_none")]
     pub auth: Option<BasicAuth>,
@@ -31,7 +28,7 @@ pub struct IndexerConfig {
     pub signing_key: [u8; 32],
     #[serde(with = "humantime_serde")]
     pub consensus_info_polling_interval: Duration,
-    pub bedrock_client_config: ClientConfig,
+    pub bedrock_config: ClientConfig,
     pub channel_id: ChannelId,
     #[serde(skip_serializing_if = "Option::is_none")]
     pub initial_public_accounts: Option<Vec<PublicAccountPublicInitialData>>,
diff --git a/indexer/core/src/lib.rs b/indexer/core/src/lib.rs
index fc86ff40..3d57e540 100644
--- a/indexer/core/src/lib.rs
+++ b/indexer/core/src/lib.rs
@@ -1,15 +1,14 @@
-use std::collections::VecDeque;
+use std::sync::Arc;
 
 use anyhow::Result;
-use bedrock_client::{BedrockClient, HeaderId};
-use common::{
-    HashType, PINATA_BASE58,
-    block::{Block, HashableBlockData},
-};
-use log::{debug, error, info};
-use logos_blockchain_core::mantle::{
-    Op, SignedMantleTx,
-    ops::channel::{ChannelId, inscribe::InscriptionOp},
+use common::block::{Block, HashableBlockData};
+// ToDo: Remove after testnet
+use common::{HashType, PINATA_BASE58};
+use futures::StreamExt as _;
+use log::{error, info, warn};
+use logos_blockchain_core::header::HeaderId;
+use logos_blockchain_zone_sdk::{
+    CommonHttpClient, ZoneMessage, adapter::NodeHttpClient, indexer::ZoneIndexer,
 };
 use nssa::V03State;
 use testnet_initial_state::initial_state_testnet;
@@ -21,25 +20,11 @@ pub mod config;
 
 #[derive(Clone)]
 pub struct IndexerCore {
-    pub bedrock_client: BedrockClient,
+    pub zone_indexer: Arc<ZoneIndexer<NodeHttpClient>>,
     pub config: IndexerConfig,
     pub store: IndexerStore,
 }
 
-#[derive(Clone)]
-/// This struct represents one L1 block data fetched from backfilling.
-pub struct BackfillBlockData {
-    l2_blocks: Vec<Block>,
-    l1_header: HeaderId,
-}
-
-#[derive(Clone)]
-/// This struct represents data fetched fom backfilling in one iteration.
-pub struct BackfillData {
-    block_data: VecDeque<BackfillBlockData>,
-    curr_fin_l1_lib_header: HeaderId,
-}
-
 impl IndexerCore {
     pub fn new(config: IndexerConfig) -> Result<Self> {
         let hashable_data = HashableBlockData {
@@ -63,6 +48,7 @@ impl IndexerCore {
                     .iter()
                     .map(|init_comm_data| {
                         let npk = &init_comm_data.npk;
+                        let account_id = nssa::AccountId::from((npk, 0));
 
                         let mut acc = init_comm_data.account.clone();
 
@@ -70,8 +56,8 @@ impl IndexerCore {
                             nssa::program::Program::authenticated_transfer_program().id();
 
                         (
-                            nssa_core::Commitment::new(npk, &acc),
-                            nssa_core::Nullifier::for_account_initialization(npk),
+                            nssa_core::Commitment::new(&account_id, &acc),
+                            nssa_core::Nullifier::for_account_initialization(&account_id),
                         )
                     })
                     .collect()
@@ -106,279 +92,88 @@ impl IndexerCore {
 
         let home = config.home.join("rocksdb");
 
+        let basic_auth = config.bedrock_config.auth.clone().map(Into::into);
+        let node = NodeHttpClient::new(
+            CommonHttpClient::new(basic_auth),
+            config.bedrock_config.addr.clone(),
+        );
+        let zone_indexer = ZoneIndexer::new(config.channel_id, node);
+
         Ok(Self {
-            bedrock_client: BedrockClient::new(
-                config.bedrock_client_config.backoff,
-                config.bedrock_client_config.addr.clone(),
-                config.bedrock_client_config.auth.clone(),
-            )?,
+            zone_indexer: Arc::new(zone_indexer),
             config,
             store: IndexerStore::open_db_with_genesis(&home, &genesis_block, &state)?,
         })
     }
 
-    pub fn subscribe_parse_block_stream(&self) -> impl futures::Stream<Item = Result<Block>> {
+    pub fn subscribe_parse_block_stream(&self) -> impl futures::Stream<Item = Result<Block>> + '_ {
+        let poll_interval = self.config.consensus_info_polling_interval;
+        let initial_cursor = self
+            .store
+            .get_zone_cursor()
+            .expect("Failed to load zone-sdk indexer cursor");
+
         async_stream::stream! {
-            info!("Searching for initial header");
+            let mut cursor = initial_cursor;
 
-            let last_stored_l1_lib_header = self.store.last_observed_l1_lib_header()?;
-
-            let mut prev_last_l1_lib_header = if let Some(last_l1_lib_header) = last_stored_l1_lib_header {
-                info!("Last l1 lib header found: {last_l1_lib_header}");
-                last_l1_lib_header
+            if cursor.is_some() {
+                info!("Resuming indexer from cursor {cursor:?}");
             } else {
-                info!("Last l1 lib header not found in DB");
-                info!("Searching for the start of a channel");
-
-                let BackfillData {
-                    block_data: start_buff,
-                    curr_fin_l1_lib_header: last_l1_lib_header,
-                } = self.search_for_channel_start().await?;
-
-                for BackfillBlockData {
-                    l2_blocks: l2_block_vec,
-                    l1_header,
-                } in start_buff {
-                    let mut l2_blocks_parsed_ids: Vec<_> = l2_block_vec.iter().map(|block| block.header.block_id).collect();
-                    l2_blocks_parsed_ids.sort_unstable();
-                    info!("Parsed {} L2 blocks with ids {:?}", l2_block_vec.len(), l2_blocks_parsed_ids);
-
-                    for l2_block in l2_block_vec {
-                        // TODO: proper fix is to make the sequencer's genesis include a
-                        // trailing `clock_invocation(0)` (and have the indexer's
-                        // `open_db_with_genesis` not pre-apply state transitions) so the
-                        // inscribed genesis can flow through `put_block` like any other
-                        // block. For now we skip re-applying it.
-                        //
-                        // The channel-start (block_id == 1) is the sequencer's genesis
-                        // inscription that we re-discover during initial search. The
-                        // indexer already has its own locally-constructed genesis in
-                        // the store from `open_db_with_genesis`, so re-applying the
-                        // inscribed copy is both redundant and would fail the strict
-                        // block validation in `put_block` (the inscribed genesis lacks
-                        // the trailing clock invocation).
-                        if l2_block.header.block_id != 1 {
-                            self
-                            .store
-                            .put_block(l2_block.clone(), l1_header)
-                            .await
-                            .inspect_err(|err| error!("Failed to put block with err {err:?}"))?;
-                        }
-
-                        yield Ok(l2_block);
-                    }
-                }
-
-                last_l1_lib_header
-            };
-
-            info!("Searching for initial header finished");
-
-            info!("Starting backfilling from {prev_last_l1_lib_header}");
+                info!("Starting indexer from beginning of channel");
+            }
 
             loop {
-                let BackfillData {
-                    block_data: buff,
-                    curr_fin_l1_lib_header,
-                } = self
-                    .backfill_to_last_l1_lib_header_id(prev_last_l1_lib_header, &self.config.channel_id)
-                    .await
-                    .inspect_err(|err| error!("Failed to backfill to last l1 lib header id with err {err:#?}"))?;
-
-                prev_last_l1_lib_header = curr_fin_l1_lib_header;
-
-                for BackfillBlockData {
-                    l2_blocks: l2_block_vec,
-                    l1_header: header,
-                } in buff {
-                    let mut l2_blocks_parsed_ids: Vec<_> = l2_block_vec.iter().map(|block| block.header.block_id).collect();
-                    l2_blocks_parsed_ids.sort_unstable();
-                    info!("Parsed {} L2 blocks with ids {:?}", l2_block_vec.len(), l2_blocks_parsed_ids);
-
-                    for l2_block in l2_block_vec {
-                        self.store.put_block(l2_block.clone(), header).await?;
-
-                        yield Ok(l2_block);
+                let stream = match self.zone_indexer.next_messages(cursor).await {
+                    Ok(s) => s,
+                    Err(err) => {
+                        error!("Failed to start zone-sdk next_messages stream: {err}");
+                        tokio::time::sleep(poll_interval).await;
+                        continue;
                     }
-                }
-            }
-        }
-    }
-
-    async fn get_lib(&self) -> Result<HeaderId> {
-        Ok(self.bedrock_client.get_consensus_info().await?.lib)
-    }
-
-    async fn get_next_lib(&self, prev_lib: HeaderId) -> Result<HeaderId> {
-        loop {
-            let next_lib = self.get_lib().await?;
-            if next_lib == prev_lib {
-                info!(
-                    "Wait {:?} to not spam the node",
-                    self.config.consensus_info_polling_interval
-                );
-                tokio::time::sleep(self.config.consensus_info_polling_interval).await;
-            } else {
-                break Ok(next_lib);
-            }
-        }
-    }
-
-    /// WARNING: depending on channel state,
-    /// may take indefinite amount of time.
-    pub async fn search_for_channel_start(&self) -> Result<BackfillData> {
-        let mut curr_last_l1_lib_header = self.get_lib().await?;
-        let mut backfill_start = curr_last_l1_lib_header;
-        // ToDo: How to get root?
-        let mut backfill_limit = HeaderId::from([0; 32]);
-        // ToDo: Not scalable, initial buffer should be stored in DB to not run out of memory
-        // Don't want to complicate DB even more right now.
-        let mut block_buffer = VecDeque::new();
-
-        'outer: loop {
-            let mut cycle_header = curr_last_l1_lib_header;
-
-            loop {
-                let Some(cycle_block) = self.bedrock_client.get_block_by_id(cycle_header).await?
-                else {
-                    // First run can reach root easily
-                    // so here we are optimistic about L1
-                    // failing to get parent.
-                    break;
                 };
+                let mut stream = std::pin::pin!(stream);
 
-                // It would be better to have id, but block does not have it, so slot will do.
-                info!(
-                    "INITIAL SEARCH: Observed L1 block at slot {}",
-                    cycle_block.header().slot().into_inner()
-                );
-                debug!(
-                    "INITIAL SEARCH: This block header is {}",
-                    cycle_block.header().id()
-                );
-                debug!(
-                    "INITIAL SEARCH: This block parent is {}",
-                    cycle_block.header().parent()
-                );
+                while let Some((msg, slot)) = stream.next().await {
+                    let zone_block = match msg {
+                        ZoneMessage::Block(b) => b,
+                        // Non-block messages don't carry a cursor position; the
+                        // next ZoneBlock advances past them implicitly.
+                        ZoneMessage::Deposit(_) | ZoneMessage::Withdraw(_) => continue,
+                    };
 
-                let (l2_block_vec, l1_header) =
-                    parse_block_owned(&cycle_block, &self.config.channel_id);
+                    let block: Block = match borsh::from_slice(&zone_block.data) {
+                        Ok(b) => b,
+                        Err(e) => {
+                            error!("Failed to deserialize L2 block from zone-sdk: {e}");
+                            // Advance past the broken inscription so we don't
+                            // re-process it on restart.
+                            cursor = Some((zone_block.id, slot));
+                            if let Err(err) = self.store.set_zone_cursor(&(zone_block.id, slot)) {
+                                warn!("Failed to persist indexer cursor: {err:#}");
+                            }
+                            continue;
+                        }
+                    };
 
-                info!("Parsed {} L2 blocks", l2_block_vec.len());
+                    info!("Indexed L2 block {}", block.header.block_id);
 
-                if !l2_block_vec.is_empty() {
-                    block_buffer.push_front(BackfillBlockData {
-                        l2_blocks: l2_block_vec.clone(),
-                        l1_header,
-                    });
-                }
-
-                if let Some(first_l2_block) = l2_block_vec.first()
-                    && first_l2_block.header.block_id == 1
-                {
-                    info!("INITIAL_SEARCH: Found channel start");
-                    break 'outer;
-                }
-
-                // Step back to parent
-                let parent = cycle_block.header().parent();
-
-                if parent == backfill_limit {
-                    break;
-                }
-
-                cycle_header = parent;
-            }
-
-            info!("INITIAL_SEARCH: Reached backfill limit, refetching last l1 lib header");
-
-            block_buffer.clear();
-            backfill_limit = backfill_start;
-            curr_last_l1_lib_header = self.get_next_lib(curr_last_l1_lib_header).await?;
-            backfill_start = curr_last_l1_lib_header;
-        }
-
-        Ok(BackfillData {
-            block_data: block_buffer,
-            curr_fin_l1_lib_header: curr_last_l1_lib_header,
-        })
-    }
-
-    pub async fn backfill_to_last_l1_lib_header_id(
-        &self,
-        last_fin_l1_lib_header: HeaderId,
-        channel_id: &ChannelId,
-    ) -> Result<BackfillData> {
-        let curr_fin_l1_lib_header = self.get_next_lib(last_fin_l1_lib_header).await?;
-        // ToDo: Not scalable, buffer should be stored in DB to not run out of memory
-        // Don't want to complicate DB even more right now.
-        let mut block_buffer = VecDeque::new();
-
-        let mut cycle_header = curr_fin_l1_lib_header;
-        loop {
-            let Some(cycle_block) = self.bedrock_client.get_block_by_id(cycle_header).await? else {
-                return Err(anyhow::anyhow!("Parent not found"));
-            };
-
-            if cycle_block.header().id() == last_fin_l1_lib_header {
-                break;
-            }
-            // Step back to parent
-            cycle_header = cycle_block.header().parent();
-
-            // It would be better to have id, but block does not have it, so slot will do.
-            info!(
-                "Observed L1 block at slot {}",
-                cycle_block.header().slot().into_inner()
-            );
-
-            let (l2_block_vec, l1_header) = parse_block_owned(&cycle_block, channel_id);
-
-            info!("Parsed {} L2 blocks", l2_block_vec.len());
-
-            if !l2_block_vec.is_empty() {
-                block_buffer.push_front(BackfillBlockData {
-                    l2_blocks: l2_block_vec,
-                    l1_header,
-                });
-            }
-        }
-
-        Ok(BackfillData {
-            block_data: block_buffer,
-            curr_fin_l1_lib_header,
-        })
-    }
-}
-
-fn parse_block_owned(
-    l1_block: &bedrock_client::Block<SignedMantleTx>,
-    decoded_channel_id: &ChannelId,
-) -> (Vec<Block>, HeaderId) {
-    (
-        #[expect(
-            clippy::wildcard_enum_match_arm,
-            reason = "We are only interested in channel inscription ops, so it's fine to ignore the rest"
-        )]
-        l1_block
-            .transactions()
-            .flat_map(|tx| {
-                tx.mantle_tx.ops.iter().filter_map(|op| match op {
-                    Op::ChannelInscribe(InscriptionOp {
-                        channel_id,
-                        inscription,
-                        ..
-                    }) if channel_id == decoded_channel_id => {
-                        borsh::from_slice::<Block>(inscription)
-                            .inspect_err(|err| {
-                                error!("Failed to deserialize our inscription with err: {err:#?}");
-                            })
-                            .ok()
+                    // TODO: Remove l1_header placeholder once storage layer
+                    // no longer requires it. Zone-sdk handles L1 tracking internally.
+                    let placeholder_l1_header = HeaderId::from([0_u8; 32]);
+                    if let Err(err) = self.store.put_block(block.clone(), placeholder_l1_header).await {
+                        error!("Failed to store block {}: {err:#}", block.header.block_id);
                     }
-                    _ => None,
-                })
-            })
-            .collect(),
-        l1_block.header().id(),
-    )
+
+                    cursor = Some((zone_block.id, slot));
+                    if let Err(err) = self.store.set_zone_cursor(&(zone_block.id, slot)) {
+                        warn!("Failed to persist indexer cursor: {err:#}");
+                    }
+                    yield Ok(block);
+                }
+
+                // Stream ended (caught up to LIB). Sleep then poll again.
+                tokio::time::sleep(poll_interval).await;
+            }
+        }
+    }
 }
diff --git a/indexer/service/configs/indexer_config.json b/indexer/service/configs/indexer_config.json
index e4dd8f93..558a3bfe 100644
--- a/indexer/service/configs/indexer_config.json
+++ b/indexer/service/configs/indexer_config.json
@@ -1,12 +1,8 @@
 {
     "home": ".",
     "consensus_info_polling_interval": "1s",
-    "bedrock_client_config": {
-        "addr": "http://localhost:8080",
-        "backoff": {
-            "start_delay": "100ms",
-            "max_retries": 5
-        }
+    "bedrock_config": {
+        "addr": "http://localhost:8080"
     },
     "channel_id": "0101010101010101010101010101010101010101010101010101010101010101",
     "initial_accounts": [
diff --git a/indexer/service/src/mock_service.rs b/indexer/service/src/mock_service.rs
index 09ae96f5..c4a099b8 100644
--- a/indexer/service/src/mock_service.rs
+++ b/indexer/service/src/mock_service.rs
@@ -6,7 +6,7 @@
     clippy::integer_division_remainder_used,
     reason = "Mock service uses intentional casts and format patterns for test data generation"
 )]
-use std::collections::HashMap;
+use std::{collections::HashMap, sync::Arc, time::Duration};
 
 use indexer_service_protocol::{
     Account, AccountId, BedrockStatus, Block, BlockBody, BlockHeader, BlockId, Commitment,
@@ -19,15 +19,73 @@ use jsonrpsee::{
     core::{SubscriptionResult, async_trait},
     types::ErrorObjectOwned,
 };
+use tokio::sync::{RwLock, broadcast};
 
-/// A mock implementation of the `IndexerService` RPC for testing purposes.
-pub struct MockIndexerService {
+const MOCK_GENESIS_TIMESTAMP_MS: u64 = 1_704_067_200_000;
+const MOCK_BLOCK_INTERVAL_MS: u64 = 30_000;
+
+struct MockState {
     blocks: Vec<Block>,
     accounts: HashMap<AccountId, Account>,
+    account_ids: Vec<AccountId>,
     transactions: HashMap<HashType, (Transaction, BlockId)>,
 }
 
+/// A mock implementation of the `IndexerService` RPC for testing purposes.
+pub struct MockIndexerService {
+    state: Arc<RwLock<MockState>>,
+    finalized_blocks_tx: broadcast::Sender<Block>,
+}
+
 impl MockIndexerService {
+    fn spawn_block_generation_task(
+        state: Arc<RwLock<MockState>>,
+        finalized_blocks_tx: broadcast::Sender<Block>,
+    ) {
+        tokio::spawn(async move {
+            loop {
+                tokio::time::sleep(Duration::from_secs(30)).await;
+
+                let new_block = {
+                    let mut state = state.write().await;
+
+                    let next_block_id = state
+                        .blocks
+                        .last()
+                        .map_or(1, |block| block.header.block_id.saturating_add(1));
+                    let prev_hash = state
+                        .blocks
+                        .last()
+                        .map_or(HashType([0_u8; 32]), |block| block.header.hash);
+                    let timestamp = state.blocks.last().map_or(
+                        MOCK_GENESIS_TIMESTAMP_MS + MOCK_BLOCK_INTERVAL_MS,
+                        |block| {
+                            block
+                                .header
+                                .timestamp
+                                .saturating_add(MOCK_BLOCK_INTERVAL_MS)
+                        },
+                    );
+
+                    let block = build_mock_block(
+                        next_block_id,
+                        prev_hash,
+                        timestamp,
+                        &state.account_ids,
+                        BedrockStatus::Finalized,
+                    );
+
+                    index_block_transactions(&mut state.transactions, &block);
+                    state.blocks.push(block.clone());
+
+                    block
+                };
+
+                let _res = finalized_blocks_tx.send(new_block);
+            }
+        });
+    }
+
     #[must_use]
     pub fn new_with_mock_blocks() -> Self {
         let mut blocks = Vec::new();
@@ -59,119 +117,38 @@ impl MockIndexerService {
         let mut prev_hash = HashType([0_u8; 32]);
 
         for block_id in 1..=100 {
-            let block_hash = {
-                let mut hash = [0_u8; 32];
-                hash[0] = block_id as u8;
-                hash[1] = 0xff;
-                HashType(hash)
-            };
-
-            // Create 2-4 transactions per block (mix of Public, PrivacyPreserving, and
-            // ProgramDeployment)
-            let num_txs = 2 + (block_id % 3);
-            let mut block_transactions = Vec::new();
-
-            for tx_idx in 0..num_txs {
-                let tx_hash = {
-                    let mut hash = [0_u8; 32];
-                    hash[0] = block_id as u8;
-                    hash[1] = tx_idx as u8;
-                    HashType(hash)
-                };
-
-                // Vary transaction types: Public, PrivacyPreserving, or ProgramDeployment
-                let tx = match (block_id + tx_idx) % 5 {
-                    // Public transactions (most common)
-                    0 | 1 => Transaction::Public(PublicTransaction {
-                        hash: tx_hash,
-                        message: PublicMessage {
-                            program_id: ProgramId([1_u32; 8]),
-                            account_ids: vec![
-                                account_ids[tx_idx as usize % account_ids.len()],
-                                account_ids[(tx_idx as usize + 1) % account_ids.len()],
-                            ],
-                            nonces: vec![block_id as u128, (block_id + 1) as u128],
-                            instruction_data: vec![1, 2, 3, 4],
-                        },
-                        witness_set: WitnessSet {
-                            signatures_and_public_keys: vec![],
-                            proof: None,
-                        },
-                    }),
-                    // PrivacyPreserving transactions
-                    2 | 3 => Transaction::PrivacyPreserving(PrivacyPreservingTransaction {
-                        hash: tx_hash,
-                        message: PrivacyPreservingMessage {
-                            public_account_ids: vec![
-                                account_ids[tx_idx as usize % account_ids.len()],
-                            ],
-                            nonces: vec![block_id as u128],
-                            public_post_states: vec![Account {
-                                program_owner: ProgramId([1_u32; 8]),
-                                balance: 500,
-                                data: Data(vec![0xdd, 0xee]),
-                                nonce: block_id as u128,
-                            }],
-                            encrypted_private_post_states: vec![EncryptedAccountData {
-                                ciphertext: indexer_service_protocol::Ciphertext(vec![
-                                    0x01, 0x02, 0x03, 0x04,
-                                ]),
-                                epk: indexer_service_protocol::EphemeralPublicKey(vec![0xaa; 32]),
-                                view_tag: 42,
-                            }],
-                            new_commitments: vec![Commitment([block_id as u8; 32])],
-                            new_nullifiers: vec![(
-                                indexer_service_protocol::Nullifier([tx_idx as u8; 32]),
-                                CommitmentSetDigest([0xff; 32]),
-                            )],
-                            block_validity_window: ValidityWindow((None, None)),
-                            timestamp_validity_window: ValidityWindow((None, None)),
-                        },
-                        witness_set: WitnessSet {
-                            signatures_and_public_keys: vec![],
-                            proof: Some(indexer_service_protocol::Proof(vec![0; 32])),
-                        },
-                    }),
-                    // ProgramDeployment transactions (rare)
-                    _ => Transaction::ProgramDeployment(ProgramDeploymentTransaction {
-                        hash: tx_hash,
-                        message: ProgramDeploymentMessage {
-                            bytecode: vec![0x00, 0x61, 0x73, 0x6d, 0x01, 0x00, 0x00, 0x00], /* WASM magic number */
-                        },
-                    }),
-                };
-
-                transactions.insert(tx_hash, (tx.clone(), block_id));
-                block_transactions.push(tx);
-            }
-
-            let block = Block {
-                header: BlockHeader {
-                    block_id,
-                    prev_block_hash: prev_hash,
-                    hash: block_hash,
-                    timestamp: 1_704_067_200_000 + (block_id * 12_000), // ~12 seconds per block
-                    signature: Signature([0_u8; 64]),
-                },
-                body: BlockBody {
-                    transactions: block_transactions,
-                },
-                bedrock_status: match block_id {
+            let block = build_mock_block(
+                block_id,
+                prev_hash,
+                MOCK_GENESIS_TIMESTAMP_MS + (block_id * MOCK_BLOCK_INTERVAL_MS),
+                &account_ids,
+                match block_id {
                     0..=5 => BedrockStatus::Finalized,
                     6..=8 => BedrockStatus::Safe,
                     _ => BedrockStatus::Pending,
                 },
-                bedrock_parent_id: MantleMsgId([0; 32]),
-            };
+            );
 
-            prev_hash = block_hash;
+            index_block_transactions(&mut transactions, &block);
+
+            prev_hash = block.header.hash;
             blocks.push(block);
         }
 
-        Self {
+        let state = Arc::new(RwLock::new(MockState {
             blocks,
             accounts,
+            account_ids,
             transactions,
+        }));
+
+        let (finalized_blocks_tx, _) = broadcast::channel(32);
+
+        Self::spawn_block_generation_task(Arc::clone(&state), finalized_blocks_tx.clone());
+
+        Self {
+            state,
+            finalized_blocks_tx,
         }
     }
 }
@@ -183,21 +160,45 @@ impl indexer_service_rpc::RpcServer for MockIndexerService {
         subscription_sink: jsonrpsee::PendingSubscriptionSink,
     ) -> SubscriptionResult {
         let sink = subscription_sink.accept().await?;
-        for block in self
-            .blocks
-            .iter()
-            .filter(|b| b.bedrock_status == BedrockStatus::Finalized)
-        {
+        let initial_finalized_blocks: Vec<Block> = {
+            let state = self.state.read().await;
+            state
+                .blocks
+                .iter()
+                .filter(|b| b.bedrock_status == BedrockStatus::Finalized)
+                .cloned()
+                .collect()
+        };
+
+        for block in &initial_finalized_blocks {
             let json = serde_json::value::to_raw_value(block).unwrap();
             sink.send(json).await?;
         }
+
+        let mut receiver = self.finalized_blocks_tx.subscribe();
+        loop {
+            match receiver.recv().await {
+                Ok(block) => {
+                    let json = serde_json::value::to_raw_value(&block).unwrap();
+                    sink.send(json).await?;
+                }
+                Err(broadcast::error::RecvError::Lagged(_)) => {}
+                Err(broadcast::error::RecvError::Closed) => break,
+            }
+        }
+
         Ok(())
     }
 
     async fn get_last_finalized_block_id(&self) -> Result<BlockId, ErrorObjectOwned> {
-        self.blocks
-            .last()
-            .map(|bl| bl.header.block_id)
+        self.state
+            .read()
+            .await
+            .blocks
+            .iter()
+            .rev()
+            .find(|block| block.bedrock_status == BedrockStatus::Finalized)
+            .map(|block| block.header.block_id)
             .ok_or_else(|| {
                 ErrorObjectOwned::owned(-32001, "Last block not found".to_owned(), None::<()>)
             })
@@ -205,6 +206,9 @@ impl indexer_service_rpc::RpcServer for MockIndexerService {
 
     async fn get_block_by_id(&self, block_id: BlockId) -> Result<Option<Block>, ErrorObjectOwned> {
         Ok(self
+            .state
+            .read()
+            .await
             .blocks
             .iter()
             .find(|b| b.header.block_id == block_id)
@@ -216,6 +220,9 @@ impl indexer_service_rpc::RpcServer for MockIndexerService {
         block_hash: HashType,
     ) -> Result<Option<Block>, ErrorObjectOwned> {
         Ok(self
+            .state
+            .read()
+            .await
             .blocks
             .iter()
             .find(|b| b.header.hash == block_hash)
@@ -223,7 +230,10 @@ impl indexer_service_rpc::RpcServer for MockIndexerService {
     }
 
     async fn get_account(&self, account_id: AccountId) -> Result<Account, ErrorObjectOwned> {
-        self.accounts
+        self.state
+            .read()
+            .await
+            .accounts
             .get(&account_id)
             .cloned()
             .ok_or_else(|| ErrorObjectOwned::owned(-32001, "Account not found", None::<()>))
@@ -233,7 +243,13 @@ impl indexer_service_rpc::RpcServer for MockIndexerService {
         &self,
         tx_hash: HashType,
     ) -> Result<Option<Transaction>, ErrorObjectOwned> {
-        Ok(self.transactions.get(&tx_hash).map(|(tx, _)| tx.clone()))
+        Ok(self
+            .state
+            .read()
+            .await
+            .transactions
+            .get(&tx_hash)
+            .map(|(tx, _)| tx.clone()))
     }
 
     async fn get_blocks(
@@ -241,15 +257,17 @@ impl indexer_service_rpc::RpcServer for MockIndexerService {
         before: Option<BlockId>,
         limit: u64,
     ) -> Result<Vec<Block>, ErrorObjectOwned> {
+        let state = self.state.read().await;
+
         let start_id = before.map_or_else(
-            || self.blocks.len(),
+            || state.blocks.len(),
             |id| usize::try_from(id.saturating_sub(1)).expect("u64 should fit in usize"),
         );
 
         let result = (1..=start_id)
             .rev()
             .take(limit as usize)
-            .map_while(|block_id| self.blocks.get(block_id - 1).cloned())
+            .map_while(|block_id| state.blocks.get(block_id - 1).cloned())
             .collect();
 
         Ok(result)
@@ -261,20 +279,24 @@ impl indexer_service_rpc::RpcServer for MockIndexerService {
         offset: u64,
         limit: u64,
     ) -> Result<Vec<Transaction>, ErrorObjectOwned> {
-        let mut account_txs: Vec<_> = self
-            .transactions
-            .values()
-            .filter(|(tx, _)| match tx {
-                Transaction::Public(pub_tx) => pub_tx.message.account_ids.contains(&account_id),
-                Transaction::PrivacyPreserving(priv_tx) => {
-                    priv_tx.message.public_account_ids.contains(&account_id)
-                }
-                Transaction::ProgramDeployment(_) => false,
-            })
-            .collect();
+        let mut account_txs: Vec<(Transaction, BlockId)> = {
+            let state = self.state.read().await;
+            state
+                .transactions
+                .values()
+                .filter(|(tx, _)| match tx {
+                    Transaction::Public(pub_tx) => pub_tx.message.account_ids.contains(&account_id),
+                    Transaction::PrivacyPreserving(priv_tx) => {
+                        priv_tx.message.public_account_ids.contains(&account_id)
+                    }
+                    Transaction::ProgramDeployment(_) => false,
+                })
+                .cloned()
+                .collect()
+        };
 
         // Sort by block ID descending (most recent first)
-        account_txs.sort_by_key(|b| std::cmp::Reverse(b.1));
+        account_txs.sort_by_key(|(_, block_id)| std::cmp::Reverse(*block_id));
 
         let start = offset as usize;
         if start >= account_txs.len() {
@@ -293,3 +315,123 @@ impl indexer_service_rpc::RpcServer for MockIndexerService {
         Ok(())
     }
 }
+
+fn build_mock_block(
+    block_id: BlockId,
+    prev_hash: HashType,
+    timestamp: u64,
+    account_ids: &[AccountId],
+    bedrock_status: BedrockStatus,
+) -> Block {
+    let block_hash = {
+        let mut hash = [0_u8; 32];
+        hash[0] = block_id as u8;
+        hash[1] = 0xff;
+        HashType(hash)
+    };
+
+    // Create 2-4 transactions per block (mix of Public, PrivacyPreserving, and ProgramDeployment)
+    let num_txs = 2 + (block_id % 3);
+    let mut block_transactions = Vec::new();
+
+    for tx_idx in 0..num_txs {
+        let tx_hash = {
+            let mut hash = [0_u8; 32];
+            hash[0] = block_id as u8;
+            hash[1] = tx_idx as u8;
+            HashType(hash)
+        };
+
+        // Vary transaction types: Public, PrivacyPreserving, or ProgramDeployment
+        let tx = match (block_id + tx_idx) % 5 {
+            // Public transactions (most common)
+            0 | 1 => Transaction::Public(PublicTransaction {
+                hash: tx_hash,
+                message: PublicMessage {
+                    program_id: ProgramId([1_u32; 8]),
+                    account_ids: vec![
+                        account_ids[tx_idx as usize % account_ids.len()],
+                        account_ids[(tx_idx as usize + 1) % account_ids.len()],
+                    ],
+                    nonces: vec![block_id as u128, (block_id + 1) as u128],
+                    instruction_data: vec![1, 2, 3, 4],
+                },
+                witness_set: WitnessSet {
+                    signatures_and_public_keys: vec![],
+                    proof: None,
+                },
+            }),
+            // PrivacyPreserving transactions
+            2 | 3 => Transaction::PrivacyPreserving(PrivacyPreservingTransaction {
+                hash: tx_hash,
+                message: PrivacyPreservingMessage {
+                    public_account_ids: vec![account_ids[tx_idx as usize % account_ids.len()]],
+                    nonces: vec![block_id as u128],
+                    public_post_states: vec![Account {
+                        program_owner: ProgramId([1_u32; 8]),
+                        balance: 500,
+                        data: Data(vec![0xdd, 0xee]),
+                        nonce: block_id as u128,
+                    }],
+                    encrypted_private_post_states: vec![EncryptedAccountData {
+                        ciphertext: indexer_service_protocol::Ciphertext(vec![
+                            0x01, 0x02, 0x03, 0x04,
+                        ]),
+                        epk: indexer_service_protocol::EphemeralPublicKey(vec![0xaa; 32]),
+                        view_tag: 42,
+                    }],
+                    new_commitments: vec![Commitment([block_id as u8; 32])],
+                    new_nullifiers: vec![(
+                        indexer_service_protocol::Nullifier([tx_idx as u8; 32]),
+                        CommitmentSetDigest([0xff; 32]),
+                    )],
+                    block_validity_window: ValidityWindow((None, None)),
+                    timestamp_validity_window: ValidityWindow((None, None)),
+                },
+                witness_set: WitnessSet {
+                    signatures_and_public_keys: vec![],
+                    proof: Some(indexer_service_protocol::Proof(vec![0; 32])),
+                },
+            }),
+            // ProgramDeployment transactions (rare)
+            _ => Transaction::ProgramDeployment(ProgramDeploymentTransaction {
+                hash: tx_hash,
+                message: ProgramDeploymentMessage {
+                    bytecode: vec![0x00, 0x61, 0x73, 0x6d, 0x01, 0x00, 0x00, 0x00], /* WASM magic
+                                                                                     * number */
+                },
+            }),
+        };
+
+        block_transactions.push(tx);
+    }
+
+    Block {
+        header: BlockHeader {
+            block_id,
+            prev_block_hash: prev_hash,
+            hash: block_hash,
+            timestamp,
+            signature: Signature([0_u8; 64]),
+        },
+        body: BlockBody {
+            transactions: block_transactions,
+        },
+        bedrock_status,
+        bedrock_parent_id: MantleMsgId([0; 32]),
+    }
+}
+
+fn index_block_transactions(
+    transactions: &mut HashMap<HashType, (Transaction, BlockId)>,
+    block: &Block,
+) {
+    for tx in &block.body.transactions {
+        let tx_hash = match tx {
+            Transaction::Public(public_tx) => public_tx.hash,
+            Transaction::PrivacyPreserving(private_tx) => private_tx.hash,
+            Transaction::ProgramDeployment(deployment_tx) => deployment_tx.hash,
+        };
+        transactions.insert(tx_hash, (tx.clone(), block.header.block_id));
+    }
+}
diff --git a/integration_tests/Cargo.toml b/integration_tests/Cargo.toml
index 465ff301..5f1f1037 100644
--- a/integration_tests/Cargo.toml
+++ b/integration_tests/Cargo.toml
@@ -19,8 +19,9 @@ indexer_service.workspace = true
 serde_json.workspace = true
 token_core.workspace = true
 ata_core.workspace = true
-indexer_service_rpc.workspace = true
+indexer_service_rpc = { workspace = true, features = ["client"] }
 sequencer_service_rpc = { workspace = true, features = ["client"] }
+jsonrpsee = { workspace = true, features = ["ws-client"] }
 wallet-ffi.workspace = true
 indexer_ffi.workspace = true
 testnet_initial_state.workspace = true
@@ -36,4 +37,4 @@ hex.workspace = true
 tempfile.workspace = true
 bytesize.workspace = true
 futures.workspace = true
-testcontainers = { version = "0.27.0", features = ["docker-compose"] }
+testcontainers = { version = "0.27.3", features = ["docker-compose"] }
diff --git a/integration_tests/src/config.rs b/integration_tests/src/config.rs
index 008f7700..7b3825de 100644
--- a/integration_tests/src/config.rs
+++ b/integration_tests/src/config.rs
@@ -2,7 +2,7 @@ use std::{net::SocketAddr, path::PathBuf, time::Duration};
 
 use anyhow::{Context as _, Result};
 use bytesize::ByteSize;
-use indexer_service::{BackoffConfig, ChannelId, ClientConfig, IndexerConfig};
+use indexer_service::{ChannelId, ClientConfig, IndexerConfig};
 use key_protocol::key_management::KeyChain;
 use nssa::{Account, AccountId, PrivateKey, PublicKey};
 use nssa_core::{account::Data, program::DEFAULT_PROGRAM_ID};
@@ -60,11 +60,11 @@ impl InitialData {
 
         let mut private_charlie_key_chain = KeyChain::new_os_random();
         let mut private_charlie_account_id =
-            AccountId::from(&private_charlie_key_chain.nullifier_public_key);
+            AccountId::from((&private_charlie_key_chain.nullifier_public_key, 0));
 
         let mut private_david_key_chain = KeyChain::new_os_random();
         let mut private_david_account_id =
-            AccountId::from(&private_david_key_chain.nullifier_public_key);
+            AccountId::from((&private_david_key_chain.nullifier_public_key, 0));
 
         // Ensure consistent ordering
         if private_charlie_account_id > private_david_account_id {
@@ -139,11 +139,10 @@ impl InitialData {
                 })
             })
             .chain(self.private_accounts.iter().map(|(key_chain, account)| {
-                let account_id = AccountId::from(&key_chain.nullifier_public_key);
                 InitialAccountData::Private(Box::new(PrivateAccountPrivateInitialData {
-                    account_id,
                     account: account.clone(),
                     key_chain: key_chain.clone(),
+                    identifier: 0,
                 }))
             }))
             .collect()
@@ -165,35 +164,10 @@ impl std::fmt::Display for UrlProtocol {
     }
 }
 
-pub fn indexer_config(
-    bedrock_addr: SocketAddr,
-    home: PathBuf,
-    initial_data: &InitialData,
-) -> Result<IndexerConfig> {
-    Ok(IndexerConfig {
-        home,
-        consensus_info_polling_interval: Duration::from_secs(1),
-        bedrock_client_config: ClientConfig {
-            addr: addr_to_url(UrlProtocol::Http, bedrock_addr)
-                .context("Failed to convert bedrock addr to URL")?,
-            auth: None,
-            backoff: BackoffConfig {
-                start_delay: Duration::from_millis(100),
-                max_retries: 10,
-            },
-        },
-        initial_public_accounts: Some(initial_data.sequencer_initial_public_accounts()),
-        initial_private_accounts: Some(initial_data.sequencer_initial_private_accounts()),
-        signing_key: [37; 32],
-        channel_id: bedrock_channel_id(),
-    })
-}
-
 pub fn sequencer_config(
     partial: SequencerPartialConfig,
     home: PathBuf,
     bedrock_addr: SocketAddr,
-    indexer_addr: SocketAddr,
     initial_data: &InitialData,
 ) -> Result<SequencerConfig> {
     let SequencerPartialConfig {
@@ -216,17 +190,11 @@ pub fn sequencer_config(
         initial_private_accounts: Some(initial_data.sequencer_initial_private_accounts()),
         signing_key: [37; 32],
         bedrock_config: BedrockConfig {
-            backoff: BackoffConfig {
-                start_delay: Duration::from_millis(100),
-                max_retries: 5,
-            },
             channel_id: bedrock_channel_id(),
             node_url: addr_to_url(UrlProtocol::Http, bedrock_addr)
                 .context("Failed to convert bedrock addr to URL")?,
             auth: None,
         },
-        indexer_rpc_url: addr_to_url(UrlProtocol::Ws, indexer_addr)
-            .context("Failed to convert indexer addr to URL")?,
     })
 }
 
@@ -246,6 +214,26 @@ pub fn wallet_config(
     })
 }
 
+pub fn indexer_config(
+    bedrock_addr: SocketAddr,
+    home: PathBuf,
+    initial_data: &InitialData,
+) -> Result<IndexerConfig> {
+    Ok(IndexerConfig {
+        home,
+        consensus_info_polling_interval: Duration::from_secs(1),
+        bedrock_config: ClientConfig {
+            addr: addr_to_url(UrlProtocol::Http, bedrock_addr)
+                .context("Failed to convert bedrock addr to URL")?,
+            auth: None,
+        },
+        initial_public_accounts: Some(initial_data.sequencer_initial_public_accounts()),
+        initial_private_accounts: Some(initial_data.sequencer_initial_private_accounts()),
+        signing_key: [37; 32],
+        channel_id: bedrock_channel_id(),
+    })
+}
+
 pub fn addr_to_url(protocol: UrlProtocol, addr: SocketAddr) -> Result<Url> {
     // Convert 0.0.0.0 to 127.0.0.1 for client connections
     // When binding to port 0, the server binds to 0.0.0.0:<random_port>
diff --git a/integration_tests/src/indexer_client.rs b/integration_tests/src/indexer_client.rs
new file mode 100644
index 00000000..5641d824
--- /dev/null
+++ b/integration_tests/src/indexer_client.rs
@@ -0,0 +1,34 @@
+//! Thin client wrapper for querying the indexer's JSON-RPC API in tests.
+//!
+//! The sequencer doesn't depend on the indexer at runtime — finalization comes
+//! from zone-sdk events. This wrapper exists purely for test ergonomics so
+//! integration tests can construct a single connection and call
+//! `indexer_service_rpc::RpcClient` methods directly via `Deref`.
+
+use std::ops::Deref;
+
+use anyhow::{Context as _, Result};
+use jsonrpsee::ws_client::{WsClient, WsClientBuilder};
+use log::info;
+use url::Url;
+
+pub struct IndexerClient(WsClient);
+
+impl IndexerClient {
+    pub async fn new(indexer_url: &Url) -> Result<Self> {
+        info!("Connecting to Indexer at {indexer_url}");
+        let client = WsClientBuilder::default()
+            .build(indexer_url)
+            .await
+            .context("Failed to create websocket client")?;
+        Ok(Self(client))
+    }
+}
+
+impl Deref for IndexerClient {
+    type Target = WsClient;
+
+    fn deref(&self) -> &Self::Target {
+        &self.0
+    }
+}
diff --git a/integration_tests/src/lib.rs b/integration_tests/src/lib.rs
index fcae2c71..2a9e7c67 100644
--- a/integration_tests/src/lib.rs
+++ b/integration_tests/src/lib.rs
@@ -9,16 +9,19 @@ use indexer_service::IndexerHandle;
 use log::{debug, error};
 use nssa::{AccountId, PrivacyPreservingTransaction};
 use nssa_core::Commitment;
-use sequencer_core::indexer_client::{IndexerClient, IndexerClientTrait as _};
 use sequencer_service::SequencerHandle;
 use sequencer_service_rpc::{RpcClient as _, SequencerClient, SequencerClientBuilder};
 use tempfile::TempDir;
 use testcontainers::compose::DockerCompose;
 use wallet::WalletCore;
 
-use crate::setup::{setup_bedrock_node, setup_indexer, setup_sequencer, setup_wallet};
+use crate::{
+    indexer_client::IndexerClient,
+    setup::{setup_bedrock_node, setup_indexer, setup_sequencer, setup_wallet},
+};
 
 pub mod config;
+pub mod indexer_client;
 pub mod setup;
 pub mod test_context_ffi;
 
@@ -77,14 +80,10 @@ impl TestContext {
             .await
             .context("Failed to setup Indexer")?;
 
-        let (sequencer_handle, temp_sequencer_dir) = setup_sequencer(
-            sequencer_partial_config,
-            bedrock_addr,
-            indexer_handle.addr(),
-            &initial_data,
-        )
-        .await
-        .context("Failed to setup Sequencer")?;
+        let (sequencer_handle, temp_sequencer_dir) =
+            setup_sequencer(sequencer_partial_config, bedrock_addr, &initial_data)
+                .await
+                .context("Failed to setup Sequencer")?;
 
         let (wallet, temp_wallet_dir, wallet_password) =
             setup_wallet(sequencer_handle.addr(), &initial_data)
diff --git a/integration_tests/src/setup.rs b/integration_tests/src/setup.rs
index 58b33c60..774c67e3 100644
--- a/integration_tests/src/setup.rs
+++ b/integration_tests/src/setup.rs
@@ -119,7 +119,6 @@ pub(crate) async fn setup_indexer(
 pub(crate) async fn setup_sequencer(
     partial: config::SequencerPartialConfig,
     bedrock_addr: SocketAddr,
-    indexer_addr: SocketAddr,
     initial_data: &config::InitialData,
 ) -> Result<(SequencerHandle, TempDir)> {
     let temp_sequencer_dir =
@@ -134,7 +133,6 @@ pub(crate) async fn setup_sequencer(
         partial,
         temp_sequencer_dir.path().to_owned(),
         bedrock_addr,
-        indexer_addr,
         initial_data,
     )
     .context("Failed to create Sequencer config")?;
diff --git a/integration_tests/src/test_context_ffi.rs b/integration_tests/src/test_context_ffi.rs
index cdf7db9a..d03a4e00 100644
--- a/integration_tests/src/test_context_ffi.rs
+++ b/integration_tests/src/test_context_ffi.rs
@@ -6,7 +6,6 @@ use indexer_ffi::IndexerServiceFFI;
 use indexer_service_rpc::RpcClient as _;
 use log::{debug, error};
 use nssa::AccountId;
-use sequencer_core::indexer_client::{IndexerClient, IndexerClientTrait as _};
 use sequencer_service::SequencerHandle;
 use sequencer_service_rpc::{RpcClient as _, SequencerClient, SequencerClientBuilder};
 use tempfile::TempDir;
@@ -15,6 +14,7 @@ use wallet::WalletCore;
 
 use crate::{
     BEDROCK_SERVICE_WITH_OPEN_PORT, LOGGER, TestContextBuilder, config,
+    indexer_client::IndexerClient,
     setup::{setup_bedrock_node, setup_indexer_ffi, setup_sequencer, setup_wallet},
 };
 
@@ -85,8 +85,6 @@ impl TestContextFFI {
             .block_on(setup_sequencer(
                 sequencer_partial_config,
                 bedrock_addr,
-                // SAFETY: addr is valid if indexer_ffi is valid.
-                unsafe { indexer_ffi.addr() },
                 initial_data,
             ))
             .context("Failed to setup Sequencer")?;
diff --git a/integration_tests/tests/account.rs b/integration_tests/tests/account.rs
index 60c1aeaa..47fda69f 100644
--- a/integration_tests/tests/account.rs
+++ b/integration_tests/tests/account.rs
@@ -4,7 +4,7 @@
 )]
 
 use anyhow::Result;
-use integration_tests::TestContext;
+use integration_tests::{TestContext, format_private_account_id};
 use log::info;
 use nssa::program::Program;
 use sequencer_service_rpc::RpcClient as _;
@@ -70,34 +70,29 @@ async fn new_public_account_with_label() -> Result<()> {
 }
 
 #[test]
-async fn new_private_account_with_label() -> Result<()> {
+async fn add_label_to_existing_account() -> Result<()> {
     let mut ctx = TestContext::new().await?;
 
+    let account_id = ctx.existing_private_accounts()[0];
     let label = "my-test-private-account".to_owned();
-    let command = Command::Account(AccountSubcommand::New(NewSubcommand::Private {
-        cci: None,
-        label: Some(label.clone()),
-    }));
+    let command = Command::Account(AccountSubcommand::Label {
+        account_id: Some(format_private_account_id(account_id)),
+        account_label: None,
+        label: label.clone(),
+    });
 
-    let result = execute_subcommand(ctx.wallet_mut(), command).await?;
+    execute_subcommand(ctx.wallet_mut(), command).await?;
 
-    // Extract the account_id from the result
-
-    let wallet::cli::SubcommandReturnValue::RegisterAccount { account_id } = result else {
-        panic!("Expected RegisterAccount return value")
-    };
-
-    // Verify the label was stored
     let stored_label = ctx
         .wallet()
         .storage()
         .labels
         .get(&account_id.to_string())
-        .expect("Label should be stored for the new account");
+        .expect("Label should be stored for the account");
 
     assert_eq!(stored_label.to_string(), label);
 
-    info!("Successfully created private account with label");
+    info!("Successfully set label on existing private account");
 
     Ok(())
 }
diff --git a/integration_tests/tests/amm.rs b/integration_tests/tests/amm.rs
index dde9e7f5..3eaf35e2 100644
--- a/integration_tests/tests/amm.rs
+++ b/integration_tests/tests/amm.rs
@@ -133,6 +133,7 @@ async fn amm_public() -> Result<()> {
         to_label: None,
         to_npk: None,
         to_vpk: None,
+        to_identifier: Some(0),
         amount: 7,
     };
 
@@ -162,6 +163,7 @@ async fn amm_public() -> Result<()> {
         to_label: None,
         to_npk: None,
         to_vpk: None,
+        to_identifier: Some(0),
         amount: 7,
     };
 
@@ -550,6 +552,7 @@ async fn amm_new_pool_using_labels() -> Result<()> {
         to_label: None,
         to_npk: None,
         to_vpk: None,
+        to_identifier: Some(0),
         amount: 5,
     };
     wallet::cli::execute_subcommand(ctx.wallet_mut(), Command::Token(subcommand)).await?;
@@ -574,6 +577,7 @@ async fn amm_new_pool_using_labels() -> Result<()> {
         to_label: None,
         to_npk: None,
         to_vpk: None,
+        to_identifier: Some(0),
         amount: 5,
     };
     wallet::cli::execute_subcommand(ctx.wallet_mut(), Command::Token(subcommand)).await?;
diff --git a/integration_tests/tests/ata.rs b/integration_tests/tests/ata.rs
index c0918635..6f0bf05c 100644
--- a/integration_tests/tests/ata.rs
+++ b/integration_tests/tests/ata.rs
@@ -268,6 +268,7 @@ async fn transfer_and_burn_via_ata() -> Result<()> {
             to_label: None,
             to_npk: None,
             to_vpk: None,
+            to_identifier: Some(0),
             amount: fund_amount,
         }),
     )
@@ -500,6 +501,7 @@ async fn transfer_via_ata_private_owner() -> Result<()> {
             to_label: None,
             to_npk: None,
             to_vpk: None,
+            to_identifier: Some(0),
             amount: fund_amount,
         }),
     )
@@ -614,6 +616,7 @@ async fn burn_via_ata_private_owner() -> Result<()> {
             to_label: None,
             to_npk: None,
             to_vpk: None,
+            to_identifier: Some(0),
             amount: fund_amount,
         }),
     )
diff --git a/integration_tests/tests/auth_transfer/private.rs b/integration_tests/tests/auth_transfer/private.rs
index cf02d0ac..8db5f8d4 100644
--- a/integration_tests/tests/auth_transfer/private.rs
+++ b/integration_tests/tests/auth_transfer/private.rs
@@ -30,6 +30,7 @@ async fn private_transfer_to_owned_account() -> Result<()> {
         to_label: None,
         to_npk: None,
         to_vpk: None,
+        to_identifier: Some(0),
         amount: 100,
     });
 
@@ -71,6 +72,7 @@ async fn private_transfer_to_foreign_account() -> Result<()> {
         to_label: None,
         to_npk: Some(to_npk_string),
         to_vpk: Some(hex::encode(to_vpk.0)),
+        to_identifier: Some(0),
         amount: 100,
     });
 
@@ -121,6 +123,7 @@ async fn deshielded_transfer_to_public_account() -> Result<()> {
         to_label: None,
         to_npk: None,
         to_vpk: None,
+        to_identifier: Some(0),
         amount: 100,
     });
 
@@ -170,12 +173,11 @@ async fn private_transfer_to_owned_account_using_claiming_path() -> Result<()> {
     };
 
     // Get the keys for the newly created account
-    let (to_keys, _) = ctx
+    let (to_keys, _, to_identifier) = ctx
         .wallet()
         .storage()
         .user_data
         .get_private_account(to_account_id)
-        .cloned()
         .context("Failed to get private account")?;
 
     // Send to this account using claiming path (using npk and vpk instead of account ID)
@@ -186,6 +188,7 @@ async fn private_transfer_to_owned_account_using_claiming_path() -> Result<()> {
         to_label: None,
         to_npk: Some(hex::encode(to_keys.nullifier_public_key.0)),
         to_vpk: Some(hex::encode(to_keys.viewing_public_key.0)),
+        to_identifier: Some(to_identifier),
         amount: 100,
     });
 
@@ -236,6 +239,7 @@ async fn shielded_transfer_to_owned_private_account() -> Result<()> {
         to_label: None,
         to_npk: None,
         to_vpk: None,
+        to_identifier: Some(0),
         amount: 100,
     });
 
@@ -280,6 +284,7 @@ async fn shielded_transfer_to_foreign_account() -> Result<()> {
         to_label: None,
         to_npk: Some(to_npk_string),
         to_vpk: Some(hex::encode(to_vpk.0)),
+        to_identifier: Some(0),
         amount: 100,
     });
 
@@ -336,12 +341,11 @@ async fn private_transfer_to_owned_account_continuous_run_path() -> Result<()> {
     };
 
     // Get the newly created account's keys
-    let (to_keys, _) = ctx
+    let (to_keys, _, to_identifier) = ctx
         .wallet()
         .storage()
         .user_data
         .get_private_account(to_account_id)
-        .cloned()
         .context("Failed to get private account")?;
 
     // Send transfer using nullifier and  viewing public keys
@@ -352,6 +356,7 @@ async fn private_transfer_to_owned_account_continuous_run_path() -> Result<()> {
         to_label: None,
         to_npk: Some(hex::encode(to_keys.nullifier_public_key.0)),
         to_vpk: Some(hex::encode(to_keys.viewing_public_key.0)),
+        to_identifier: Some(to_identifier),
         amount: 100,
     });
 
@@ -455,6 +460,7 @@ async fn private_transfer_using_from_label() -> Result<()> {
         to_label: None,
         to_npk: None,
         to_vpk: None,
+        to_identifier: Some(0),
         amount: 100,
     });
 
@@ -527,3 +533,112 @@ async fn initialize_private_account_using_label() -> Result<()> {
 
     Ok(())
 }
+
+#[test]
+async fn shielded_transfers_to_two_identifiers_same_npk() -> Result<()> {
+    let mut ctx = TestContext::new().await?;
+
+    // Both transfers below will target this same node with distinct identifiers.
+    let chain_index = ctx.wallet_mut().create_private_accounts_key(None);
+    let (npk, vpk) = {
+        let node = ctx
+            .wallet()
+            .storage()
+            .user_data
+            .private_key_tree
+            .key_map
+            .get(&chain_index)
+            .expect("node was just inserted");
+        let key_chain = &node.value.0;
+        (
+            key_chain.nullifier_public_key,
+            key_chain.viewing_public_key.clone(),
+        )
+    };
+
+    let npk_hex = hex::encode(npk.0);
+    let vpk_hex = hex::encode(vpk.0);
+
+    let identifier_1 = 1_u128;
+    let identifier_2 = 2_u128;
+
+    let sender_0: AccountId = ctx.existing_public_accounts()[0];
+    let sender_1: AccountId = ctx.existing_public_accounts()[1];
+
+    wallet::cli::execute_subcommand(
+        ctx.wallet_mut(),
+        Command::AuthTransfer(AuthTransferSubcommand::Send {
+            from: Some(format_public_account_id(sender_0)),
+            from_label: None,
+            to: None,
+            to_label: None,
+            to_npk: Some(npk_hex.clone()),
+            to_vpk: Some(vpk_hex.clone()),
+            to_identifier: Some(identifier_1),
+            amount: 100,
+        }),
+    )
+    .await?;
+
+    wallet::cli::execute_subcommand(
+        ctx.wallet_mut(),
+        Command::AuthTransfer(AuthTransferSubcommand::Send {
+            from: Some(format_public_account_id(sender_1)),
+            from_label: None,
+            to: None,
+            to_label: None,
+            to_npk: Some(npk_hex),
+            to_vpk: Some(vpk_hex),
+            to_identifier: Some(identifier_2),
+            amount: 200,
+        }),
+    )
+    .await?;
+
+    info!("Waiting for next block creation");
+    tokio::time::sleep(Duration::from_secs(TIME_TO_WAIT_FOR_BLOCK_SECONDS)).await;
+
+    wallet::cli::execute_subcommand(
+        ctx.wallet_mut(),
+        Command::Account(AccountSubcommand::SyncPrivate {}),
+    )
+    .await?;
+
+    // Both accounts must be discovered with the correct balances.
+    let account_id_1 = AccountId::from((&npk, identifier_1));
+    let acc_1 = ctx
+        .wallet()
+        .get_account_private(account_id_1)
+        .context("account for identifier 1 not found after sync")?;
+    assert_eq!(acc_1.balance, 100);
+
+    let account_id_2 = AccountId::from((&npk, identifier_2));
+    let acc_2 = ctx
+        .wallet()
+        .get_account_private(account_id_2)
+        .context("account for identifier 2 not found after sync")?;
+    assert_eq!(acc_2.balance, 200);
+
+    // Both account ids must resolve to the same key node.
+    let tree = &ctx.wallet().storage().user_data.private_key_tree;
+    let ci_1 = tree
+        .account_id_map
+        .get(&account_id_1)
+        .context("account_id_1 missing from private_key_tree.account_id_map")?;
+    let ci_2 = tree
+        .account_id_map
+        .get(&account_id_2)
+        .context("account_id_2 missing from private_key_tree.account_id_map")?;
+    assert_eq!(
+        ci_1, ci_2,
+        "identifiers 1 and 2 under the same NPK must share a single chain_index"
+    );
+    assert_eq!(
+        ci_1, &chain_index,
+        "both accounts must resolve to the key node created at the start of the test"
+    );
+
+    info!("Successfully transferred to two distinct identifiers under the same NPK");
+
+    Ok(())
+}
diff --git a/integration_tests/tests/auth_transfer/public.rs b/integration_tests/tests/auth_transfer/public.rs
index 416c4490..e2b5a618 100644
--- a/integration_tests/tests/auth_transfer/public.rs
+++ b/integration_tests/tests/auth_transfer/public.rs
@@ -23,6 +23,7 @@ async fn successful_transfer_to_existing_account() -> Result<()> {
         to_label: None,
         to_npk: None,
         to_vpk: None,
+        to_identifier: Some(0),
         amount: 100,
     });
 
@@ -81,6 +82,7 @@ pub async fn successful_transfer_to_new_account() -> Result<()> {
         to_label: None,
         to_npk: None,
         to_vpk: None,
+        to_identifier: Some(0),
         amount: 100,
     });
 
@@ -119,6 +121,7 @@ async fn failed_transfer_with_insufficient_balance() -> Result<()> {
         to_label: None,
         to_npk: None,
         to_vpk: None,
+        to_identifier: Some(0),
         amount: 1_000_000,
     });
 
@@ -159,6 +162,7 @@ async fn two_consecutive_successful_transfers() -> Result<()> {
         to_label: None,
         to_npk: None,
         to_vpk: None,
+        to_identifier: Some(0),
         amount: 100,
     });
 
@@ -193,6 +197,7 @@ async fn two_consecutive_successful_transfers() -> Result<()> {
         to_label: None,
         to_npk: None,
         to_vpk: None,
+        to_identifier: Some(0),
         amount: 100,
     });
 
@@ -278,6 +283,7 @@ async fn successful_transfer_using_from_label() -> Result<()> {
         to_label: None,
         to_npk: None,
         to_vpk: None,
+        to_identifier: Some(0),
         amount: 100,
     });
 
@@ -325,6 +331,7 @@ async fn successful_transfer_using_to_label() -> Result<()> {
         to_label: Some(label),
         to_npk: None,
         to_vpk: None,
+        to_identifier: Some(0),
         amount: 100,
     });
 
diff --git a/integration_tests/tests/indexer.rs b/integration_tests/tests/indexer.rs
index f40b3607..21463117 100644
--- a/integration_tests/tests/indexer.rs
+++ b/integration_tests/tests/indexer.rs
@@ -111,6 +111,7 @@ async fn indexer_state_consistency() -> Result<()> {
         to_label: None,
         to_npk: None,
         to_vpk: None,
+        to_identifier: Some(0),
         amount: 100,
     });
 
@@ -147,6 +148,7 @@ async fn indexer_state_consistency() -> Result<()> {
         to_label: None,
         to_npk: None,
         to_vpk: None,
+        to_identifier: Some(0),
         amount: 100,
     });
 
@@ -233,6 +235,7 @@ async fn indexer_state_consistency_with_labels() -> Result<()> {
         to_label: Some(to_label_str),
         to_npk: None,
         to_vpk: None,
+        to_identifier: Some(0),
         amount: 100,
     });
 
diff --git a/integration_tests/tests/indexer_ffi.rs b/integration_tests/tests/indexer_ffi.rs
index 8ac74ee6..96196fbd 100644
--- a/integration_tests/tests/indexer_ffi.rs
+++ b/integration_tests/tests/indexer_ffi.rs
@@ -130,6 +130,7 @@ fn indexer_ffi_state_consistency() -> Result<()> {
         to_npk: None,
         to_vpk: None,
         amount: 100,
+        to_identifier: Some(0),
     });
 
     runtime_wrapped.block_on(wallet::cli::execute_subcommand(ctx.wallet_mut(), command))?;
@@ -171,6 +172,7 @@ fn indexer_ffi_state_consistency() -> Result<()> {
         to_npk: None,
         to_vpk: None,
         amount: 100,
+        to_identifier: Some(0),
     });
 
     runtime_wrapped.block_on(wallet::cli::execute_subcommand(ctx.wallet_mut(), command))?;
@@ -281,6 +283,7 @@ fn indexer_ffi_state_consistency_with_labels() -> Result<()> {
         to_npk: None,
         to_vpk: None,
         amount: 100,
+        to_identifier: Some(0),
     });
 
     runtime_wrapped.block_on(wallet::cli::execute_subcommand(ctx.wallet_mut(), command))?;
diff --git a/integration_tests/tests/keys_restoration.rs b/integration_tests/tests/keys_restoration.rs
index 8dca027c..ff339120 100644
--- a/integration_tests/tests/keys_restoration.rs
+++ b/integration_tests/tests/keys_restoration.rs
@@ -59,12 +59,11 @@ async fn sync_private_account_with_non_zero_chain_index() -> Result<()> {
     };
 
     // Get the keys for the newly created account
-    let (to_keys, _) = ctx
+    let (to_keys, _, to_identifier) = ctx
         .wallet()
         .storage()
         .user_data
         .get_private_account(to_account_id)
-        .cloned()
         .context("Failed to get private account")?;
 
     // Send to this account using claiming path (using npk and vpk instead of account ID)
@@ -75,6 +74,7 @@ async fn sync_private_account_with_non_zero_chain_index() -> Result<()> {
         to_label: None,
         to_npk: Some(hex::encode(to_keys.nullifier_public_key.0)),
         to_vpk: Some(hex::encode(to_keys.viewing_public_key.0)),
+        to_identifier: Some(to_identifier),
         amount: 100,
     });
 
@@ -151,6 +151,7 @@ async fn restore_keys_from_seed() -> Result<()> {
         to_label: None,
         to_npk: None,
         to_vpk: None,
+        to_identifier: Some(0),
         amount: 100,
     });
     wallet::cli::execute_subcommand(ctx.wallet_mut(), command).await?;
@@ -163,6 +164,7 @@ async fn restore_keys_from_seed() -> Result<()> {
         to_label: None,
         to_npk: None,
         to_vpk: None,
+        to_identifier: Some(0),
         amount: 101,
     });
     wallet::cli::execute_subcommand(ctx.wallet_mut(), command).await?;
@@ -203,6 +205,7 @@ async fn restore_keys_from_seed() -> Result<()> {
         to_label: None,
         to_npk: None,
         to_vpk: None,
+        to_identifier: Some(0),
         amount: 102,
     });
     wallet::cli::execute_subcommand(ctx.wallet_mut(), command).await?;
@@ -215,6 +218,7 @@ async fn restore_keys_from_seed() -> Result<()> {
         to_label: None,
         to_npk: None,
         to_vpk: None,
+        to_identifier: Some(0),
         amount: 103,
     });
     wallet::cli::execute_subcommand(ctx.wallet_mut(), command).await?;
@@ -259,16 +263,16 @@ async fn restore_keys_from_seed() -> Result<()> {
         .expect("Acc 4 should be restored");
 
     assert_eq!(
-        acc1.value.1.program_owner,
+        acc1.value.1[0].1.program_owner,
         Program::authenticated_transfer_program().id()
     );
     assert_eq!(
-        acc2.value.1.program_owner,
+        acc2.value.1[0].1.program_owner,
         Program::authenticated_transfer_program().id()
     );
 
-    assert_eq!(acc1.value.1.balance, 100);
-    assert_eq!(acc2.value.1.balance, 101);
+    assert_eq!(acc1.value.1[0].1.balance, 100);
+    assert_eq!(acc2.value.1[0].1.balance, 101);
 
     info!("Tree checks passed, testing restored accounts can transact");
 
@@ -280,6 +284,7 @@ async fn restore_keys_from_seed() -> Result<()> {
         to_label: None,
         to_npk: None,
         to_vpk: None,
+        to_identifier: Some(0),
         amount: 10,
     });
     wallet::cli::execute_subcommand(ctx.wallet_mut(), command).await?;
@@ -291,6 +296,7 @@ async fn restore_keys_from_seed() -> Result<()> {
         to_label: None,
         to_npk: None,
         to_vpk: None,
+        to_identifier: Some(0),
         amount: 11,
     });
     wallet::cli::execute_subcommand(ctx.wallet_mut(), command).await?;
diff --git a/integration_tests/tests/token.rs b/integration_tests/tests/token.rs
index e40e27c8..6db718f9 100644
--- a/integration_tests/tests/token.rs
+++ b/integration_tests/tests/token.rs
@@ -134,6 +134,7 @@ async fn create_and_transfer_public_token() -> Result<()> {
         to_label: None,
         to_npk: None,
         to_vpk: None,
+        to_identifier: Some(0),
         amount: transfer_amount,
     };
 
@@ -227,6 +228,7 @@ async fn create_and_transfer_public_token() -> Result<()> {
         holder_label: None,
         holder_npk: None,
         holder_vpk: None,
+        holder_identifier: None,
         amount: mint_amount,
     };
 
@@ -372,6 +374,7 @@ async fn create_and_transfer_token_with_private_supply() -> Result<()> {
         to_label: None,
         to_npk: None,
         to_vpk: None,
+        to_identifier: Some(0),
         amount: transfer_amount,
     };
 
@@ -566,6 +569,7 @@ async fn create_token_with_private_definition() -> Result<()> {
         holder_label: None,
         holder_npk: None,
         holder_vpk: None,
+        holder_identifier: None,
         amount: mint_amount_public,
     };
 
@@ -614,6 +618,7 @@ async fn create_token_with_private_definition() -> Result<()> {
         holder_label: None,
         holder_npk: None,
         holder_vpk: None,
+        holder_identifier: None,
         amount: mint_amount_private,
     };
 
@@ -756,6 +761,7 @@ async fn create_token_with_private_definition_and_supply() -> Result<()> {
         to_label: None,
         to_npk: None,
         to_vpk: None,
+        to_identifier: Some(0),
         amount: transfer_amount,
     };
 
@@ -887,6 +893,7 @@ async fn shielded_token_transfer() -> Result<()> {
         to_label: None,
         to_npk: None,
         to_vpk: None,
+        to_identifier: Some(0),
         amount: transfer_amount,
     };
 
@@ -1013,6 +1020,7 @@ async fn deshielded_token_transfer() -> Result<()> {
         to_label: None,
         to_npk: None,
         to_vpk: None,
+        to_identifier: Some(0),
         amount: transfer_amount,
     };
 
@@ -1131,12 +1139,11 @@ async fn token_claiming_path_with_private_accounts() -> Result<()> {
     };
 
     // Get keys for foreign mint (claiming path)
-    let (holder_keys, _) = ctx
+    let (holder_keys, _, holder_identifier) = ctx
         .wallet()
         .storage()
         .user_data
         .get_private_account(recipient_account_id)
-        .cloned()
         .context("Failed to get private account keys")?;
 
     // Mint using claiming path (foreign account)
@@ -1148,6 +1155,7 @@ async fn token_claiming_path_with_private_accounts() -> Result<()> {
         holder_label: None,
         holder_npk: Some(hex::encode(holder_keys.nullifier_public_key.0)),
         holder_vpk: Some(hex::encode(holder_keys.viewing_public_key.0)),
+        holder_identifier: Some(holder_identifier),
         amount: mint_amount,
     };
 
@@ -1351,6 +1359,7 @@ async fn transfer_token_using_from_label() -> Result<()> {
         to_label: None,
         to_npk: None,
         to_vpk: None,
+        to_identifier: Some(0),
         amount: transfer_amount,
     };
     wallet::cli::execute_subcommand(ctx.wallet_mut(), Command::Token(subcommand)).await?;
diff --git a/integration_tests/tests/tps.rs b/integration_tests/tests/tps.rs
index 7d2a6d29..df74daba 100644
--- a/integration_tests/tests/tps.rs
+++ b/integration_tests/tests/tps.rs
@@ -27,7 +27,7 @@ use nssa::{
     public_transaction as putx,
 };
 use nssa_core::{
-    MembershipProof, NullifierPublicKey,
+    InputAccountIdentity, MembershipProof, NullifierPublicKey,
     account::{AccountWithMetadata, Nonce, data::Data},
     encryption::ViewingPublicKey,
 };
@@ -220,14 +220,17 @@ fn build_privacy_transaction() -> PrivacyPreservingTransaction {
             data: Data::default(),
         },
         true,
-        AccountId::from(&sender_npk),
+        AccountId::from((&sender_npk, 0)),
     );
     let recipient_nsk = [2; 32];
     let recipient_vsk = [99; 32];
     let recipient_vpk = ViewingPublicKey::from_scalar(recipient_vsk);
     let recipient_npk = NullifierPublicKey::from(&recipient_nsk);
-    let recipient_pre =
-        AccountWithMetadata::new(Account::default(), false, AccountId::from(&recipient_npk));
+    let recipient_pre = AccountWithMetadata::new(
+        Account::default(),
+        false,
+        AccountId::from((&recipient_npk, 0)),
+    );
 
     let eph_holder_from = EphemeralKeyHolder::new(&sender_npk);
     let sender_ss = eph_holder_from.calculate_shared_secret_sender(&sender_vpk);
@@ -248,10 +251,19 @@ fn build_privacy_transaction() -> PrivacyPreservingTransaction {
     let (output, proof) = circuit::execute_and_prove(
         vec![sender_pre, recipient_pre],
         Program::serialize_instruction(balance_to_move).unwrap(),
-        vec![1, 2],
-        vec![(sender_npk, sender_ss), (recipient_npk, recipient_ss)],
-        vec![sender_nsk],
-        vec![Some(proof)],
+        vec![
+            InputAccountIdentity::PrivateAuthorizedUpdate {
+                ssk: sender_ss,
+                nsk: sender_nsk,
+                membership_proof: proof,
+                identifier: 0,
+            },
+            InputAccountIdentity::PrivateUnauthorized {
+                npk: recipient_npk,
+                ssk: recipient_ss,
+                identifier: 0,
+            },
+        ],
         &program.into(),
     )
     .unwrap();
diff --git a/integration_tests/tests/wallet_ffi.rs b/integration_tests/tests/wallet_ffi.rs
index ac548280..db84b066 100644
--- a/integration_tests/tests/wallet_ffi.rs
+++ b/integration_tests/tests/wallet_ffi.rs
@@ -26,7 +26,7 @@ use nssa_core::program::DEFAULT_PROGRAM_ID;
 use tempfile::tempdir;
 use wallet_ffi::{
     FfiAccount, FfiAccountList, FfiBytes32, FfiPrivateAccountKeys, FfiPublicAccountKey,
-    FfiTransferResult, WalletHandle, error,
+    FfiTransferResult, FfiU128, WalletHandle, error,
 };
 
 unsafe extern "C" {
@@ -53,6 +53,11 @@ unsafe extern "C" {
         out_account_id: *mut FfiBytes32,
     ) -> error::WalletFfiError;
 
+    fn wallet_ffi_create_private_accounts_key(
+        handle: *mut WalletHandle,
+        out_keys: *mut FfiPrivateAccountKeys,
+    ) -> error::WalletFfiError;
+
     fn wallet_ffi_list_accounts(
         handle: *mut WalletHandle,
         out_list: *mut FfiAccountList,
@@ -116,6 +121,7 @@ unsafe extern "C" {
         handle: *mut WalletHandle,
         from: *const FfiBytes32,
         to_keys: *const FfiPrivateAccountKeys,
+        to_identifier: *const FfiU128,
         amount: *const [u8; 16],
         out_result: *mut FfiTransferResult,
     ) -> error::WalletFfiError;
@@ -132,6 +138,7 @@ unsafe extern "C" {
         handle: *mut WalletHandle,
         from: *const FfiBytes32,
         to_keys: *const FfiPrivateAccountKeys,
+        to_identifier: *const FfiU128,
         amount: *const [u8; 16],
         out_result: *mut FfiTransferResult,
     ) -> error::WalletFfiError;
@@ -260,33 +267,28 @@ fn wallet_ffi_create_public_accounts() -> Result<()> {
 fn wallet_ffi_create_private_accounts() -> Result<()> {
     let password = "password_for_tests";
     let n_accounts = 10;
-    // Create `n_accounts` private accounts with wallet FFI
-    let new_private_account_ids_ffi = unsafe {
-        let mut account_ids = Vec::new();
+    // Create `n_accounts` receiving keys with wallet FFI
+    let new_npks_ffi = unsafe {
+        let mut npks = Vec::new();
 
         let wallet_ffi_handle = new_wallet_ffi_with_default_config(password)?;
         for _ in 0..n_accounts {
-            let mut out_account_id = FfiBytes32::from_bytes([0; 32]);
-            wallet_ffi_create_account_private(wallet_ffi_handle, &raw mut out_account_id);
-            account_ids.push(out_account_id.data);
+            let mut out_keys = FfiPrivateAccountKeys::default();
+            wallet_ffi_create_private_accounts_key(wallet_ffi_handle, &raw mut out_keys);
+            npks.push(out_keys.nullifier_public_key.data);
+            wallet_ffi_free_private_account_keys(&raw mut out_keys);
         }
         wallet_ffi_destroy(wallet_ffi_handle);
-        account_ids
+        npks
     };
 
-    // All returned IDs must be unique and non-zero
-    assert_eq!(new_private_account_ids_ffi.len(), n_accounts);
-    let unique: HashSet<_> = new_private_account_ids_ffi.iter().collect();
-    assert_eq!(
-        unique.len(),
-        n_accounts,
-        "Duplicate private account IDs returned"
-    );
+    // All returned NPKs must be unique and non-zero
+    assert_eq!(new_npks_ffi.len(), n_accounts);
+    let unique: HashSet<_> = new_npks_ffi.iter().collect();
+    assert_eq!(unique.len(), n_accounts, "Duplicate NPKs returned");
     assert!(
-        new_private_account_ids_ffi
-            .iter()
-            .all(|id| *id != [0_u8; 32]),
-        "Zero account ID returned"
+        new_npks_ffi.iter().all(|id| *id != [0_u8; 32]),
+        "Zero NPK returned"
     );
 
     Ok(())
@@ -294,46 +296,35 @@ fn wallet_ffi_create_private_accounts() -> Result<()> {
 #[test]
 fn wallet_ffi_save_and_load_persistent_storage() -> Result<()> {
     let ctx = BlockingTestContext::new()?;
-    let mut out_private_account_id = FfiBytes32::from_bytes([0; 32]);
     let home = tempfile::tempdir()?;
-
-    // Create a private account with the wallet FFI and save it
-    unsafe {
+    // Create a receiving key and save
+    let first_npk = unsafe {
         let wallet_ffi_handle = new_wallet_ffi_with_test_context_config(&ctx, home.path())?;
-        wallet_ffi_create_account_private(wallet_ffi_handle, &raw mut out_private_account_id);
-
+        let mut out_keys = FfiPrivateAccountKeys::default();
+        wallet_ffi_create_private_accounts_key(wallet_ffi_handle, &raw mut out_keys);
+        let npk = out_keys.nullifier_public_key.data;
+        wallet_ffi_free_private_account_keys(&raw mut out_keys);
         wallet_ffi_save(wallet_ffi_handle);
         wallet_ffi_destroy(wallet_ffi_handle);
-    }
-
-    let private_account_keys = unsafe {
-        let wallet_ffi_handle = load_existing_ffi_wallet(home.path())?;
-
-        let mut private_account = FfiAccount::default();
-
-        let result = wallet_ffi_get_account_private(
-            wallet_ffi_handle,
-            &raw const out_private_account_id,
-            &raw mut private_account,
-        );
-        assert_eq!(result, error::WalletFfiError::Success);
-
-        let mut out_keys = FfiPrivateAccountKeys::default();
-        let result = wallet_ffi_get_private_account_keys(
-            wallet_ffi_handle,
-            &raw const out_private_account_id,
-            &raw mut out_keys,
-        );
-        assert_eq!(result, error::WalletFfiError::Success);
-
-        wallet_ffi_destroy(wallet_ffi_handle);
-
-        out_keys
+        npk
     };
 
-    assert_eq!(
-        nssa::AccountId::from(&private_account_keys.npk()),
-        out_private_account_id.into()
+    // After loading, creating a new key should yield a different NPK (state was persisted)
+    let second_npk = unsafe {
+        let wallet_ffi_handle = load_existing_ffi_wallet(home.path())?;
+        let mut out_keys = FfiPrivateAccountKeys::default();
+        wallet_ffi_create_private_accounts_key(wallet_ffi_handle, &raw mut out_keys);
+        let npk = out_keys.nullifier_public_key.data;
+        wallet_ffi_free_private_account_keys(&raw mut out_keys);
+        wallet_ffi_destroy(wallet_ffi_handle);
+        npk
+    };
+
+    assert_ne!(first_npk, [0_u8; 32], "First NPK should be non-zero");
+    assert_ne!(second_npk, [0_u8; 32], "Second NPK should be non-zero");
+    assert_ne!(
+        first_npk, second_npk,
+        "Keys should differ after state was persisted"
     );
 
     Ok(())
@@ -344,22 +335,22 @@ fn test_wallet_ffi_list_accounts() -> Result<()> {
     let password = "password_for_tests";
 
     // Create the wallet FFI and track which account IDs were created as public/private
-    let (wallet_ffi_handle, created_public_ids, created_private_ids) = unsafe {
+    let (wallet_ffi_handle, created_public_ids) = unsafe {
         let handle = new_wallet_ffi_with_default_config(password)?;
         let mut public_ids: Vec<[u8; 32]> = Vec::new();
-        let mut private_ids: Vec<[u8; 32]> = Vec::new();
 
-        // Create 5 public accounts and 5 private accounts, recording their IDs
+        // Create 5 public accounts and 5 receiving keys
         for _ in 0..5 {
             let mut out_account_id = FfiBytes32::from_bytes([0; 32]);
             wallet_ffi_create_account_public(handle, &raw mut out_account_id);
             public_ids.push(out_account_id.data);
 
-            wallet_ffi_create_account_private(handle, &raw mut out_account_id);
-            private_ids.push(out_account_id.data);
+            let mut out_keys = FfiPrivateAccountKeys::default();
+            wallet_ffi_create_private_accounts_key(handle, &raw mut out_keys);
+            wallet_ffi_free_private_account_keys(&raw mut out_keys);
         }
 
-        (handle, public_ids, private_ids)
+        (handle, public_ids)
     };
 
     // Get the account list with FFI method
@@ -382,31 +373,19 @@ fn test_wallet_ffi_list_accounts() -> Result<()> {
         .filter(|e| e.is_public)
         .map(|e| e.account_id.data)
         .collect();
-    let listed_private_ids: HashSet<[u8; 32]> = wallet_ffi_account_list_slice
-        .iter()
-        .filter(|e| !e.is_public)
-        .map(|e| e.account_id.data)
-        .collect();
-
     for id in &created_public_ids {
         assert!(
             listed_public_ids.contains(id),
             "Created public account not found in list with is_public=true"
         );
     }
-    for id in &created_private_ids {
-        assert!(
-            listed_private_ids.contains(id),
-            "Created private account not found in list with is_public=false"
-        );
-    }
-
-    // Total listed accounts must be at least the number we created
+    // Total listed accounts must be at least the number of public accounts created
+    // (receiving keys without synced accounts don't appear in the list)
     assert!(
-        wallet_ffi_account_list.count >= created_public_ids.len() + created_private_ids.len(),
-        "Listed account count ({}) is less than the number of created accounts ({})",
+        wallet_ffi_account_list.count >= created_public_ids.len(),
+        "Listed account count ({}) is less than the number of created public accounts ({})",
         wallet_ffi_account_list.count,
-        created_public_ids.len() + created_private_ids.len()
+        created_public_ids.len()
     );
 
     unsafe {
@@ -710,25 +689,13 @@ fn wallet_ffi_init_private_account_auth_transfer() -> Result<()> {
     let home = tempfile::tempdir()?;
     let wallet_ffi_handle = new_wallet_ffi_with_test_context_config(&ctx, home.path())?;
 
-    // Create a new uninitialized public account
-    let mut out_account_id = FfiBytes32::from_bytes([0; 32]);
+    // Create a new private account
+    let mut out_account_id = FfiBytes32::default();
     unsafe {
         wallet_ffi_create_account_private(wallet_ffi_handle, &raw mut out_account_id);
     }
 
-    // Check its program owner is the default program id
-    let account: Account = unsafe {
-        let mut out_account = FfiAccount::default();
-        wallet_ffi_get_account_private(
-            wallet_ffi_handle,
-            &raw const out_account_id,
-            &raw mut out_account,
-        );
-        (&out_account).try_into().unwrap()
-    };
-    assert_eq!(account.program_owner, DEFAULT_PROGRAM_ID);
-
-    // Call the init funciton
+    // Call the init function
     let mut transfer_result = FfiTransferResult::default();
     unsafe {
         wallet_ffi_register_private_account(
@@ -832,24 +799,24 @@ fn test_wallet_ffi_transfer_shielded() -> Result<()> {
     let wallet_ffi_handle = new_wallet_ffi_with_test_context_config(&ctx, home.path())?;
     let from: FfiBytes32 = (&ctx.ctx().existing_public_accounts()[0]).into();
     let (to, to_keys) = unsafe {
-        let mut out_account_id = FfiBytes32::default();
         let mut out_keys = FfiPrivateAccountKeys::default();
-        wallet_ffi_create_account_private(wallet_ffi_handle, &raw mut out_account_id);
-        wallet_ffi_get_private_account_keys(
-            wallet_ffi_handle,
-            &raw const out_account_id,
-            &raw mut out_keys,
-        );
-        (out_account_id, out_keys)
+        wallet_ffi_create_private_accounts_key(wallet_ffi_handle, &raw mut out_keys);
+        let account_id = nssa::AccountId::from((&out_keys.npk(), 0_u128));
+        let to: FfiBytes32 = (&account_id).into();
+        (to, out_keys)
     };
     let amount: [u8; 16] = 100_u128.to_le_bytes();
 
     let mut transfer_result = FfiTransferResult::default();
     unsafe {
+        let to_identifier = FfiU128 {
+            data: 0_u128.to_le_bytes(),
+        };
         wallet_ffi_transfer_shielded(
             wallet_ffi_handle,
             &raw const from,
             &raw const to_keys,
+            &raw const to_identifier,
             &raw const amount,
             &raw mut transfer_result,
         );
@@ -966,25 +933,25 @@ fn test_wallet_ffi_transfer_private() -> Result<()> {
 
     let from: FfiBytes32 = (&ctx.ctx().existing_private_accounts()[0]).into();
     let (to, to_keys) = unsafe {
-        let mut out_account_id = FfiBytes32::default();
         let mut out_keys = FfiPrivateAccountKeys::default();
-        wallet_ffi_create_account_private(wallet_ffi_handle, &raw mut out_account_id);
-        wallet_ffi_get_private_account_keys(
-            wallet_ffi_handle,
-            &raw const out_account_id,
-            &raw mut out_keys,
-        );
-        (out_account_id, out_keys)
+        wallet_ffi_create_private_accounts_key(wallet_ffi_handle, &raw mut out_keys);
+        let account_id = nssa::AccountId::from((&out_keys.npk(), 0_u128));
+        let to: FfiBytes32 = (&account_id).into();
+        (to, out_keys)
     };
 
     let amount: [u8; 16] = 100_u128.to_le_bytes();
 
     let mut transfer_result = FfiTransferResult::default();
     unsafe {
+        let to_identifier = FfiU128 {
+            data: 0_u128.to_le_bytes(),
+        };
         wallet_ffi_transfer_private(
             wallet_ffi_handle,
             &raw const from,
             &raw const to_keys,
+            &raw const to_identifier,
             &raw const amount,
             &raw mut transfer_result,
         );
diff --git a/key_protocol/Cargo.toml b/key_protocol/Cargo.toml
index 022f3ccd..72829ca8 100644
--- a/key_protocol/Cargo.toml
+++ b/key_protocol/Cargo.toml
@@ -26,3 +26,4 @@ itertools.workspace = true
 
 [dev-dependencies]
 base58.workspace = true
+bincode.workspace = true
diff --git a/key_protocol/src/key_management/group_key_holder.rs b/key_protocol/src/key_management/group_key_holder.rs
new file mode 100644
index 00000000..9e7bd8fc
--- /dev/null
+++ b/key_protocol/src/key_management/group_key_holder.rs
@@ -0,0 +1,504 @@
+use aes_gcm::{Aes256Gcm, KeyInit as _, aead::Aead as _};
+use nssa_core::{
+    SharedSecretKey,
+    encryption::{Scalar, shared_key_derivation::Secp256k1Point},
+    program::PdaSeed,
+};
+use rand::{RngCore as _, rngs::OsRng};
+use serde::{Deserialize, Serialize};
+use sha2::{Digest as _, digest::FixedOutput as _};
+
+use super::secret_holders::{PrivateKeyHolder, SecretSpendingKey};
+
+/// Public key used to seal a `GroupKeyHolder` for distribution to a recipient.
+///
+/// Structurally identical to `ViewingPublicKey` (both are secp256k1 points), but given
+/// a distinct alias to clarify intent: viewing keys encrypt account state, sealing keys
+/// encrypt the GMS for off-chain distribution.
+pub type SealingPublicKey = Secp256k1Point;
+
+/// Secret key used to unseal a `GroupKeyHolder` received from another member.
+pub type SealingSecretKey = Scalar;
+
+/// Manages shared viewing keys for a group of controllers owning private PDAs.
+///
+/// The Group Master Secret (GMS) is a 32-byte random value shared among controllers.
+/// Each private PDA owned by the group gets a unique [`SecretSpendingKey`] derived from
+/// the GMS by mixing the PDA seed into the SHA-256 input (see `secret_spending_key_for_pda`).
+///
+/// # Distribution
+///
+/// The GMS is a long-term secret and must never cross a trust boundary in raw form.
+/// Controllers share it off-chain by sealing it under each recipient's [`SealingPublicKey`]
+/// (see `seal_for` / `unseal`). Wallets persisting a `GroupKeyHolder` must encrypt it at
+/// rest; the raw bytes are exposed only via [`GroupKeyHolder::dangerous_raw_gms`], which
+/// is intended for the sealing path exclusively.
+///
+/// # Logging safety
+///
+/// `Debug` is implemented manually to redact the GMS; formatting this value with `{:?}`
+/// will not leak the secret. Code that formats through `{:#?}` on containing types is
+/// safe for the same reason.
+#[derive(Serialize, Deserialize, Clone)]
+pub struct GroupKeyHolder {
+    gms: [u8; 32],
+}
+
+impl std::fmt::Debug for GroupKeyHolder {
+    fn fmt(&self, f: &mut std::fmt::Formatter<'_>) -> std::fmt::Result {
+        f.debug_struct("GroupKeyHolder")
+            .field("gms", &"<redacted>")
+            .finish()
+    }
+}
+
+impl Default for GroupKeyHolder {
+    fn default() -> Self {
+        Self::new()
+    }
+}
+
+impl GroupKeyHolder {
+    /// Create a new group with a fresh random GMS.
+    #[must_use]
+    pub fn new() -> Self {
+        let mut gms = [0_u8; 32];
+        OsRng.fill_bytes(&mut gms);
+        Self { gms }
+    }
+
+    /// Restore from an existing GMS (received via `unseal`).
+    #[must_use]
+    pub const fn from_gms(gms: [u8; 32]) -> Self {
+        Self { gms }
+    }
+
+    /// Returns the raw 32-byte GMS. The name reflects intent: only the sealed-distribution
+    /// path (`seal_for`) and sealed-at-rest persistence should ever need the raw bytes. Do
+    /// not log the result, do not pass it across an untrusted channel.
+    #[must_use]
+    pub const fn dangerous_raw_gms(&self) -> &[u8; 32] {
+        &self.gms
+    }
+
+    /// Derive a per-PDA [`SecretSpendingKey`] by mixing the seed into the SHA-256 input.
+    ///
+    /// Each distinct `pda_seed` produces a distinct SSK in the full 256-bit space, so
+    /// adversarial seed-grinding cannot collide two PDAs' derived keys under the same
+    /// group. Uses the codebase's 32-byte protocol-versioned domain-separation convention.
+    fn secret_spending_key_for_pda(&self, pda_seed: &PdaSeed) -> SecretSpendingKey {
+        const PREFIX: &[u8; 32] = b"/LEE/v0.3/GroupKeyDerivation/SSK";
+        let mut hasher = sha2::Sha256::new();
+        hasher.update(PREFIX);
+        hasher.update(self.gms);
+        hasher.update(pda_seed.as_ref());
+        SecretSpendingKey(hasher.finalize_fixed().into())
+    }
+
+    /// Derive keys for a specific PDA.
+    ///
+    /// All controllers holding the same GMS independently derive the same keys for the
+    /// same PDA because the derivation is deterministic in (GMS, seed).
+    #[must_use]
+    pub fn derive_keys_for_pda(&self, pda_seed: &PdaSeed) -> PrivateKeyHolder {
+        self.secret_spending_key_for_pda(pda_seed)
+            .produce_private_key_holder(None)
+    }
+
+    /// Encrypts this holder's GMS under the recipient's [`SealingPublicKey`].
+    ///
+    /// Uses an ephemeral ECDH key exchange to derive a shared secret, then AES-256-GCM
+    /// to encrypt the payload. The returned bytes are
+    /// `ephemeral_pubkey (33) || nonce (12) || ciphertext+tag (48)` = 93 bytes.
+    ///
+    /// Each call generates a fresh ephemeral key, so two seals of the same holder produce
+    /// different ciphertexts.
+    #[must_use]
+    pub fn seal_for(&self, recipient_key: &SealingPublicKey) -> Vec<u8> {
+        let mut ephemeral_scalar: Scalar = [0_u8; 32];
+        OsRng.fill_bytes(&mut ephemeral_scalar);
+        let ephemeral_pubkey = Secp256k1Point::from_scalar(ephemeral_scalar);
+        let shared = SharedSecretKey::new(&ephemeral_scalar, recipient_key);
+        let aes_key = Self::seal_kdf(&shared);
+        let cipher = Aes256Gcm::new(&aes_key.into());
+
+        let mut nonce_bytes = [0_u8; 12];
+        OsRng.fill_bytes(&mut nonce_bytes);
+        let nonce = aes_gcm::Nonce::from(nonce_bytes);
+
+        let ciphertext = cipher
+            .encrypt(&nonce, self.gms.as_ref())
+            .expect("AES-GCM encryption should not fail with valid key/nonce");
+
+        let capacity = 33_usize
+            .checked_add(12)
+            .and_then(|n| n.checked_add(ciphertext.len()))
+            .expect("seal capacity overflow");
+        let mut out = Vec::with_capacity(capacity);
+        out.extend_from_slice(&ephemeral_pubkey.0);
+        out.extend_from_slice(&nonce_bytes);
+        out.extend_from_slice(&ciphertext);
+        out
+    }
+
+    /// Decrypts a sealed `GroupKeyHolder` using the recipient's [`SealingSecretKey`].
+    ///
+    /// Returns `Err` if the ciphertext is too short, the ECDH point is invalid, or the
+    /// AES-GCM authentication tag doesn't verify (wrong key or tampered data).
+    pub fn unseal(sealed: &[u8], own_key: &SealingSecretKey) -> Result<Self, SealError> {
+        const HEADER_LEN: usize = 33 + 12;
+        const MIN_LEN: usize = HEADER_LEN + 16;
+        if sealed.len() < MIN_LEN {
+            return Err(SealError::TooShort);
+        }
+        // MIN_LEN (61) > HEADER_LEN (45), so all slicing below is in bounds.
+        let ephemeral_pubkey = Secp256k1Point(sealed[..33].to_vec());
+        let nonce = aes_gcm::Nonce::from_slice(&sealed[33..HEADER_LEN]);
+        let ciphertext = &sealed[HEADER_LEN..];
+
+        let shared = SharedSecretKey::new(own_key, &ephemeral_pubkey);
+        let aes_key = Self::seal_kdf(&shared);
+        let cipher = Aes256Gcm::new(&aes_key.into());
+
+        let plaintext = cipher
+            .decrypt(nonce, ciphertext)
+            .map_err(|_err| SealError::DecryptionFailed)?;
+
+        if plaintext.len() != 32 {
+            return Err(SealError::DecryptionFailed);
+        }
+
+        let mut gms = [0_u8; 32];
+        gms.copy_from_slice(&plaintext);
+        Ok(Self::from_gms(gms))
+    }
+
+    /// Derives an AES-256 key from the ECDH shared secret via SHA-256 with a domain prefix.
+    fn seal_kdf(shared: &SharedSecretKey) -> [u8; 32] {
+        const PREFIX: &[u8; 32] = b"/LEE/v0.3/GroupKeySeal/AES\x00\x00\x00\x00\x00\x00";
+        let mut hasher = sha2::Sha256::new();
+        hasher.update(PREFIX);
+        hasher.update(shared.0);
+        hasher.finalize_fixed().into()
+    }
+}
+
+#[derive(Debug)]
+pub enum SealError {
+    TooShort,
+    DecryptionFailed,
+}
+
+#[cfg(test)]
+mod tests {
+    use nssa_core::NullifierPublicKey;
+
+    use super::*;
+
+    /// Two holders from the same GMS derive identical keys for the same PDA seed.
+    #[test]
+    fn same_gms_same_seed_produces_same_keys() {
+        let gms = [42_u8; 32];
+        let holder_a = GroupKeyHolder::from_gms(gms);
+        let holder_b = GroupKeyHolder::from_gms(gms);
+        let seed = PdaSeed::new([1; 32]);
+
+        let keys_a = holder_a.derive_keys_for_pda(&seed);
+        let keys_b = holder_b.derive_keys_for_pda(&seed);
+
+        assert_eq!(
+            keys_a.generate_nullifier_public_key().to_byte_array(),
+            keys_b.generate_nullifier_public_key().to_byte_array(),
+        );
+    }
+
+    /// Different PDA seeds produce different keys from the same GMS.
+    #[test]
+    fn same_gms_different_seed_produces_different_keys() {
+        let holder = GroupKeyHolder::from_gms([42_u8; 32]);
+        let seed_a = PdaSeed::new([1; 32]);
+        let seed_b = PdaSeed::new([2; 32]);
+
+        let npk_a = holder
+            .derive_keys_for_pda(&seed_a)
+            .generate_nullifier_public_key();
+        let npk_b = holder
+            .derive_keys_for_pda(&seed_b)
+            .generate_nullifier_public_key();
+
+        assert_ne!(npk_a.to_byte_array(), npk_b.to_byte_array());
+    }
+
+    /// Different GMS produce different keys for the same PDA seed.
+    #[test]
+    fn different_gms_same_seed_produces_different_keys() {
+        let holder_a = GroupKeyHolder::from_gms([42_u8; 32]);
+        let holder_b = GroupKeyHolder::from_gms([99_u8; 32]);
+        let seed = PdaSeed::new([1; 32]);
+
+        let npk_a = holder_a
+            .derive_keys_for_pda(&seed)
+            .generate_nullifier_public_key();
+        let npk_b = holder_b
+            .derive_keys_for_pda(&seed)
+            .generate_nullifier_public_key();
+
+        assert_ne!(npk_a.to_byte_array(), npk_b.to_byte_array());
+    }
+
+    /// GMS round-trip: export and restore produces the same keys.
+    #[test]
+    fn gms_round_trip() {
+        let original = GroupKeyHolder::from_gms([7_u8; 32]);
+        let restored = GroupKeyHolder::from_gms(*original.dangerous_raw_gms());
+        let seed = PdaSeed::new([1; 32]);
+
+        let npk_original = original
+            .derive_keys_for_pda(&seed)
+            .generate_nullifier_public_key();
+        let npk_restored = restored
+            .derive_keys_for_pda(&seed)
+            .generate_nullifier_public_key();
+
+        assert_eq!(npk_original.to_byte_array(), npk_restored.to_byte_array());
+    }
+
+    /// The derived `NullifierPublicKey` is non-zero (sanity check).
+    #[test]
+    fn derived_npk_is_non_zero() {
+        let holder = GroupKeyHolder::from_gms([42_u8; 32]);
+        let seed = PdaSeed::new([1; 32]);
+        let npk = holder
+            .derive_keys_for_pda(&seed)
+            .generate_nullifier_public_key();
+
+        assert_ne!(npk, NullifierPublicKey([0; 32]));
+    }
+
+    /// Pins the end-to-end derivation for a fixed (GMS, `ProgramId`, `PdaSeed`). Any change
+    /// to `secret_spending_key_for_pda`, the `PrivateKeyHolder` nsk/npk chain, or the
+    /// `AccountId::for_private_pda` formula breaks this test. Mirrors the pinned-value
+    /// pattern from `for_private_pda_matches_pinned_value` in `nssa_core`.
+    #[test]
+    fn pinned_end_to_end_derivation_for_private_pda() {
+        use nssa_core::{account::AccountId, program::ProgramId};
+
+        let gms = [42_u8; 32];
+        let seed = PdaSeed::new([1; 32]);
+        let program_id: ProgramId = [9; 8];
+
+        let holder = GroupKeyHolder::from_gms(gms);
+        let npk = holder
+            .derive_keys_for_pda(&seed)
+            .generate_nullifier_public_key();
+        let account_id = AccountId::for_private_pda(&program_id, &seed, &npk);
+
+        let expected_npk = NullifierPublicKey([
+            185, 161, 225, 224, 20, 156, 173, 0, 6, 173, 74, 136, 16, 88, 71, 154, 101, 160, 224,
+            162, 247, 98, 183, 210, 118, 130, 143, 237, 20, 112, 111, 114,
+        ]);
+        let expected_account_id = AccountId::new([
+            236, 138, 175, 184, 194, 233, 144, 109, 157, 51, 193, 120, 83, 110, 147, 90, 154, 57,
+            148, 236, 12, 92, 135, 38, 253, 79, 88, 143, 161, 175, 46, 144,
+        ]);
+
+        assert_eq!(npk, expected_npk);
+        assert_eq!(account_id, expected_account_id);
+    }
+
+    /// Wallets persist `GroupKeyHolder` to disk and reload it on startup. This test pins
+    /// the serde round-trip: serialize, deserialize, and assert the derived keys for a
+    /// sample seed match on both sides. A silent encoding drift would corrupt every
+    /// group-owned account.
+    #[test]
+    fn gms_serde_round_trip_preserves_derivation() {
+        let original = GroupKeyHolder::from_gms([7_u8; 32]);
+        let encoded = bincode::serialize(&original).expect("serialize");
+        let restored: GroupKeyHolder = bincode::deserialize(&encoded).expect("deserialize");
+
+        let seed = PdaSeed::new([1; 32]);
+        let npk_original = original
+            .derive_keys_for_pda(&seed)
+            .generate_nullifier_public_key();
+        let npk_restored = restored
+            .derive_keys_for_pda(&seed)
+            .generate_nullifier_public_key();
+
+        assert_eq!(npk_original, npk_restored);
+        assert_eq!(original.dangerous_raw_gms(), restored.dangerous_raw_gms());
+    }
+
+    /// A `GroupKeyHolder` constructed from the same 32 bytes as a personal
+    /// `SecretSpendingKey` must not derive the same `NullifierPublicKey` as the personal
+    /// path, so a private PDA cannot be spent by a personal nullifier even under
+    /// adversarial key-material reuse. The safety rests on the group path's distinct
+    /// domain-separation prefix plus the seed mix-in (see `secret_spending_key_for_pda`).
+    #[test]
+    fn group_derivation_does_not_collide_with_personal_path_at_shared_bytes() {
+        let shared_bytes = [13_u8; 32];
+        let seed = PdaSeed::new([5; 32]);
+
+        let group_npk = GroupKeyHolder::from_gms(shared_bytes)
+            .derive_keys_for_pda(&seed)
+            .generate_nullifier_public_key();
+
+        let personal_npk = SecretSpendingKey(shared_bytes)
+            .produce_private_key_holder(None)
+            .generate_nullifier_public_key();
+
+        assert_ne!(group_npk, personal_npk);
+    }
+
+    /// Seal then unseal recovers the same GMS and derived keys.
+    #[test]
+    fn seal_unseal_round_trip() {
+        let holder = GroupKeyHolder::from_gms([42_u8; 32]);
+
+        let recipient_ssk = SecretSpendingKey([7_u8; 32]);
+        let recipient_keys = recipient_ssk.produce_private_key_holder(None);
+        let recipient_vpk = recipient_keys.generate_viewing_public_key();
+        let recipient_vsk = recipient_keys.viewing_secret_key;
+
+        let sealed = holder.seal_for(&recipient_vpk);
+        let restored = GroupKeyHolder::unseal(&sealed, &recipient_vsk).expect("unseal");
+
+        assert_eq!(restored.dangerous_raw_gms(), holder.dangerous_raw_gms());
+
+        let seed = PdaSeed::new([1; 32]);
+        assert_eq!(
+            holder
+                .derive_keys_for_pda(&seed)
+                .generate_nullifier_public_key(),
+            restored
+                .derive_keys_for_pda(&seed)
+                .generate_nullifier_public_key(),
+        );
+    }
+
+    /// Unsealing with a different VSK fails with `DecryptionFailed`.
+    #[test]
+    fn unseal_wrong_vsk_fails() {
+        let holder = GroupKeyHolder::from_gms([42_u8; 32]);
+
+        let recipient_ssk = SecretSpendingKey([7_u8; 32]);
+        let recipient_vpk = recipient_ssk
+            .produce_private_key_holder(None)
+            .generate_viewing_public_key();
+
+        let wrong_ssk = SecretSpendingKey([99_u8; 32]);
+        let wrong_vsk = wrong_ssk
+            .produce_private_key_holder(None)
+            .viewing_secret_key;
+
+        let sealed = holder.seal_for(&recipient_vpk);
+        let result = GroupKeyHolder::unseal(&sealed, &wrong_vsk);
+        assert!(matches!(result, Err(super::SealError::DecryptionFailed)));
+    }
+
+    /// Tampered ciphertext fails authentication.
+    #[test]
+    fn unseal_tampered_ciphertext_fails() {
+        let holder = GroupKeyHolder::from_gms([42_u8; 32]);
+
+        let recipient_ssk = SecretSpendingKey([7_u8; 32]);
+        let recipient_keys = recipient_ssk.produce_private_key_holder(None);
+        let recipient_vpk = recipient_keys.generate_viewing_public_key();
+        let recipient_vsk = recipient_keys.viewing_secret_key;
+
+        let mut sealed = holder.seal_for(&recipient_vpk);
+        // Flip a byte in the ciphertext portion (after ephemeral_pubkey + nonce)
+        let last = sealed.len() - 1;
+        sealed[last] ^= 0xFF;
+
+        let result = GroupKeyHolder::unseal(&sealed, &recipient_vsk);
+        assert!(matches!(result, Err(super::SealError::DecryptionFailed)));
+    }
+
+    /// Two seals of the same holder produce different ciphertexts (ephemeral randomness).
+    #[test]
+    fn two_seals_produce_different_ciphertexts() {
+        let holder = GroupKeyHolder::from_gms([42_u8; 32]);
+
+        let recipient_ssk = SecretSpendingKey([7_u8; 32]);
+        let recipient_vpk = recipient_ssk
+            .produce_private_key_holder(None)
+            .generate_viewing_public_key();
+
+        let sealed_a = holder.seal_for(&recipient_vpk);
+        let sealed_b = holder.seal_for(&recipient_vpk);
+        assert_ne!(sealed_a, sealed_b);
+    }
+
+    /// Sealed payload is too short.
+    #[test]
+    fn unseal_too_short_fails() {
+        let vsk: SealingSecretKey = [7_u8; 32];
+        let result = GroupKeyHolder::unseal(&[0_u8; 10], &vsk);
+        assert!(matches!(result, Err(super::SealError::TooShort)));
+    }
+
+    /// Degenerate GMS values (all-zeros, all-ones, single-bit) must still produce valid,
+    /// non-zero, pairwise-distinct npks. Rules out accidental "if gms == default { return
+    /// default }" style shortcuts in the derivation.
+    #[test]
+    fn degenerate_gms_produces_distinct_non_zero_keys() {
+        let seed = PdaSeed::new([1; 32]);
+        let degenerate = [[0_u8; 32], [0xFF_u8; 32], {
+            let mut v = [0_u8; 32];
+            v[0] = 1;
+            v
+        }];
+
+        let npks: Vec<NullifierPublicKey> = degenerate
+            .iter()
+            .map(|gms| {
+                GroupKeyHolder::from_gms(*gms)
+                    .derive_keys_for_pda(&seed)
+                    .generate_nullifier_public_key()
+            })
+            .collect();
+
+        for npk in &npks {
+            assert_ne!(*npk, NullifierPublicKey([0; 32]));
+        }
+        for (i, a) in npks.iter().enumerate() {
+            for b in &npks[i + 1..] {
+                assert_ne!(a, b);
+            }
+        }
+    }
+
+    /// Full lifecycle: create group, distribute GMS via seal/unseal, verify key agreement.
+    #[test]
+    fn group_pda_lifecycle() {
+        use nssa_core::account::AccountId;
+
+        let alice_holder = GroupKeyHolder::new();
+        let pda_seed = PdaSeed::new([42_u8; 32]);
+        let program_id: nssa_core::program::ProgramId = [1; 8];
+
+        // Derive Alice's keys
+        let alice_keys = alice_holder.derive_keys_for_pda(&pda_seed);
+        let alice_npk = alice_keys.generate_nullifier_public_key();
+
+        // Seal GMS for Bob using Bob's viewing key, Bob unseals
+        let bob_ssk = SecretSpendingKey([77_u8; 32]);
+        let bob_keys = bob_ssk.produce_private_key_holder(None);
+        let bob_vpk = bob_keys.generate_viewing_public_key();
+        let bob_vsk = bob_keys.viewing_secret_key;
+
+        let sealed = alice_holder.seal_for(&bob_vpk);
+        let bob_holder =
+            GroupKeyHolder::unseal(&sealed, &bob_vsk).expect("Bob should unseal the GMS");
+
+        // Key agreement: both derive identical NPK and AccountId
+        let bob_npk = bob_holder
+            .derive_keys_for_pda(&pda_seed)
+            .generate_nullifier_public_key();
+        assert_eq!(alice_npk, bob_npk);
+
+        let alice_account_id = AccountId::for_private_pda(&program_id, &pda_seed, &alice_npk);
+        let bob_account_id = AccountId::for_private_pda(&program_id, &pda_seed, &bob_npk);
+        assert_eq!(alice_account_id, bob_account_id);
+    }
+}
diff --git a/key_protocol/src/key_management/key_tree/keys_private.rs b/key_protocol/src/key_management/key_tree/keys_private.rs
index 42130b1f..6ffc8119 100644
--- a/key_protocol/src/key_management/key_tree/keys_private.rs
+++ b/key_protocol/src/key_management/key_tree/keys_private.rs
@@ -1,23 +1,24 @@
 use k256::{Scalar, elliptic_curve::PrimeField as _};
-use nssa_core::{NullifierPublicKey, encryption::ViewingPublicKey};
+use nssa_core::{Identifier, NullifierPublicKey, encryption::ViewingPublicKey};
 use serde::{Deserialize, Serialize};
 
 use crate::key_management::{
     KeyChain,
-    key_tree::traits::KeyNode,
+    key_tree::traits::KeyTreeNode,
     secret_holders::{PrivateKeyHolder, SecretSpendingKey},
 };
 
 #[derive(Debug, Serialize, Deserialize, Clone)]
 pub struct ChildKeysPrivate {
-    pub value: (KeyChain, nssa::Account),
+    pub value: (KeyChain, Vec<(Identifier, nssa::Account)>),
     pub ccc: [u8; 32],
     /// Can be [`None`] if root.
     pub cci: Option<u32>,
 }
 
-impl KeyNode for ChildKeysPrivate {
-    fn root(seed: [u8; 64]) -> Self {
+impl ChildKeysPrivate {
+    #[must_use]
+    pub fn root(seed: [u8; 64]) -> Self {
         let hash_value = hmac_sha512::HMAC::mac(seed, b"LEE_master_priv");
 
         let ssk = SecretSpendingKey(
@@ -46,14 +47,15 @@ impl KeyNode for ChildKeysPrivate {
                         viewing_secret_key: vsk,
                     },
                 },
-                nssa::Account::default(),
+                vec![],
             ),
             ccc,
             cci: None,
         }
     }
 
-    fn nth_child(&self, cci: u32) -> Self {
+    #[must_use]
+    pub fn nth_child(&self, cci: u32) -> Self {
         #[expect(clippy::arithmetic_side_effects, reason = "TODO: fix later")]
         let parent_pt =
             Scalar::from_repr(self.value.0.private_key_holder.nullifier_secret_key.into())
@@ -95,43 +97,27 @@ impl KeyNode for ChildKeysPrivate {
                         viewing_secret_key: vsk,
                     },
                 },
-                nssa::Account::default(),
+                vec![],
             ),
             ccc,
             cci: Some(cci),
         }
     }
-
-    fn chain_code(&self) -> &[u8; 32] {
-        &self.ccc
-    }
-
-    fn child_index(&self) -> Option<u32> {
-        self.cci
-    }
-
-    fn account_id(&self) -> nssa::AccountId {
-        nssa::AccountId::from(&self.value.0.nullifier_public_key)
-    }
 }
 
-#[expect(
-    clippy::single_char_lifetime_names,
-    reason = "TODO add meaningful name"
-)]
-impl<'a> From<&'a ChildKeysPrivate> for &'a (KeyChain, nssa::Account) {
-    fn from(value: &'a ChildKeysPrivate) -> Self {
-        &value.value
+impl KeyTreeNode for ChildKeysPrivate {
+    fn from_seed(seed: [u8; 64]) -> Self {
+        Self::root(seed)
     }
-}
 
-#[expect(
-    clippy::single_char_lifetime_names,
-    reason = "TODO add meaningful name"
-)]
-impl<'a> From<&'a mut ChildKeysPrivate> for &'a mut (KeyChain, nssa::Account) {
-    fn from(value: &'a mut ChildKeysPrivate) -> Self {
-        &mut value.value
+    fn derive_child(&self, cci: u32) -> Self {
+        self.nth_child(cci)
+    }
+
+    fn account_ids(&self) -> impl Iterator<Item = nssa::AccountId> {
+        self.value.1.iter().map(|(identifier, _)| {
+            nssa::AccountId::from((&self.value.0.nullifier_public_key, *identifier))
+        })
     }
 }
 
diff --git a/key_protocol/src/key_management/key_tree/keys_public.rs b/key_protocol/src/key_management/key_tree/keys_public.rs
index d4c32b4a..3ab9cc35 100644
--- a/key_protocol/src/key_management/key_tree/keys_public.rs
+++ b/key_protocol/src/key_management/key_tree/keys_public.rs
@@ -1,7 +1,7 @@
 use k256::elliptic_curve::{PrimeField as _, sec1::ToEncodedPoint as _};
 use serde::{Deserialize, Serialize};
 
-use crate::key_management::key_tree::traits::KeyNode;
+use crate::key_management::key_tree::traits::KeyTreeNode;
 
 #[derive(Debug, Serialize, Deserialize, Clone)]
 pub struct ChildKeysPublic {
@@ -13,32 +13,8 @@ pub struct ChildKeysPublic {
 }
 
 impl ChildKeysPublic {
-    fn compute_hash_value(&self, cci: u32) -> [u8; 64] {
-        let mut hash_input = vec![];
-
-        if ((2_u32).pow(31)).cmp(&cci) == std::cmp::Ordering::Greater {
-            // Non-harden.
-            // BIP-032 compatibility requires 1-byte header from the public_key;
-            // Not stored in `self.cpk.value()`.
-            let sk = k256::SecretKey::from_bytes(self.csk.value().into())
-                .expect("32 bytes, within curve order");
-            let pk = sk.public_key();
-            hash_input.extend_from_slice(pk.to_encoded_point(true).as_bytes());
-        } else {
-            // Harden.
-            hash_input.extend_from_slice(&[0_u8]);
-            hash_input.extend_from_slice(self.csk.value());
-        }
-
-        #[expect(clippy::big_endian_bytes, reason = "BIP-032 uses big endian")]
-        hash_input.extend_from_slice(&cci.to_be_bytes());
-
-        hmac_sha512::HMAC::mac(hash_input, self.ccc)
-    }
-}
-
-impl KeyNode for ChildKeysPublic {
-    fn root(seed: [u8; 64]) -> Self {
+    #[must_use]
+    pub fn root(seed: [u8; 64]) -> Self {
         let hash_value = hmac_sha512::HMAC::mac(seed, "LEE_master_pub");
 
         let csk = nssa::PrivateKey::try_new(
@@ -58,7 +34,8 @@ impl KeyNode for ChildKeysPublic {
         }
     }
 
-    fn nth_child(&self, cci: u32) -> Self {
+    #[must_use]
+    pub fn nth_child(&self, cci: u32) -> Self {
         let hash_value = self.compute_hash_value(cci);
 
         let csk = nssa::PrivateKey::try_new({
@@ -90,17 +67,33 @@ impl KeyNode for ChildKeysPublic {
         }
     }
 
-    fn chain_code(&self) -> &[u8; 32] {
-        &self.ccc
-    }
-
-    fn child_index(&self) -> Option<u32> {
-        self.cci
-    }
-
-    fn account_id(&self) -> nssa::AccountId {
+    #[must_use]
+    pub fn account_id(&self) -> nssa::AccountId {
         nssa::AccountId::from(&self.cpk)
     }
+
+    fn compute_hash_value(&self, cci: u32) -> [u8; 64] {
+        let mut hash_input = vec![];
+
+        if ((2_u32).pow(31)).cmp(&cci) == std::cmp::Ordering::Greater {
+            // Non-harden.
+            // BIP-032 compatibility requires 1-byte header from the public_key;
+            // Not stored in `self.cpk.value()`.
+            let sk = k256::SecretKey::from_bytes(self.csk.value().into())
+                .expect("32 bytes, within curve order");
+            let pk = sk.public_key();
+            hash_input.extend_from_slice(pk.to_encoded_point(true).as_bytes());
+        } else {
+            // Harden.
+            hash_input.extend_from_slice(&[0_u8]);
+            hash_input.extend_from_slice(self.csk.value());
+        }
+
+        #[expect(clippy::big_endian_bytes, reason = "BIP-032 uses big endian")]
+        hash_input.extend_from_slice(&cci.to_be_bytes());
+
+        hmac_sha512::HMAC::mac(hash_input, self.ccc)
+    }
 }
 
 #[expect(
@@ -113,6 +106,20 @@ impl<'a> From<&'a ChildKeysPublic> for &'a nssa::PrivateKey {
     }
 }
 
+impl KeyTreeNode for ChildKeysPublic {
+    fn from_seed(seed: [u8; 64]) -> Self {
+        Self::root(seed)
+    }
+
+    fn derive_child(&self, cci: u32) -> Self {
+        self.nth_child(cci)
+    }
+
+    fn account_ids(&self) -> impl Iterator<Item = nssa::AccountId> {
+        std::iter::once(self.account_id())
+    }
+}
+
 #[cfg(test)]
 mod tests {
     use nssa::{PrivateKey, PublicKey};
diff --git a/key_protocol/src/key_management/key_tree/mod.rs b/key_protocol/src/key_management/key_tree/mod.rs
index 08a576e5..0ae0a52f 100644
--- a/key_protocol/src/key_management/key_tree/mod.rs
+++ b/key_protocol/src/key_management/key_tree/mod.rs
@@ -2,12 +2,13 @@ use std::collections::BTreeMap;
 
 use anyhow::Result;
 use nssa::{Account, AccountId};
+use nssa_core::Identifier;
 use serde::{Deserialize, Serialize};
 
 use crate::key_management::{
     key_tree::{
         chain_index::ChainIndex, keys_private::ChildKeysPrivate, keys_public::ChildKeysPublic,
-        traits::KeyNode,
+        traits::KeyTreeNode,
     },
     secret_holders::SeedHolder,
 };
@@ -20,7 +21,7 @@ pub mod traits;
 pub const DEPTH_SOFT_CAP: u32 = 20;
 
 #[derive(Debug, Serialize, Deserialize, Clone)]
-pub struct KeyTree<N: KeyNode> {
+pub struct KeyTree<N: KeyTreeNode> {
     pub key_map: BTreeMap<ChainIndex, N>,
     pub account_id_map: BTreeMap<nssa::AccountId, ChainIndex>,
 }
@@ -28,7 +29,7 @@ pub struct KeyTree<N: KeyNode> {
 pub type KeyTreePublic = KeyTree<ChildKeysPublic>;
 pub type KeyTreePrivate = KeyTree<ChildKeysPrivate>;
 
-impl<N: KeyNode> KeyTree<N> {
+impl<N: KeyTreeNode> KeyTree<N> {
     #[must_use]
     pub fn new(seed: &SeedHolder) -> Self {
         let seed_fit: [u8; 64] = seed
@@ -37,29 +38,62 @@ impl<N: KeyNode> KeyTree<N> {
             .try_into()
             .expect("SeedHolder seed is 64 bytes long");
 
-        let root_keys = N::root(seed_fit);
-        let account_id = root_keys.account_id();
-
-        let key_map = BTreeMap::from_iter([(ChainIndex::root(), root_keys)]);
-        let account_id_map = BTreeMap::from_iter([(account_id, ChainIndex::root())]);
+        let root_keys = N::from_seed(seed_fit);
+        let account_id_map = root_keys
+            .account_ids()
+            .map(|id| (id, ChainIndex::root()))
+            .collect();
 
         Self {
-            key_map,
+            key_map: BTreeMap::from_iter([(ChainIndex::root(), root_keys)]),
             account_id_map,
         }
     }
 
     pub fn new_from_root(root: N) -> Self {
-        let account_id_map = BTreeMap::from_iter([(root.account_id(), ChainIndex::root())]);
-        let key_map = BTreeMap::from_iter([(ChainIndex::root(), root)]);
+        let account_id_map = root
+            .account_ids()
+            .map(|id| (id, ChainIndex::root()))
+            .collect();
 
         Self {
-            key_map,
+            key_map: BTreeMap::from_iter([(ChainIndex::root(), root)]),
             account_id_map,
         }
     }
 
-    // ToDo: Add function to create a tree from list of nodes with consistency check.
+    pub fn generate_new_node(&mut self, parent_cci: &ChainIndex) -> Option<ChainIndex> {
+        let parent_keys = self.key_map.get(parent_cci)?;
+        let next_child_id = self
+            .find_next_last_child_of_id(parent_cci)
+            .expect("Can be None only if parent is not present");
+        let next_cci = parent_cci.nth_child(next_child_id);
+
+        let child_keys = parent_keys.derive_child(next_child_id);
+        let account_ids = child_keys.account_ids();
+
+        for account_id in account_ids {
+            self.account_id_map.insert(account_id, next_cci.clone());
+        }
+        self.key_map.insert(next_cci.clone(), child_keys);
+
+        Some(next_cci)
+    }
+
+    pub fn fill_node(&mut self, chain_index: &ChainIndex) -> Option<ChainIndex> {
+        let parent_keys = self.key_map.get(&chain_index.parent()?)?;
+        let child_id = *chain_index.chain().last()?;
+
+        let child_keys = parent_keys.derive_child(child_id);
+        let account_ids = child_keys.account_ids();
+
+        for account_id in account_ids {
+            self.account_id_map.insert(account_id, chain_index.clone());
+        }
+        self.key_map.insert(chain_index.clone(), child_keys);
+
+        Some(chain_index.clone())
+    }
 
     #[must_use]
     pub fn find_next_last_child_of_id(&self, parent_id: &ChainIndex) -> Option<u32> {
@@ -102,25 +136,6 @@ impl<N: KeyNode> KeyTree<N> {
         }
     }
 
-    pub fn generate_new_node(
-        &mut self,
-        parent_cci: &ChainIndex,
-    ) -> Option<(nssa::AccountId, ChainIndex)> {
-        let parent_keys = self.key_map.get(parent_cci)?;
-        let next_child_id = self
-            .find_next_last_child_of_id(parent_cci)
-            .expect("Can be None only if parent is not present");
-        let next_cci = parent_cci.nth_child(next_child_id);
-
-        let child_keys = parent_keys.nth_child(next_child_id);
-        let account_id = child_keys.account_id();
-
-        self.key_map.insert(next_cci.clone(), child_keys);
-        self.account_id_map.insert(account_id, next_cci.clone());
-
-        Some((account_id, next_cci))
-    }
-
     fn find_next_slot_layered(&self) -> ChainIndex {
         let mut depth = 1;
 
@@ -134,44 +149,10 @@ impl<N: KeyNode> KeyTree<N> {
         }
     }
 
-    pub fn fill_node(&mut self, chain_index: &ChainIndex) -> Option<(nssa::AccountId, ChainIndex)> {
-        let parent_keys = self.key_map.get(&chain_index.parent()?)?;
-        let child_id = *chain_index.chain().last()?;
-
-        let child_keys = parent_keys.nth_child(child_id);
-        let account_id = child_keys.account_id();
-
-        self.key_map.insert(chain_index.clone(), child_keys);
-        self.account_id_map.insert(account_id, chain_index.clone());
-
-        Some((account_id, chain_index.clone()))
-    }
-
-    pub fn generate_new_node_layered(&mut self) -> Option<(nssa::AccountId, ChainIndex)> {
+    pub fn generate_new_node_layered(&mut self) -> Option<ChainIndex> {
         self.fill_node(&self.find_next_slot_layered())
     }
 
-    #[must_use]
-    pub fn get_node(&self, account_id: nssa::AccountId) -> Option<&N> {
-        let chain_id = self.account_id_map.get(&account_id)?;
-        self.key_map.get(chain_id)
-    }
-
-    pub fn get_node_mut(&mut self, account_id: nssa::AccountId) -> Option<&mut N> {
-        let chain_id = self.account_id_map.get(&account_id)?;
-        self.key_map.get_mut(chain_id)
-    }
-
-    pub fn insert(&mut self, account_id: nssa::AccountId, chain_index: ChainIndex, node: N) {
-        self.account_id_map.insert(account_id, chain_index.clone());
-        self.key_map.insert(chain_index, node);
-    }
-
-    pub fn remove(&mut self, addr: nssa::AccountId) -> Option<N> {
-        let chain_index = self.account_id_map.remove(&addr)?;
-        self.key_map.remove(&chain_index)
-    }
-
     /// Populates tree with children.
     ///
     /// For given `depth` adds children to a tree such that their `ChainIndex::depth(&self) <
@@ -194,37 +175,50 @@ impl<N: KeyNode> KeyTree<N> {
             }
         }
     }
-}
 
-impl KeyTree<ChildKeysPrivate> {
-    /// Cleanup of non-initialized accounts in a private tree.
-    ///
-    /// If account is default, removes them, stops at first non-default account.
-    ///
-    /// Walks through tree in lairs of same depth using `ChainIndex::chain_ids_at_depth()`.
-    ///
-    /// Chain must be parsed for accounts beforehand.
-    ///
-    /// Slow, maintains tree consistency.
-    pub fn cleanup_tree_remove_uninit_layered(&mut self, depth: u32) {
-        let depth = usize::try_from(depth).expect("Depth is expected to fit in usize");
-        'outer: for i in (1..depth).rev() {
-            println!("Cleanup of tree at depth {i}");
-            for id in ChainIndex::chain_ids_at_depth(i) {
-                if let Some(node) = self.key_map.get(&id) {
-                    if node.value.1 == nssa::Account::default() {
-                        let addr = node.account_id();
-                        self.remove(addr);
-                    } else {
-                        break 'outer;
-                    }
-                }
-            }
-        }
+    #[must_use]
+    pub fn get_node(&self, account_id: nssa::AccountId) -> Option<&N> {
+        let chain_id = self.account_id_map.get(&account_id)?;
+        self.key_map.get(chain_id)
+    }
+
+    pub fn get_node_mut(&mut self, account_id: nssa::AccountId) -> Option<&mut N> {
+        let chain_id = self.account_id_map.get(&account_id)?;
+        self.key_map.get_mut(chain_id)
+    }
+
+    pub fn insert(&mut self, account_id: nssa::AccountId, chain_index: ChainIndex, node: N) {
+        self.account_id_map.insert(account_id, chain_index.clone());
+        self.key_map.insert(chain_index, node);
+    }
+
+    pub fn remove(&mut self, addr: nssa::AccountId) -> Option<N> {
+        let chain_index = self.account_id_map.remove(&addr)?;
+        self.key_map.remove(&chain_index)
     }
 }
 
 impl KeyTree<ChildKeysPublic> {
+    /// Generate a new public key node, returning the account ID and chain index.
+    pub fn generate_new_public_node(
+        &mut self,
+        parent_cci: &ChainIndex,
+    ) -> Option<(nssa::AccountId, ChainIndex)> {
+        let cci = self.generate_new_node(parent_cci)?;
+        let node = self.key_map.get(&cci)?;
+        let account_id = node.account_ids().next()?;
+        Some((account_id, cci))
+    }
+
+    /// Generate a new public key node using layered placement, returning the account ID and chain
+    /// index.
+    pub fn generate_new_public_node_layered(&mut self) -> Option<(nssa::AccountId, ChainIndex)> {
+        let cci = self.generate_new_node_layered()?;
+        let node = self.key_map.get(&cci)?;
+        let account_id = node.account_ids().next()?;
+        Some((account_id, cci))
+    }
+
     /// Cleanup of non-initialized accounts in a public tree.
     ///
     /// If account is default, removes them, stops at first non-default account.
@@ -259,6 +253,65 @@ impl KeyTree<ChildKeysPublic> {
     }
 }
 
+impl KeyTree<ChildKeysPrivate> {
+    pub fn create_private_accounts_key_node(
+        &mut self,
+        parent_cci: &ChainIndex,
+    ) -> Option<ChainIndex> {
+        self.generate_new_node(parent_cci)
+    }
+
+    pub fn create_private_accounts_key_node_layered(&mut self) -> Option<ChainIndex> {
+        self.generate_new_node_layered()
+    }
+
+    /// Register an additional identifier on an existing private key node, inserting the derived
+    /// `AccountId` into `account_id_map`. Returns `None` if the node does not exist or the
+    /// `AccountId` is already registered.
+    pub fn register_identifier_on_node(
+        &mut self,
+        cci: &ChainIndex,
+        identifier: Identifier,
+    ) -> Option<nssa::AccountId> {
+        let node = self.key_map.get(cci)?;
+        let account_id = nssa::AccountId::from((&node.value.0.nullifier_public_key, identifier));
+        if self.account_id_map.contains_key(&account_id) {
+            return None;
+        }
+        self.account_id_map.insert(account_id, cci.clone());
+        Some(account_id)
+    }
+
+    /// Cleanup of non-initialized accounts in a private tree.
+    ///
+    /// If account has no synced entries, removes it, stops at first initialized account.
+    ///
+    /// Walks through tree in layers of same depth using `ChainIndex::chain_ids_at_depth()`.
+    ///
+    /// Chain must be parsed for accounts beforehand.
+    ///
+    /// Slow, maintains tree consistency.
+    pub fn cleanup_tree_remove_uninit_layered(&mut self, depth: u32) {
+        let depth = usize::try_from(depth).expect("Depth is expected to fit in usize");
+        'outer: for i in (1..depth).rev() {
+            println!("Cleanup of tree at depth {i}");
+            for id in ChainIndex::chain_ids_at_depth(i) {
+                if let Some(node) = self.key_map.get(&id).cloned() {
+                    if node.value.1.is_empty() {
+                        let account_ids = node.account_ids();
+                        self.key_map.remove(&id);
+                        for addr in account_ids {
+                            self.account_id_map.remove(&addr);
+                        }
+                    } else {
+                        break 'outer;
+                    }
+                }
+            }
+        }
+    }
+}
+
 #[cfg(test)]
 mod tests {
     #![expect(clippy::shadow_unrelated, reason = "We don't care about this in tests")]
@@ -478,25 +531,59 @@ mod tests {
             .key_map
             .get_mut(&ChainIndex::from_str("/1").unwrap())
             .unwrap();
-        acc.value.1.balance = 2;
+        acc.value.1.push((
+            0,
+            nssa::Account {
+                balance: 2,
+                ..nssa::Account::default()
+            },
+        ));
 
         let acc = tree
             .key_map
             .get_mut(&ChainIndex::from_str("/2").unwrap())
             .unwrap();
-        acc.value.1.balance = 3;
+        acc.value.1.push((
+            0,
+            nssa::Account {
+                balance: 3,
+                ..nssa::Account::default()
+            },
+        ));
 
         let acc = tree
             .key_map
             .get_mut(&ChainIndex::from_str("/0/1").unwrap())
             .unwrap();
-        acc.value.1.balance = 5;
+        acc.value.1.push((
+            0,
+            nssa::Account {
+                balance: 5,
+                ..nssa::Account::default()
+            },
+        ));
 
         let acc = tree
             .key_map
             .get_mut(&ChainIndex::from_str("/1/0").unwrap())
             .unwrap();
-        acc.value.1.balance = 6;
+        acc.value.1.push((
+            0,
+            nssa::Account {
+                balance: 6,
+                ..nssa::Account::default()
+            },
+        ));
+
+        // Update account_id_map for nodes that now have entries
+        for chain_index_str in ["/1", "/2", "/0/1", "/1/0"] {
+            let id = ChainIndex::from_str(chain_index_str).unwrap();
+            if let Some(node) = tree.key_map.get(&id) {
+                for account_id in node.account_ids() {
+                    tree.account_id_map.insert(account_id, id.clone());
+                }
+            }
+        }
 
         tree.cleanup_tree_remove_uninit_layered(10);
 
@@ -518,15 +605,15 @@ mod tests {
         assert_eq!(key_set, key_set_res);
 
         let acc = &tree.key_map[&ChainIndex::from_str("/1").unwrap()];
-        assert_eq!(acc.value.1.balance, 2);
+        assert_eq!(acc.value.1[0].1.balance, 2);
 
         let acc = &tree.key_map[&ChainIndex::from_str("/2").unwrap()];
-        assert_eq!(acc.value.1.balance, 3);
+        assert_eq!(acc.value.1[0].1.balance, 3);
 
         let acc = &tree.key_map[&ChainIndex::from_str("/0/1").unwrap()];
-        assert_eq!(acc.value.1.balance, 5);
+        assert_eq!(acc.value.1[0].1.balance, 5);
 
         let acc = &tree.key_map[&ChainIndex::from_str("/1/0").unwrap()];
-        assert_eq!(acc.value.1.balance, 6);
+        assert_eq!(acc.value.1[0].1.balance, 6);
     }
 }
diff --git a/key_protocol/src/key_management/key_tree/traits.rs b/key_protocol/src/key_management/key_tree/traits.rs
index 65e8fae0..71ca4743 100644
--- a/key_protocol/src/key_management/key_tree/traits.rs
+++ b/key_protocol/src/key_management/key_tree/traits.rs
@@ -1,15 +1,8 @@
-/// Trait, that reperesents a Node in hierarchical key tree.
-pub trait KeyNode {
-    /// Tree root node.
-    fn root(seed: [u8; 64]) -> Self;
-
-    /// `cci`'s child of node.
+pub trait KeyTreeNode: Sized {
     #[must_use]
-    fn nth_child(&self, cci: u32) -> Self;
-
-    fn chain_code(&self) -> &[u8; 32];
-
-    fn child_index(&self) -> Option<u32>;
-
-    fn account_id(&self) -> nssa::AccountId;
+    fn from_seed(seed: [u8; 64]) -> Self;
+    #[must_use]
+    fn derive_child(&self, cci: u32) -> Self;
+    #[must_use]
+    fn account_ids(&self) -> impl Iterator<Item = nssa::AccountId>;
 }
diff --git a/key_protocol/src/key_management/mod.rs b/key_protocol/src/key_management/mod.rs
index c038c415..aa5a1a75 100644
--- a/key_protocol/src/key_management/mod.rs
+++ b/key_protocol/src/key_management/mod.rs
@@ -6,6 +6,7 @@ use secret_holders::{PrivateKeyHolder, SecretSpendingKey, SeedHolder};
 use serde::{Deserialize, Serialize};
 
 pub mod ephemeral_key_holder;
+pub mod group_key_holder;
 pub mod key_tree;
 pub mod secret_holders;
 
@@ -172,11 +173,12 @@ mod tests {
         // /0/0
         key_tree_private.generate_new_node_layered().unwrap();
         // /2
-        let (second_child_id, _) = key_tree_private.generate_new_node_layered().unwrap();
+        let second_chain_index = key_tree_private.generate_new_node_layered().unwrap();
 
         key_tree_private
-            .get_node(second_child_id)
-            .unwrap()
+            .key_map
+            .get(&second_chain_index)
+            .expect("Node was just inserted")
             .value
             .0
             .clone()
diff --git a/key_protocol/src/key_protocol_core/mod.rs b/key_protocol/src/key_protocol_core/mod.rs
index 8186865f..d12f83a1 100644
--- a/key_protocol/src/key_protocol_core/mod.rs
+++ b/key_protocol/src/key_protocol_core/mod.rs
@@ -2,27 +2,46 @@ use std::collections::BTreeMap;
 
 use anyhow::Result;
 use k256::AffinePoint;
+use nssa::{Account, AccountId};
+use nssa_core::Identifier;
 use serde::{Deserialize, Serialize};
 
 use crate::key_management::{
     KeyChain,
+    group_key_holder::GroupKeyHolder,
     key_tree::{KeyTreePrivate, KeyTreePublic, chain_index::ChainIndex},
     secret_holders::SeedHolder,
 };
 
 pub type PublicKey = AffinePoint;
 
+#[derive(Clone, Debug, Serialize, Deserialize)]
+pub struct UserPrivateAccountData {
+    pub key_chain: KeyChain,
+    pub accounts: Vec<(Identifier, Account)>,
+}
+
 #[derive(Clone, Debug, Serialize, Deserialize)]
 pub struct NSSAUserData {
     /// Default public accounts.
     pub default_pub_account_signing_keys: BTreeMap<nssa::AccountId, nssa::PrivateKey>,
     /// Default private accounts.
-    pub default_user_private_accounts:
-        BTreeMap<nssa::AccountId, (KeyChain, nssa_core::account::Account)>,
+    pub default_user_private_accounts: BTreeMap<AccountId, UserPrivateAccountData>,
     /// Tree of public keys.
     pub public_key_tree: KeyTreePublic,
     /// Tree of private keys.
     pub private_key_tree: KeyTreePrivate,
+    /// Group key holders for private PDA groups, keyed by a human-readable label.
+    /// Defaults to empty for backward compatibility with wallets that predate group PDAs.
+    /// An older wallet binary that re-serializes this struct will drop the field.
+    #[serde(default)]
+    pub group_key_holders: BTreeMap<String, GroupKeyHolder>,
+    /// Cached plaintext state of private PDA accounts, keyed by `AccountId`.
+    /// Updated after each private PDA transaction by decrypting the circuit output.
+    /// The sequencer only stores encrypted commitments, so this local cache is the
+    /// only source of plaintext state for private PDAs.
+    #[serde(default, alias = "group_pda_accounts")]
+    pub pda_accounts: BTreeMap<nssa::AccountId, nssa_core::account::Account>,
 }
 
 impl NSSAUserData {
@@ -42,13 +61,16 @@ impl NSSAUserData {
     }
 
     fn valid_private_key_transaction_pairing_check(
-        accounts_keys_map: &BTreeMap<nssa::AccountId, (KeyChain, nssa_core::account::Account)>,
+        accounts_keys_map: &BTreeMap<AccountId, UserPrivateAccountData>,
     ) -> bool {
         let mut check_res = true;
-        for (account_id, (key, _)) in accounts_keys_map {
-            let expected_account_id = nssa::AccountId::from(&key.nullifier_public_key);
-            if expected_account_id != *account_id {
-                println!("{expected_account_id}, {account_id}");
+        for (account_id, entry) in accounts_keys_map {
+            let any_match = entry.accounts.iter().any(|(identifier, _)| {
+                nssa::AccountId::from((&entry.key_chain.nullifier_public_key, *identifier))
+                    == *account_id
+            });
+            if !any_match {
+                println!("No matching entry found for account_id {account_id}");
                 check_res = false;
             }
         }
@@ -57,10 +79,7 @@ impl NSSAUserData {
 
     pub fn new_with_accounts(
         default_accounts_keys: BTreeMap<nssa::AccountId, nssa::PrivateKey>,
-        default_accounts_key_chains: BTreeMap<
-            nssa::AccountId,
-            (KeyChain, nssa_core::account::Account),
-        >,
+        default_accounts_key_chains: BTreeMap<AccountId, UserPrivateAccountData>,
         public_key_tree: KeyTreePublic,
         private_key_tree: KeyTreePrivate,
     ) -> Result<Self> {
@@ -81,6 +100,8 @@ impl NSSAUserData {
             default_user_private_accounts: default_accounts_key_chains,
             public_key_tree,
             private_key_tree,
+            group_key_holders: BTreeMap::new(),
+            pda_accounts: BTreeMap::new(),
         })
     }
 
@@ -94,11 +115,11 @@ impl NSSAUserData {
         match parent_cci {
             Some(parent_cci) => self
                 .public_key_tree
-                .generate_new_node(&parent_cci)
+                .generate_new_public_node(&parent_cci)
                 .expect("Parent must be present in a tree"),
             None => self
                 .public_key_tree
-                .generate_new_node_layered()
+                .generate_new_public_node_layered()
                 .expect("Search for new node slot failed"),
         }
     }
@@ -114,50 +135,61 @@ impl NSSAUserData {
             .or_else(|| self.public_key_tree.get_node(account_id).map(Into::into))
     }
 
-    /// Generated new private key for privacy preserving transactions.
-    ///
-    /// Returns the `account_id` of new account.
-    pub fn generate_new_privacy_preserving_transaction_key_chain(
-        &mut self,
-        parent_cci: Option<ChainIndex>,
-    ) -> (nssa::AccountId, ChainIndex) {
+    /// Creates a new receiving key node and returns its `ChainIndex`.
+    pub fn create_private_accounts_key(&mut self, parent_cci: Option<ChainIndex>) -> ChainIndex {
         match parent_cci {
             Some(parent_cci) => self
                 .private_key_tree
-                .generate_new_node(&parent_cci)
+                .create_private_accounts_key_node(&parent_cci)
                 .expect("Parent must be present in a tree"),
             None => self
                 .private_key_tree
-                .generate_new_node_layered()
+                .create_private_accounts_key_node_layered()
                 .expect("Search for new node slot failed"),
         }
     }
 
-    /// Returns the signing key for public transaction signatures.
+    /// Registers an additional identifier on an existing private key node, deriving and recording
+    /// the corresponding `AccountId`. Returns `None` if the node does not exist or the identifier
+    /// is already registered.
+    pub fn register_identifier_on_private_key_chain(
+        &mut self,
+        cci: &ChainIndex,
+        identifier: Identifier,
+    ) -> Option<nssa::AccountId> {
+        self.private_key_tree
+            .register_identifier_on_node(cci, identifier)
+    }
+
+    /// Returns the key chain and account data for the given private account ID.
     #[must_use]
     pub fn get_private_account(
         &self,
         account_id: nssa::AccountId,
-    ) -> Option<&(KeyChain, nssa_core::account::Account)> {
-        self.default_user_private_accounts
-            .get(&account_id)
-            .or_else(|| self.private_key_tree.get_node(account_id).map(Into::into))
-    }
-
-    /// Returns the signing key for public transaction signatures.
-    pub fn get_private_account_mut(
-        &mut self,
-        account_id: &nssa::AccountId,
-    ) -> Option<&mut (KeyChain, nssa_core::account::Account)> {
-        // First seek in defaults
-        if let Some(key) = self.default_user_private_accounts.get_mut(account_id) {
-            Some(key)
-        // Then seek in tree
-        } else {
-            self.private_key_tree
-                .get_node_mut(*account_id)
-                .map(Into::into)
+    ) -> Option<(KeyChain, nssa_core::account::Account, Identifier)> {
+        // Check default accounts
+        if let Some(entry) = self.default_user_private_accounts.get(&account_id) {
+            for (identifier, account) in &entry.accounts {
+                let expected_id =
+                    nssa::AccountId::from((&entry.key_chain.nullifier_public_key, *identifier));
+                if expected_id == account_id {
+                    return Some((entry.key_chain.clone(), account.clone(), *identifier));
+                }
+            }
+            return None;
         }
+        // Check tree
+        if let Some(node) = self.private_key_tree.get_node(account_id) {
+            let key_chain = &node.value.0;
+            for (identifier, account) in &node.value.1 {
+                let expected_id =
+                    nssa::AccountId::from((&key_chain.nullifier_public_key, *identifier));
+                if expected_id == account_id {
+                    return Some((key_chain.clone(), account.clone(), *identifier));
+                }
+            }
+        }
+        None
     }
 
     pub fn account_ids(&self) -> impl Iterator<Item = nssa::AccountId> {
@@ -177,6 +209,20 @@ impl NSSAUserData {
             .copied()
             .chain(self.private_key_tree.account_id_map.keys().copied())
     }
+
+    /// Returns the `GroupKeyHolder` for the given label, if it exists.
+    #[must_use]
+    pub fn group_key_holder(&self, label: &str) -> Option<&GroupKeyHolder> {
+        self.group_key_holders.get(label)
+    }
+
+    /// Inserts or replaces a `GroupKeyHolder` under the given label.
+    ///
+    /// If a holder already exists under this label, it is silently replaced and the old
+    /// GMS is lost. Callers must ensure label uniqueness across groups.
+    pub fn insert_group_key_holder(&mut self, label: String, holder: GroupKeyHolder) {
+        self.group_key_holders.insert(label, holder);
+    }
 }
 
 impl Default for NSSAUserData {
@@ -196,20 +242,39 @@ impl Default for NSSAUserData {
 mod tests {
     use super::*;
 
+    #[test]
+    fn group_key_holder_storage_round_trip() {
+        let mut user_data = NSSAUserData::default();
+        assert!(user_data.group_key_holder("test-group").is_none());
+
+        let holder = GroupKeyHolder::from_gms([42_u8; 32]);
+        user_data.insert_group_key_holder(String::from("test-group"), holder.clone());
+
+        let retrieved = user_data
+            .group_key_holder("test-group")
+            .expect("should exist");
+        assert_eq!(retrieved.dangerous_raw_gms(), holder.dangerous_raw_gms());
+    }
+
+    #[test]
+    fn group_key_holders_default_empty() {
+        let user_data = NSSAUserData::default();
+        assert!(user_data.group_key_holders.is_empty());
+    }
+
     #[test]
     fn new_account() {
         let mut user_data = NSSAUserData::default();
 
-        let (account_id_private, _) = user_data
-            .generate_new_privacy_preserving_transaction_key_chain(Some(ChainIndex::root()));
-
-        let is_key_chain_generated = user_data.get_private_account(account_id_private).is_some();
+        let chain_index = user_data.create_private_accounts_key(Some(ChainIndex::root()));
 
+        let is_key_chain_generated = user_data
+            .private_key_tree
+            .key_map
+            .contains_key(&chain_index);
         assert!(is_key_chain_generated);
 
-        let account_id_private_str = account_id_private.to_string();
-        println!("{account_id_private_str:#?}");
-        let key_chain = &user_data.get_private_account(account_id_private).unwrap().0;
+        let key_chain = &user_data.private_key_tree.key_map[&chain_index].value.0;
         println!("{key_chain:#?}");
     }
 }
diff --git a/nssa/core/src/account.rs b/nssa/core/src/account.rs
index 0f9248e3..dc8a49a9 100644
--- a/nssa/core/src/account.rs
+++ b/nssa/core/src/account.rs
@@ -10,7 +10,7 @@ use risc0_zkvm::sha::{Impl, Sha256 as _};
 use serde::{Deserialize, Serialize};
 use serde_with::{DeserializeFromStr, SerializeDisplay};
 
-use crate::{NullifierPublicKey, NullifierSecretKey, program::ProgramId};
+use crate::{NullifierSecretKey, program::ProgramId};
 
 pub mod data;
 
@@ -26,9 +26,9 @@ impl Nonce {
     }
 
     #[must_use]
-    pub fn private_account_nonce_init(npk: &NullifierPublicKey) -> Self {
+    pub fn private_account_nonce_init(account_id: &AccountId) -> Self {
         let mut bytes: [u8; 64] = [0_u8; 64];
-        bytes[..32].copy_from_slice(&npk.0);
+        bytes[..32].copy_from_slice(account_id.value());
         let result: [u8; 32] = Impl::hash_bytes(&bytes).as_bytes().try_into().unwrap();
         let result = result.first_chunk::<16>().unwrap();
 
@@ -306,8 +306,8 @@ mod tests {
 
     #[test]
     fn initialize_private_nonce() {
-        let npk = NullifierPublicKey([42; 32]);
-        let nonce = Nonce::private_account_nonce_init(&npk);
+        let account_id = AccountId::new([42; 32]);
+        let nonce = Nonce::private_account_nonce_init(&account_id);
         let expected_nonce = Nonce(37_937_661_125_547_691_021_612_781_941_709_513_486);
         assert_eq!(nonce, expected_nonce);
     }
diff --git a/nssa/core/src/circuit_io.rs b/nssa/core/src/circuit_io.rs
index 215c7db8..f52357ee 100644
--- a/nssa/core/src/circuit_io.rs
+++ b/nssa/core/src/circuit_io.rs
@@ -1,7 +1,7 @@
 use serde::{Deserialize, Serialize};
 
 use crate::{
-    Commitment, CommitmentSetDigest, MembershipProof, Nullifier, NullifierPublicKey,
+    Commitment, CommitmentSetDigest, Identifier, MembershipProof, Nullifier, NullifierPublicKey,
     NullifierSecretKey, SharedSecretKey,
     account::{Account, AccountWithMetadata},
     encryption::Ciphertext,
@@ -12,23 +12,92 @@ use crate::{
 pub struct PrivacyPreservingCircuitInput {
     /// Outputs of the program execution.
     pub program_outputs: Vec<ProgramOutput>,
-    /// Visibility mask for accounts.
-    ///
-    /// - `0` - public account
-    /// - `1` - private account with authentication
-    /// - `2` - private account without authentication
-    /// - `3` - private PDA account
-    pub visibility_mask: Vec<u8>,
-    /// Public keys of private accounts.
-    pub private_account_keys: Vec<(NullifierPublicKey, SharedSecretKey)>,
-    /// Nullifier secret keys for authorized private accounts.
-    pub private_account_nsks: Vec<NullifierSecretKey>,
-    /// Membership proofs for private accounts. Can be [`None`] for uninitialized accounts.
-    pub private_account_membership_proofs: Vec<Option<MembershipProof>>,
+    /// One entry per `pre_state`, in the same order as the program's `pre_states`.
+    /// Length must equal the number of `pre_states` derived from `program_outputs`.
+    /// The guest's `private_pda_npk_by_position` and `private_pda_bound_positions`
+    /// rely on this position alignment.
+    pub account_identities: Vec<InputAccountIdentity>,
     /// Program ID.
     pub program_id: ProgramId,
 }
 
+/// Per-account input to the privacy-preserving circuit. Each variant carries exactly the fields
+/// the guest needs for that account's code path.
+#[derive(Serialize, Deserialize, Clone)]
+pub enum InputAccountIdentity {
+    /// Public account. The guest reads pre/post state from `program_outputs` and emits no
+    /// commitment, ciphertext, or nullifier.
+    Public,
+    /// Init of an authorized standalone private account: no membership proof. The `pre_state`
+    /// must be `Account::default()`. The `account_id` is derived as
+    /// `AccountId::from((&NullifierPublicKey::from(nsk), identifier))` and matched against
+    /// `pre_state.account_id`.
+    PrivateAuthorizedInit {
+        ssk: SharedSecretKey,
+        nsk: NullifierSecretKey,
+        identifier: Identifier,
+    },
+    /// Update of an authorized standalone private account: existing on-chain commitment, with
+    /// membership proof.
+    PrivateAuthorizedUpdate {
+        ssk: SharedSecretKey,
+        nsk: NullifierSecretKey,
+        membership_proof: MembershipProof,
+        identifier: Identifier,
+    },
+    /// Init of a standalone private account the caller does not own (e.g. a recipient who
+    /// doesn't yet exist on chain). No `nsk`, no membership proof.
+    PrivateUnauthorized {
+        npk: NullifierPublicKey,
+        ssk: SharedSecretKey,
+        identifier: Identifier,
+    },
+    /// Init of a private PDA, unauthorized. The npk-to-account_id binding is proven upstream
+    /// via `Claim::Pda(seed)` or a caller's `pda_seeds` match. Identifier is fixed by
+    /// convention to `PRIVATE_PDA_FIXED_IDENTIFIER` and not carried per-input.
+    PrivatePdaInit {
+        npk: NullifierPublicKey,
+        ssk: SharedSecretKey,
+    },
+    /// Update of an existing private PDA, authorized, with membership proof. `npk` is derived
+    /// from `nsk`. Authorization is established upstream by a caller `pda_seeds` match or a
+    /// previously-seen authorization in a chained call. Identifier is fixed.
+    PrivatePdaUpdate {
+        ssk: SharedSecretKey,
+        nsk: NullifierSecretKey,
+        membership_proof: MembershipProof,
+    },
+}
+
+impl InputAccountIdentity {
+    #[must_use]
+    pub const fn is_public(&self) -> bool {
+        matches!(self, Self::Public)
+    }
+
+    #[must_use]
+    pub const fn is_private_pda(&self) -> bool {
+        matches!(
+            self,
+            Self::PrivatePdaInit { .. } | Self::PrivatePdaUpdate { .. }
+        )
+    }
+
+    /// For private PDA variants, return the nullifier public key. `Init` carries it directly;
+    /// `Update` derives it from `nsk`. For non-PDA variants returns `None`.
+    #[must_use]
+    pub fn npk_if_private_pda(&self) -> Option<NullifierPublicKey> {
+        match self {
+            Self::PrivatePdaInit { npk, .. } => Some(*npk),
+            Self::PrivatePdaUpdate { nsk, .. } => Some(NullifierPublicKey::from(nsk)),
+            Self::Public
+            | Self::PrivateAuthorizedInit { .. }
+            | Self::PrivateAuthorizedUpdate { .. }
+            | Self::PrivateUnauthorized { .. } => None,
+        }
+    }
+}
+
 #[derive(Serialize, Deserialize)]
 #[cfg_attr(any(feature = "host", test), derive(Debug, PartialEq, Eq))]
 pub struct PrivacyPreservingCircuitOutput {
@@ -57,7 +126,7 @@ mod tests {
 
     use super::*;
     use crate::{
-        Commitment, Nullifier, NullifierPublicKey,
+        Commitment, Nullifier,
         account::{Account, AccountId, AccountWithMetadata, Nonce},
     };
 
@@ -94,12 +163,12 @@ mod tests {
             }],
             ciphertexts: vec![Ciphertext(vec![255, 255, 1, 1, 2, 2])],
             new_commitments: vec![Commitment::new(
-                &NullifierPublicKey::from(&[1; 32]),
+                &AccountId::new([1; 32]),
                 &Account::default(),
             )],
             new_nullifiers: vec![(
                 Nullifier::for_account_update(
-                    &Commitment::new(&NullifierPublicKey::from(&[2; 32]), &Account::default()),
+                    &Commitment::new(&AccountId::new([2; 32]), &Account::default()),
                     &[1; 32],
                 ),
                 [0xab; 32],
diff --git a/nssa/core/src/commitment.rs b/nssa/core/src/commitment.rs
index 24d5de87..73ccd703 100644
--- a/nssa/core/src/commitment.rs
+++ b/nssa/core/src/commitment.rs
@@ -2,7 +2,7 @@ use borsh::{BorshDeserialize, BorshSerialize};
 use risc0_zkvm::sha::{Impl, Sha256 as _};
 use serde::{Deserialize, Serialize};
 
-use crate::{NullifierPublicKey, account::Account};
+use crate::account::{Account, AccountId};
 
 /// A commitment to all zero data.
 /// ```python
@@ -49,16 +49,16 @@ impl std::fmt::Debug for Commitment {
 }
 
 impl Commitment {
-    /// Generates the commitment to a private account owned by user for npk:
-    /// SHA256( `Comm_DS` || npk || `program_owner` || balance || nonce || SHA256(data)).
+    /// Generates the commitment to a private account owned by user for `account_id`:
+    /// SHA256( `Comm_DS` || `account_id` || `program_owner` || balance || nonce || SHA256(data)).
     #[must_use]
-    pub fn new(npk: &NullifierPublicKey, account: &Account) -> Self {
+    pub fn new(account_id: &AccountId, account: &Account) -> Self {
         const COMMITMENT_PREFIX: &[u8; 32] =
             b"/LEE/v0.3/Commitment/\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00";
 
         let mut bytes = Vec::new();
         bytes.extend_from_slice(COMMITMENT_PREFIX);
-        bytes.extend_from_slice(&npk.to_byte_array());
+        bytes.extend_from_slice(account_id.value());
         let account_bytes_with_hashed_data = {
             let mut this = Vec::new();
             for word in &account.program_owner {
@@ -115,14 +115,15 @@ mod tests {
     use risc0_zkvm::sha::{Impl, Sha256 as _};
 
     use crate::{
-        Commitment, DUMMY_COMMITMENT, DUMMY_COMMITMENT_HASH, NullifierPublicKey, account::Account,
+        Commitment, DUMMY_COMMITMENT, DUMMY_COMMITMENT_HASH,
+        account::{Account, AccountId},
     };
 
     #[test]
     fn nothing_up_my_sleeve_dummy_commitment() {
         let default_account = Account::default();
-        let npk_null = NullifierPublicKey([0; 32]);
-        let expected_dummy_commitment = Commitment::new(&npk_null, &default_account);
+        let account_id_null = AccountId::new([0; 32]);
+        let expected_dummy_commitment = Commitment::new(&account_id_null, &default_account);
         assert_eq!(DUMMY_COMMITMENT, expected_dummy_commitment);
     }
 
diff --git a/nssa/core/src/encryption/mod.rs b/nssa/core/src/encryption/mod.rs
index 400fb331..80d62f30 100644
--- a/nssa/core/src/encryption/mod.rs
+++ b/nssa/core/src/encryption/mod.rs
@@ -8,7 +8,7 @@ use serde::{Deserialize, Serialize};
 #[cfg(feature = "host")]
 pub use shared_key_derivation::{EphemeralPublicKey, EphemeralSecretKey, ViewingPublicKey};
 
-use crate::{Commitment, account::Account};
+use crate::{Commitment, Identifier, account::Account};
 #[cfg(feature = "host")]
 pub mod shared_key_derivation;
 
@@ -40,11 +40,14 @@ impl EncryptionScheme {
     #[must_use]
     pub fn encrypt(
         account: &Account,
+        identifier: Identifier,
         shared_secret: &SharedSecretKey,
         commitment: &Commitment,
         output_index: u32,
     ) -> Ciphertext {
-        let mut buffer = account.to_bytes();
+        // Plaintext: identifier (16 bytes, little-endian) || account bytes
+        let mut buffer = identifier.to_le_bytes().to_vec();
+        buffer.extend_from_slice(&account.to_bytes());
         Self::symmetric_transform(&mut buffer, shared_secret, commitment, output_index);
         Ciphertext(buffer)
     }
@@ -86,12 +89,17 @@ impl EncryptionScheme {
         shared_secret: &SharedSecretKey,
         commitment: &Commitment,
         output_index: u32,
-    ) -> Option<Account> {
+    ) -> Option<(Identifier, Account)> {
         use std::io::Cursor;
         let mut buffer = ciphertext.0.clone();
         Self::symmetric_transform(&mut buffer, shared_secret, commitment, output_index);
 
-        let mut cursor = Cursor::new(buffer.as_slice());
+        if buffer.len() < 16 {
+            return None;
+        }
+        let identifier = Identifier::from_le_bytes(buffer[..16].try_into().unwrap());
+
+        let mut cursor = Cursor::new(&buffer[16..]);
         Account::from_cursor(&mut cursor)
             .inspect_err(|err| {
                 println!(
@@ -104,5 +112,6 @@ impl EncryptionScheme {
                 );
             })
             .ok()
+            .map(|account| (identifier, account))
     }
 }
diff --git a/nssa/core/src/lib.rs b/nssa/core/src/lib.rs
index a4fcdee1..d660aed0 100644
--- a/nssa/core/src/lib.rs
+++ b/nssa/core/src/lib.rs
@@ -3,13 +3,15 @@
     reason = "We prefer to group methods by functionality rather than by type for encoding"
 )]
 
-pub use circuit_io::{PrivacyPreservingCircuitInput, PrivacyPreservingCircuitOutput};
+pub use circuit_io::{
+    InputAccountIdentity, PrivacyPreservingCircuitInput, PrivacyPreservingCircuitOutput,
+};
 pub use commitment::{
     Commitment, CommitmentSetDigest, DUMMY_COMMITMENT, DUMMY_COMMITMENT_HASH, MembershipProof,
     compute_digest_for_path,
 };
 pub use encryption::{EncryptionScheme, SharedSecretKey};
-pub use nullifier::{Nullifier, NullifierPublicKey, NullifierSecretKey};
+pub use nullifier::{Identifier, Nullifier, NullifierPublicKey, NullifierSecretKey};
 
 pub mod account;
 mod circuit_io;
diff --git a/nssa/core/src/nullifier.rs b/nssa/core/src/nullifier.rs
index fd17b391..aafe3f7c 100644
--- a/nssa/core/src/nullifier.rs
+++ b/nssa/core/src/nullifier.rs
@@ -4,18 +4,24 @@ use serde::{Deserialize, Serialize};
 
 use crate::{Commitment, account::AccountId};
 
+const PRIVATE_ACCOUNT_ID_PREFIX: &[u8; 32] = b"/LEE/v0.3/AccountId/Private/\x00\x00\x00\x00";
+
+pub type Identifier = u128;
+
 #[derive(Debug, Clone, Copy, Serialize, Deserialize, PartialEq, Eq)]
 #[cfg_attr(any(feature = "host", test), derive(Hash))]
 pub struct NullifierPublicKey(pub [u8; 32]);
 
-impl From<&NullifierPublicKey> for AccountId {
-    fn from(value: &NullifierPublicKey) -> Self {
-        const PRIVATE_ACCOUNT_ID_PREFIX: &[u8; 32] =
-            b"/LEE/v0.3/AccountId/Private/\x00\x00\x00\x00";
+impl From<(&NullifierPublicKey, Identifier)> for AccountId {
+    fn from(value: (&NullifierPublicKey, Identifier)) -> Self {
+        let (npk, identifier) = value;
 
-        let mut bytes = [0; 64];
+        // 32 bytes prefix || 32 bytes npk || 16 bytes identifier
+        let mut bytes = [0; 80];
         bytes[0..32].copy_from_slice(PRIVATE_ACCOUNT_ID_PREFIX);
-        bytes[32..].copy_from_slice(&value.0);
+        bytes[32..64].copy_from_slice(&npk.0);
+        bytes[64..80].copy_from_slice(&identifier.to_le_bytes());
+
         Self::new(
             Impl::hash_bytes(&bytes)
                 .as_bytes()
@@ -85,10 +91,10 @@ impl Nullifier {
 
     /// Computes a nullifier for an account initialization.
     #[must_use]
-    pub fn for_account_initialization(npk: &NullifierPublicKey) -> Self {
+    pub fn for_account_initialization(account_id: &AccountId) -> Self {
         const INIT_PREFIX: &[u8; 32] = b"/LEE/v0.3/Nullifier/Initialize/\x00";
         let mut bytes = INIT_PREFIX.to_vec();
-        bytes.extend_from_slice(&npk.to_byte_array());
+        bytes.extend_from_slice(account_id.value());
         Self(Impl::hash_bytes(&bytes).as_bytes().try_into().unwrap())
     }
 }
@@ -111,7 +117,7 @@ mod tests {
 
     #[test]
     fn constructor_for_account_initialization() {
-        let npk = NullifierPublicKey([
+        let account_id = AccountId::new([
             112, 188, 193, 129, 150, 55, 228, 67, 88, 168, 29, 151, 5, 92, 23, 190, 17, 162, 164,
             255, 29, 105, 42, 186, 43, 11, 157, 168, 132, 225, 17, 163,
         ]);
@@ -119,7 +125,7 @@ mod tests {
             149, 59, 95, 181, 2, 194, 20, 143, 72, 233, 104, 243, 59, 70, 67, 243, 110, 77, 109,
             132, 139, 111, 51, 125, 128, 92, 107, 46, 252, 4, 20, 149,
         ]);
-        let nullifier = Nullifier::for_account_initialization(&npk);
+        let nullifier = Nullifier::for_account_initialization(&account_id);
         assert_eq!(nullifier, expected_nullifier);
     }
 
@@ -145,11 +151,46 @@ mod tests {
         ];
         let npk = NullifierPublicKey::from(&nsk);
         let expected_account_id = AccountId::new([
-            139, 72, 194, 222, 215, 187, 147, 56, 55, 35, 222, 205, 156, 12, 204, 227, 166, 44, 30,
-            81, 186, 14, 167, 234, 28, 236, 32, 213, 125, 251, 193, 233,
+            165, 52, 40, 32, 231, 171, 113, 10, 65, 241, 156, 72, 154, 207, 122, 192, 15, 46, 50,
+            253, 105, 164, 89, 84, 40, 191, 182, 119, 64, 255, 67, 142,
         ]);
 
-        let account_id = AccountId::from(&npk);
+        let account_id = AccountId::from((&npk, 0));
+
+        assert_eq!(account_id, expected_account_id);
+    }
+
+    #[test]
+    fn account_id_from_nullifier_public_key_identifier_1() {
+        let nsk = [
+            57, 5, 64, 115, 153, 56, 184, 51, 207, 238, 99, 165, 147, 214, 213, 151, 30, 251, 30,
+            196, 134, 22, 224, 211, 237, 120, 136, 225, 188, 220, 249, 28,
+        ];
+        let npk = NullifierPublicKey::from(&nsk);
+        let expected_account_id = AccountId::new([
+            203, 201, 109, 245, 40, 54, 195, 12, 55, 33, 0, 86, 245, 65, 70, 156, 24, 249, 26, 95,
+            56, 247, 99, 121, 165, 182, 234, 255, 19, 127, 191, 72,
+        ]);
+
+        let account_id = AccountId::from((&npk, 1));
+
+        assert_eq!(account_id, expected_account_id);
+    }
+
+    #[test]
+    fn account_id_from_nullifier_public_key_byte_asymmetric_identifier() {
+        let identifier: u128 = 0x0123_4567_89AB_CDEF_FEDC_BA98_7654_3210;
+        let nsk = [
+            57, 5, 64, 115, 153, 56, 184, 51, 207, 238, 99, 165, 147, 214, 213, 151, 30, 251, 30,
+            196, 134, 22, 224, 211, 237, 120, 136, 225, 188, 220, 249, 28,
+        ];
+        let npk = NullifierPublicKey::from(&nsk);
+        let expected_account_id = AccountId::new([
+            178, 16, 226, 206, 217, 38, 38, 45, 155, 240, 226, 253, 168, 87, 146, 70, 72, 32, 174,
+            19, 245, 25, 214, 162, 209, 135, 252, 82, 27, 2, 174, 196,
+        ]);
+
+        let account_id = AccountId::from((&npk, identifier));
 
         assert_eq!(account_id, expected_account_id);
     }
diff --git a/nssa/core/src/program.rs b/nssa/core/src/program.rs
index 5091cdff..e4e33932 100644
--- a/nssa/core/src/program.rs
+++ b/nssa/core/src/program.rs
@@ -37,6 +37,12 @@ impl PdaSeed {
     }
 }
 
+impl AsRef<[u8]> for PdaSeed {
+    fn as_ref(&self) -> &[u8] {
+        &self.0
+    }
+}
+
 impl AccountId {
     /// Derives an [`AccountId`] for a public PDA from the program ID and seed.
     #[must_use]
@@ -913,18 +919,6 @@ mod tests {
         assert_ne!(private_id, public_id);
     }
 
-    /// A private PDA address differs from a standard private account address at the same `npk`,
-    /// because the private PDA formula includes `program_id` and `seed`.
-    #[test]
-    fn for_private_pda_differs_from_standard_private() {
-        let program_id: ProgramId = [1; 8];
-        let seed = PdaSeed::new([2; 32]);
-        let npk = NullifierPublicKey([3; 32]);
-        let private_pda_id = AccountId::for_private_pda(&program_id, &seed, &npk);
-        let standard_private_id = AccountId::from(&npk);
-        assert_ne!(private_pda_id, standard_private_id);
-    }
-
     // ---- compute_public_authorized_pdas tests ----
 
     /// `compute_public_authorized_pdas` returns the public PDA addresses for the caller's seeds.
diff --git a/nssa/src/privacy_preserving_transaction/circuit.rs b/nssa/src/privacy_preserving_transaction/circuit.rs
index 528bb372..2526c700 100644
--- a/nssa/src/privacy_preserving_transaction/circuit.rs
+++ b/nssa/src/privacy_preserving_transaction/circuit.rs
@@ -2,8 +2,7 @@ use std::collections::{HashMap, VecDeque};
 
 use borsh::{BorshDeserialize, BorshSerialize};
 use nssa_core::{
-    MembershipProof, NullifierPublicKey, NullifierSecretKey, PrivacyPreservingCircuitInput,
-    PrivacyPreservingCircuitOutput, SharedSecretKey,
+    InputAccountIdentity, PrivacyPreservingCircuitInput, PrivacyPreservingCircuitOutput,
     account::AccountWithMetadata,
     program::{ChainedCall, InstructionData, ProgramId, ProgramOutput},
 };
@@ -63,14 +62,10 @@ impl From<Program> for ProgramWithDependencies {
 
 /// Generates a proof of the execution of a NSSA program inside the privacy preserving execution
 /// circuit.
-/// TODO: too many parameters.
 pub fn execute_and_prove(
     pre_states: Vec<AccountWithMetadata>,
     instruction_data: InstructionData,
-    visibility_mask: Vec<u8>,
-    private_account_keys: Vec<(NullifierPublicKey, SharedSecretKey)>,
-    private_account_nsks: Vec<NullifierSecretKey>,
-    private_account_membership_proofs: Vec<Option<MembershipProof>>,
+    account_identities: Vec<InputAccountIdentity>,
     program_with_dependencies: &ProgramWithDependencies,
 ) -> Result<(PrivacyPreservingCircuitOutput, Proof), NssaError> {
     let ProgramWithDependencies {
@@ -128,10 +123,7 @@ pub fn execute_and_prove(
 
     let circuit_input = PrivacyPreservingCircuitInput {
         program_outputs,
-        visibility_mask,
-        private_account_keys,
-        private_account_nsks,
-        private_account_membership_proofs,
+        account_identities,
         program_id: program_with_dependencies.program.id(),
     };
 
@@ -186,6 +178,7 @@ mod tests {
     use nssa_core::{
         Commitment, DUMMY_COMMITMENT_HASH, EncryptionScheme, Nullifier, SharedSecretKey,
         account::{Account, AccountId, AccountWithMetadata, Nonce, data::Data},
+        program::PdaSeed,
     };
 
     use super::*;
@@ -213,11 +206,8 @@ mod tests {
             AccountId::new([0; 32]),
         );
 
-        let recipient = AccountWithMetadata::new(
-            Account::default(),
-            false,
-            AccountId::from(&recipient_keys.npk()),
-        );
+        let recipient_account_id = AccountId::from((&recipient_keys.npk(), 0));
+        let recipient = AccountWithMetadata::new(Account::default(), false, recipient_account_id);
 
         let balance_to_move: u128 = 37;
 
@@ -231,7 +221,7 @@ mod tests {
         let expected_recipient_post = Account {
             program_owner: program.id(),
             balance: balance_to_move,
-            nonce: Nonce::private_account_nonce_init(&recipient_keys.npk()),
+            nonce: Nonce::private_account_nonce_init(&recipient_account_id),
             data: Data::default(),
         };
 
@@ -243,10 +233,14 @@ mod tests {
         let (output, proof) = execute_and_prove(
             vec![sender, recipient],
             Program::serialize_instruction(balance_to_move).unwrap(),
-            vec![0, 2],
-            vec![(recipient_keys.npk(), shared_secret)],
-            vec![],
-            vec![None],
+            vec![
+                InputAccountIdentity::Public,
+                InputAccountIdentity::PrivateUnauthorized {
+                    npk: recipient_keys.npk(),
+                    ssk: shared_secret,
+                    identifier: 0,
+                },
+            ],
             &Program::authenticated_transfer_program().into(),
         )
         .unwrap();
@@ -261,7 +255,7 @@ mod tests {
         assert_eq!(output.new_nullifiers.len(), 1);
         assert_eq!(output.ciphertexts.len(), 1);
 
-        let recipient_post = EncryptionScheme::decrypt(
+        let (_identifier, recipient_post) = EncryptionScheme::decrypt(
             &output.ciphertexts[0],
             &shared_secret,
             &output.new_commitments[0],
@@ -286,27 +280,24 @@ mod tests {
                 data: Data::default(),
             },
             true,
-            AccountId::from(&sender_keys.npk()),
+            AccountId::from((&sender_keys.npk(), 0)),
         );
-        let commitment_sender = Commitment::new(&sender_keys.npk(), &sender_pre.account);
+        let sender_account_id = AccountId::from((&sender_keys.npk(), 0));
+        let commitment_sender = Commitment::new(&sender_account_id, &sender_pre.account);
 
-        let recipient = AccountWithMetadata::new(
-            Account::default(),
-            false,
-            AccountId::from(&recipient_keys.npk()),
-        );
+        let recipient_account_id = AccountId::from((&recipient_keys.npk(), 0));
+        let recipient = AccountWithMetadata::new(Account::default(), false, recipient_account_id);
         let balance_to_move: u128 = 37;
 
         let mut commitment_set = CommitmentSet::with_capacity(2);
         commitment_set.extend(std::slice::from_ref(&commitment_sender));
-
         let expected_new_nullifiers = vec![
             (
                 Nullifier::for_account_update(&commitment_sender, &sender_keys.nsk),
                 commitment_set.digest(),
             ),
             (
-                Nullifier::for_account_initialization(&recipient_keys.npk()),
+                Nullifier::for_account_initialization(&recipient_account_id),
                 DUMMY_COMMITMENT_HASH,
             ),
         ];
@@ -322,12 +313,12 @@ mod tests {
         let expected_private_account_2 = Account {
             program_owner: program.id(),
             balance: balance_to_move,
-            nonce: Nonce::private_account_nonce_init(&recipient_keys.npk()),
+            nonce: Nonce::private_account_nonce_init(&recipient_account_id),
             ..Default::default()
         };
         let expected_new_commitments = vec![
-            Commitment::new(&sender_keys.npk(), &expected_private_account_1),
-            Commitment::new(&recipient_keys.npk(), &expected_private_account_2),
+            Commitment::new(&sender_account_id, &expected_private_account_1),
+            Commitment::new(&recipient_account_id, &expected_private_account_2),
         ];
 
         let esk_1 = [3; 32];
@@ -339,13 +330,21 @@ mod tests {
         let (output, proof) = execute_and_prove(
             vec![sender_pre, recipient],
             Program::serialize_instruction(balance_to_move).unwrap(),
-            vec![1, 2],
             vec![
-                (sender_keys.npk(), shared_secret_1),
-                (recipient_keys.npk(), shared_secret_2),
+                InputAccountIdentity::PrivateAuthorizedUpdate {
+                    ssk: shared_secret_1,
+                    nsk: sender_keys.nsk,
+                    membership_proof: commitment_set
+                        .get_proof_for(&commitment_sender)
+                        .expect("sender's commitment must be in the set"),
+                    identifier: 0,
+                },
+                InputAccountIdentity::PrivateUnauthorized {
+                    npk: recipient_keys.npk(),
+                    ssk: shared_secret_2,
+                    identifier: 0,
+                },
             ],
-            vec![sender_keys.nsk],
-            vec![commitment_set.get_proof_for(&commitment_sender), None],
             &program.into(),
         )
         .unwrap();
@@ -357,7 +356,7 @@ mod tests {
         assert_eq!(output.new_nullifiers, expected_new_nullifiers);
         assert_eq!(output.ciphertexts.len(), 2);
 
-        let sender_post = EncryptionScheme::decrypt(
+        let (_identifier, sender_post) = EncryptionScheme::decrypt(
             &output.ciphertexts[0],
             &shared_secret_1,
             &expected_new_commitments[0],
@@ -366,7 +365,7 @@ mod tests {
         .unwrap();
         assert_eq!(sender_post, expected_private_account_1);
 
-        let recipient_post = EncryptionScheme::decrypt(
+        let (_identifier, recipient_post) = EncryptionScheme::decrypt(
             &output.ciphertexts[1],
             &shared_secret_2,
             &expected_new_commitments[1],
@@ -382,7 +381,7 @@ mod tests {
         let pre = AccountWithMetadata::new(
             Account::default(),
             false,
-            AccountId::from(&account_keys.npk()),
+            AccountId::from((&account_keys.npk(), 0)),
         );
 
         let validity_window_chain_caller = Program::validity_window_chain_caller();
@@ -408,13 +407,116 @@ mod tests {
         let result = execute_and_prove(
             vec![pre],
             instruction,
-            vec![2],
-            vec![(account_keys.npk(), shared_secret)],
-            vec![],
-            vec![None],
+            vec![InputAccountIdentity::PrivateUnauthorized {
+                npk: account_keys.npk(),
+                ssk: shared_secret,
+                identifier: 0,
+            }],
             &program_with_deps,
         );
 
         assert!(matches!(result, Err(NssaError::CircuitProvingError(_))));
     }
+
+    /// Group PDA deposit: creates a new PDA and transfers balance from the
+    /// counterparty. Both accounts owned by `private_pda_spender`.
+    #[test]
+    fn group_pda_deposit() {
+        let program = Program::private_pda_spender();
+        let noop = Program::noop();
+        let keys = test_private_account_keys_1();
+        let npk = keys.npk();
+        let seed = PdaSeed::new([42; 32]);
+        let shared_secret_pda = SharedSecretKey::new(&[55; 32], &keys.vpk());
+
+        // PDA (new, mask 3)
+        let pda_id = AccountId::for_private_pda(&program.id(), &seed, &npk);
+        let pda_pre = AccountWithMetadata::new(Account::default(), false, pda_id);
+
+        // Sender (mask 0, public, owned by this program, has balance)
+        let sender_id = AccountId::new([99; 32]);
+        let sender_pre = AccountWithMetadata::new(
+            Account {
+                program_owner: program.id(),
+                balance: 10000,
+                ..Account::default()
+            },
+            true,
+            sender_id,
+        );
+
+        let noop_id = noop.id();
+        let program_with_deps = ProgramWithDependencies::new(program, [(noop_id, noop)].into());
+
+        let instruction = Program::serialize_instruction((seed, noop_id, 500_u128, true)).unwrap();
+
+        // PDA is mask 3 (private PDA), sender is mask 0 (public).
+        // The noop chained call is required to establish the mask-3 (seed, npk) binding
+        // that the circuit enforces for private PDAs. Without a caller providing pda_seeds,
+        // the circuit's binding check rejects the account.
+        let result = execute_and_prove(
+            vec![pda_pre, sender_pre],
+            instruction,
+            vec![
+                InputAccountIdentity::PrivatePdaInit {
+                    npk,
+                    ssk: shared_secret_pda,
+                },
+                InputAccountIdentity::Public,
+            ],
+            &program_with_deps,
+        );
+
+        let (output, _proof) = result.expect("group PDA deposit should succeed");
+        // Only PDA (mask 3) produces a commitment; sender (mask 0) is public.
+        assert_eq!(output.new_commitments.len(), 1);
+    }
+
+    /// Group PDA spend binding: the noop chained call with `pda_seeds` establishes
+    /// the mask-3 binding for an existing-but-default PDA. Uses amount=0 because
+    /// testing with a pre-funded PDA requires a two-tx sequence with membership proofs.
+    #[test]
+    fn group_pda_spend_binding() {
+        let program = Program::private_pda_spender();
+        let noop = Program::noop();
+        let keys = test_private_account_keys_1();
+        let npk = keys.npk();
+        let seed = PdaSeed::new([42; 32]);
+        let shared_secret_pda = SharedSecretKey::new(&[55; 32], &keys.vpk());
+
+        let pda_id = AccountId::for_private_pda(&program.id(), &seed, &npk);
+        let pda_pre = AccountWithMetadata::new(Account::default(), false, pda_id);
+
+        let bob_id = AccountId::new([88; 32]);
+        let bob_pre = AccountWithMetadata::new(
+            Account {
+                program_owner: program.id(),
+                balance: 10000,
+                ..Account::default()
+            },
+            true,
+            bob_id,
+        );
+
+        let noop_id = noop.id();
+        let program_with_deps = ProgramWithDependencies::new(program, [(noop_id, noop)].into());
+
+        let instruction = Program::serialize_instruction((seed, noop_id, 0_u128, false)).unwrap();
+
+        let result = execute_and_prove(
+            vec![pda_pre, bob_pre],
+            instruction,
+            vec![
+                InputAccountIdentity::PrivatePdaInit {
+                    npk,
+                    ssk: shared_secret_pda,
+                },
+                InputAccountIdentity::Public,
+            ],
+            &program_with_deps,
+        );
+
+        let (output, _proof) = result.expect("group PDA spend binding should succeed");
+        assert_eq!(output.new_commitments.len(), 1);
+    }
 }
diff --git a/nssa/src/privacy_preserving_transaction/message.rs b/nssa/src/privacy_preserving_transaction/message.rs
index 85f4a202..697f66ac 100644
--- a/nssa/src/privacy_preserving_transaction/message.rs
+++ b/nssa/src/privacy_preserving_transaction/message.rs
@@ -9,6 +9,8 @@ use sha2::{Digest as _, Sha256};
 
 use crate::{AccountId, error::NssaError};
 
+const PREFIX: &[u8; 32] = b"/LEE/v0.3/Message/Privacy/\x00\x00\x00\x00\x00\x00";
+
 pub type ViewTag = u8;
 
 #[derive(Debug, Clone, PartialEq, Eq, BorshSerialize, BorshDeserialize)]
@@ -118,22 +120,34 @@ impl Message {
             timestamp_validity_window: output.timestamp_validity_window,
         })
     }
+
+    #[must_use]
+    pub fn hash(&self) -> [u8; 32] {
+        let msg = self.to_bytes();
+        let mut bytes = Vec::with_capacity(
+            PREFIX
+                .len()
+                .checked_add(msg.len())
+                .expect("length overflow"),
+        );
+        bytes.extend_from_slice(PREFIX);
+        bytes.extend_from_slice(&msg);
+
+        Sha256::digest(bytes).into()
+    }
 }
 
 #[cfg(test)]
 pub mod tests {
     use nssa_core::{
         Commitment, EncryptionScheme, Nullifier, NullifierPublicKey, SharedSecretKey,
-        account::Account,
+        account::{Account, AccountId, Nonce},
         encryption::{EphemeralPublicKey, ViewingPublicKey},
         program::{BlockValidityWindow, TimestampValidityWindow},
     };
     use sha2::{Digest as _, Sha256};
 
-    use crate::{
-        AccountId,
-        privacy_preserving_transaction::message::{EncryptedAccountData, Message},
-    };
+    use super::{EncryptedAccountData, Message, PREFIX};
 
     #[must_use]
     pub fn message_for_tests() -> Message {
@@ -154,9 +168,11 @@ pub mod tests {
 
         let encrypted_private_post_states = Vec::new();
 
-        let new_commitments = vec![Commitment::new(&npk2, &account2)];
+        let account_id2 = nssa_core::account::AccountId::from((&npk2, 0));
+        let new_commitments = vec![Commitment::new(&account_id2, &account2)];
 
-        let old_commitment = Commitment::new(&npk1, &account1);
+        let account_id1 = nssa_core::account::AccountId::from((&npk1, 0));
+        let old_commitment = Commitment::new(&account_id1, &account1);
         let new_nullifiers = vec![(
             Nullifier::for_account_update(&old_commitment, &nsk1),
             [0; 32],
@@ -174,16 +190,69 @@ pub mod tests {
         }
     }
 
+    #[test]
+    fn hash_privacy_pinned() {
+        let msg = Message {
+            public_account_ids: vec![AccountId::new([42_u8; 32])],
+            nonces: vec![Nonce(5)],
+            public_post_states: vec![],
+            encrypted_private_post_states: vec![],
+            new_commitments: vec![],
+            new_nullifiers: vec![],
+            block_validity_window: BlockValidityWindow::new_unbounded(),
+            timestamp_validity_window: TimestampValidityWindow::new_unbounded(),
+        };
+
+        let public_account_ids_bytes: &[u8] = &[42_u8; 32];
+        let nonces_bytes: &[u8] = &[1, 0, 0, 0, 5, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0];
+        // all remaining vec fields are empty: u32 len=0
+        let empty_vec_bytes: &[u8] = &[0_u8; 4];
+        // validity windows: unbounded = {from: None (0u8), to: None (0u8)}
+        let unbounded_window_bytes: &[u8] = &[0_u8; 2];
+
+        let expected_borsh_vec: Vec<u8> = [
+            &[1_u8, 0, 0, 0], // public_account_ids
+            public_account_ids_bytes,
+            nonces_bytes,
+            empty_vec_bytes,        // public_post_state
+            empty_vec_bytes,        // encrypted_private_post_states
+            empty_vec_bytes,        // new_commitments
+            empty_vec_bytes,        // new_nullifiers
+            unbounded_window_bytes, // block_validity_window
+            unbounded_window_bytes, // timestamp_validity_window
+        ]
+        .concat();
+        let expected_borsh: &[u8] = &expected_borsh_vec;
+
+        assert_eq!(
+            borsh::to_vec(&msg).unwrap(),
+            expected_borsh,
+            "`privacy_preserving_transaction::hash()`: expected borsh order has changed"
+        );
+
+        let mut preimage = Vec::with_capacity(PREFIX.len() + expected_borsh.len());
+        preimage.extend_from_slice(PREFIX);
+        preimage.extend_from_slice(expected_borsh);
+        let expected_hash: [u8; 32] = Sha256::digest(&preimage).into();
+
+        assert_eq!(
+            msg.hash(),
+            expected_hash,
+            "`privacy_preserving_transaction::hash()`: serialization has changed"
+        );
+    }
+
     #[test]
     fn encrypted_account_data_constructor() {
         let npk = NullifierPublicKey::from(&[1; 32]);
         let vpk = ViewingPublicKey::from_scalar([2; 32]);
         let account = Account::default();
-        let commitment = Commitment::new(&npk, &account);
+        let account_id = nssa_core::account::AccountId::from((&npk, 0));
+        let commitment = Commitment::new(&account_id, &account);
         let esk = [3; 32];
         let shared_secret = SharedSecretKey::new(&esk, &vpk);
         let epk = EphemeralPublicKey::from_scalar(esk);
-        let ciphertext = EncryptionScheme::encrypt(&account, &shared_secret, &commitment, 2);
+        let ciphertext = EncryptionScheme::encrypt(&account, 0, &shared_secret, &commitment, 2);
         let encrypted_account_data =
             EncryptedAccountData::new(ciphertext.clone(), &npk, &vpk, epk.clone());
 
diff --git a/nssa/src/privacy_preserving_transaction/witness_set.rs b/nssa/src/privacy_preserving_transaction/witness_set.rs
index 373bbc9c..e17df90c 100644
--- a/nssa/src/privacy_preserving_transaction/witness_set.rs
+++ b/nssa/src/privacy_preserving_transaction/witness_set.rs
@@ -14,12 +14,12 @@ pub struct WitnessSet {
 impl WitnessSet {
     #[must_use]
     pub fn for_message(message: &Message, proof: Proof, private_keys: &[&PrivateKey]) -> Self {
-        let message_bytes = message.to_bytes();
+        let message_hash = message.hash();
         let signatures_and_public_keys = private_keys
             .iter()
             .map(|&key| {
                 (
-                    Signature::new(key, &message_bytes),
+                    Signature::new(key, &message_hash),
                     PublicKey::new_from_private_key(key),
                 )
             })
@@ -32,9 +32,9 @@ impl WitnessSet {
 
     #[must_use]
     pub fn signatures_are_valid_for(&self, message: &Message) -> bool {
-        let message_bytes = message.to_bytes();
+        let message_hash = message.hash();
         for (signature, public_key) in self.signatures_and_public_keys() {
-            if !signature.is_valid_for(&message_bytes, public_key) {
+            if !signature.is_valid_for(&message_hash, public_key) {
                 return false;
             }
         }
diff --git a/nssa/src/program.rs b/nssa/src/program.rs
index b8c3fe77..a214b055 100644
--- a/nssa/src/program.rs
+++ b/nssa/src/program.rs
@@ -312,6 +312,16 @@ mod tests {
             }
         }
 
+        #[must_use]
+        pub fn private_pda_spender() -> Self {
+            use test_program_methods::{PRIVATE_PDA_SPENDER_ELF, PRIVATE_PDA_SPENDER_ID};
+
+            Self {
+                id: PRIVATE_PDA_SPENDER_ID,
+                elf: PRIVATE_PDA_SPENDER_ELF.to_vec(),
+            }
+        }
+
         #[must_use]
         pub fn two_pda_claimer() -> Self {
             use test_program_methods::{TWO_PDA_CLAIMER_ELF, TWO_PDA_CLAIMER_ID};
diff --git a/nssa/src/public_transaction/message.rs b/nssa/src/public_transaction/message.rs
index d4838b87..3ab7d74c 100644
--- a/nssa/src/public_transaction/message.rs
+++ b/nssa/src/public_transaction/message.rs
@@ -4,9 +4,12 @@ use nssa_core::{
     program::{InstructionData, ProgramId},
 };
 use serde::Serialize;
+use sha2::{Digest as _, Sha256};
 
 use crate::{AccountId, error::NssaError, program::Program};
 
+const PREFIX: &[u8; 32] = b"/LEE/v0.3/Message/Public/\x00\x00\x00\x00\x00\x00\x00";
+
 #[derive(Clone, PartialEq, Eq, BorshSerialize, BorshDeserialize)]
 pub struct Message {
     pub program_id: ProgramId,
@@ -63,4 +66,74 @@ impl Message {
             instruction_data,
         }
     }
+
+    #[must_use]
+    pub fn hash(&self) -> [u8; 32] {
+        let mut bytes = Vec::with_capacity(
+            PREFIX
+                .len()
+                .checked_add(self.to_bytes().len())
+                .expect("length overflow"),
+        );
+        bytes.extend_from_slice(PREFIX);
+        bytes.extend_from_slice(&self.to_bytes());
+
+        Sha256::digest(bytes).into()
+    }
+}
+
+#[cfg(test)]
+mod tests {
+    use nssa_core::account::{AccountId, Nonce};
+    use sha2::{Digest as _, Sha256};
+
+    use super::{Message, PREFIX};
+
+    #[test]
+    fn hash_public_pinned() {
+        let msg = Message::new_preserialized(
+            [1_u32; 8],
+            vec![AccountId::new([42_u8; 32])],
+            vec![Nonce(5)],
+            vec![],
+        );
+
+        // program_id: [1_u32; 8], each word as LE u32
+        let program_id_bytes: &[u8] = &[
+            1, 0, 0, 0, 1, 0, 0, 0, 1, 0, 0, 0, 1, 0, 0, 0, 1, 0, 0, 0, 1, 0, 0, 0, 1, 0, 0, 0, 1,
+            0, 0, 0,
+        ];
+        // account_ids: AccountId([42_u8; 32])
+        let account_ids_bytes: &[u8] = &[42_u8; 32];
+        // nonces: u32 len=1, then Nonce(5) as LE u128
+        let nonces_bytes: &[u8] = &[1, 0, 0, 0, 5, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0];
+        let instruction_data_bytes: &[u8] = &[0_u8; 4];
+
+        let expected_borsh_vec: Vec<u8> = [
+            program_id_bytes,
+            &[1_u8, 0, 0, 0], // account_ids len=1
+            account_ids_bytes,
+            nonces_bytes,
+            instruction_data_bytes,
+        ]
+        .concat();
+        let expected_borsh: &[u8] = &expected_borsh_vec;
+
+        assert_eq!(
+            borsh::to_vec(&msg).unwrap(),
+            expected_borsh,
+            "`public_transaction::hash()`: expected borsh order has changed"
+        );
+
+        let mut preimage = Vec::with_capacity(PREFIX.len() + expected_borsh.len());
+        preimage.extend_from_slice(PREFIX);
+        preimage.extend_from_slice(expected_borsh);
+        let expected_hash: [u8; 32] = Sha256::digest(&preimage).into();
+
+        assert_eq!(
+            msg.hash(),
+            expected_hash,
+            "`public_transaction::hash()`: serialization has changed"
+        );
+    }
 }
diff --git a/nssa/src/public_transaction/witness_set.rs b/nssa/src/public_transaction/witness_set.rs
index d6b32891..1605f488 100644
--- a/nssa/src/public_transaction/witness_set.rs
+++ b/nssa/src/public_transaction/witness_set.rs
@@ -10,12 +10,12 @@ pub struct WitnessSet {
 impl WitnessSet {
     #[must_use]
     pub fn for_message(message: &Message, private_keys: &[&PrivateKey]) -> Self {
-        let message_bytes = message.to_bytes();
+        let message_hash = message.hash();
         let signatures_and_public_keys = private_keys
             .iter()
             .map(|&key| {
                 (
-                    Signature::new(key, &message_bytes),
+                    Signature::new(key, &message_hash),
                     PublicKey::new_from_private_key(key),
                 )
             })
@@ -27,9 +27,9 @@ impl WitnessSet {
 
     #[must_use]
     pub fn is_valid_for(&self, message: &Message) -> bool {
-        let message_bytes = message.to_bytes();
+        let message_hash = message.hash();
         for (signature, public_key) in self.signatures_and_public_keys() {
-            if !signature.is_valid_for(&message_bytes, public_key) {
+            if !signature.is_valid_for(&message_hash, public_key) {
                 return false;
             }
         }
@@ -75,7 +75,7 @@ mod tests {
 
         assert_eq!(witness_set.signatures_and_public_keys.len(), 2);
 
-        let message_bytes = message.to_bytes();
+        let message_bytes = message.hash();
         for ((signature, public_key), expected_public_key) in witness_set
             .signatures_and_public_keys
             .into_iter()
diff --git a/nssa/src/signature/bip340_test_vectors.rs b/nssa/src/signature/bip340_test_vectors.rs
index e316db5e..ac3eb044 100644
--- a/nssa/src/signature/bip340_test_vectors.rs
+++ b/nssa/src/signature/bip340_test_vectors.rs
@@ -4,7 +4,7 @@ pub struct TestVector {
     pub seckey: Option<PrivateKey>,
     pub pubkey: PublicKey,
     pub aux_rand: Option<[u8; 32]>,
-    pub message: Option<Vec<u8>>,
+    pub message: [u8; 32],
     pub signature: Signature,
     pub verification_result: bool,
 }
@@ -15,18 +15,21 @@ pub struct TestVector {
 pub fn test_vectors() -> Vec<TestVector> {
     vec![
         TestVector {
-            seckey: Some(PrivateKey::try_new(hex_to_bytes(
-                "0000000000000000000000000000000000000000000000000000000000000003",
-            )).unwrap()),
+            seckey: Some(
+                PrivateKey::try_new(hex_to_bytes(
+                    "0000000000000000000000000000000000000000000000000000000000000003",
+                ))
+                .unwrap(),
+            ),
             pubkey: PublicKey::try_new(hex_to_bytes(
                 "F9308A019258C31049344F85F89D5229B531C845836F99B08601F113BCE036F9",
-            )).unwrap(),
+            ))
+            .unwrap(),
             aux_rand: Some(hex_to_bytes::<32>(
                 "0000000000000000000000000000000000000000000000000000000000000000",
             )),
-            message: Some(
-                hex::decode("0000000000000000000000000000000000000000000000000000000000000000")
-                    .unwrap(),
+            message: hex_to_bytes::<32>(
+                "0000000000000000000000000000000000000000000000000000000000000000",
             ),
             signature: Signature {
                 value: hex_to_bytes(
@@ -36,18 +39,21 @@ pub fn test_vectors() -> Vec<TestVector> {
             verification_result: true,
         },
         TestVector {
-            seckey: Some(PrivateKey::try_new(hex_to_bytes(
-                "B7E151628AED2A6ABF7158809CF4F3C762E7160F38B4DA56A784D9045190CFEF",
-            )).unwrap()),
+            seckey: Some(
+                PrivateKey::try_new(hex_to_bytes(
+                    "B7E151628AED2A6ABF7158809CF4F3C762E7160F38B4DA56A784D9045190CFEF",
+                ))
+                .unwrap(),
+            ),
             pubkey: PublicKey::try_new(hex_to_bytes(
                 "DFF1D77F2A671C5F36183726DB2341BE58FEAE1DA2DECED843240F7B502BA659",
-            )).unwrap(),
+            ))
+            .unwrap(),
             aux_rand: Some(hex_to_bytes::<32>(
                 "0000000000000000000000000000000000000000000000000000000000000001",
             )),
-            message: Some(
-                hex::decode("243F6A8885A308D313198A2E03707344A4093822299F31D0082EFA98EC4E6C89")
-                    .unwrap(),
+            message: hex_to_bytes::<32>(
+                "243F6A8885A308D313198A2E03707344A4093822299F31D0082EFA98EC4E6C89",
             ),
             signature: Signature {
                 value: hex_to_bytes(
@@ -57,18 +63,21 @@ pub fn test_vectors() -> Vec<TestVector> {
             verification_result: true,
         },
         TestVector {
-            seckey: Some(PrivateKey::try_new(hex_to_bytes(
-                "C90FDAA22168C234C4C6628B80DC1CD129024E088A67CC74020BBEA63B14E5C9",
-            )).unwrap()),
+            seckey: Some(
+                PrivateKey::try_new(hex_to_bytes(
+                    "C90FDAA22168C234C4C6628B80DC1CD129024E088A67CC74020BBEA63B14E5C9",
+                ))
+                .unwrap(),
+            ),
             pubkey: PublicKey::try_new(hex_to_bytes(
                 "DD308AFEC5777E13121FA72B9CC1B7CC0139715309B086C960E18FD969774EB8",
-            )).unwrap(),
+            ))
+            .unwrap(),
             aux_rand: Some(hex_to_bytes::<32>(
                 "C87AA53824B4D7AE2EB035A2B5BBBCCC080E76CDC6D1692C4B0B62D798E6D906",
             )),
-            message: Some(
-                hex::decode("7E2D58D8B3BCDF1ABADEC7829054F90DDA9805AAB56C77333024B9D0A508B75C")
-                    .unwrap(),
+            message: hex_to_bytes::<32>(
+                "7E2D58D8B3BCDF1ABADEC7829054F90DDA9805AAB56C77333024B9D0A508B75C",
             ),
             signature: Signature {
                 value: hex_to_bytes(
@@ -78,18 +87,21 @@ pub fn test_vectors() -> Vec<TestVector> {
             verification_result: true,
         },
         TestVector {
-            seckey: Some(PrivateKey::try_new(hex_to_bytes(
-                "0B432B2677937381AEF05BB02A66ECD012773062CF3FA2549E44F58ED2401710",
-            )).unwrap()),
+            seckey: Some(
+                PrivateKey::try_new(hex_to_bytes(
+                    "0B432B2677937381AEF05BB02A66ECD012773062CF3FA2549E44F58ED2401710",
+                ))
+                .unwrap(),
+            ),
             pubkey: PublicKey::try_new(hex_to_bytes(
                 "25D1DFF95105F5253C4022F628A996AD3A0D95FBF21D468A1B33F8C160D8F517",
-            )).unwrap(),
+            ))
+            .unwrap(),
             aux_rand: Some(hex_to_bytes::<32>(
                 "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF",
             )),
-            message: Some(
-                hex::decode("FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF")
-                    .unwrap(),
+            message: hex_to_bytes::<32>(
+                "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF",
             ),
             signature: Signature {
                 value: hex_to_bytes(
@@ -102,11 +114,11 @@ pub fn test_vectors() -> Vec<TestVector> {
             seckey: None,
             pubkey: PublicKey::try_new(hex_to_bytes(
                 "D69C3509BB99E412E68B0FE8544E72837DFA30746D8BE2AA65975F29D22DC7B9",
-            )).unwrap(),
+            ))
+            .unwrap(),
             aux_rand: None,
-            message: Some(
-                hex::decode("4DF3C3F68FCC83B27E9D42C90431A72499F17875C81A599B566C9889B9696703")
-                    .unwrap(),
+            message: hex_to_bytes::<32>(
+                "4DF3C3F68FCC83B27E9D42C90431A72499F17875C81A599B566C9889B9696703",
             ),
             signature: Signature {
                 value: hex_to_bytes(
@@ -122,13 +134,15 @@ pub fn test_vectors() -> Vec<TestVector> {
         //                     "EEFDEA4CDB677750A420FEE807EACF21EB9898AE79B9768766E4FAA04A2D4A34",
         //                 )).unwrap(),
         //     aux_rand: None,
-        //     message: Some(
-        //                     hex::decode("243F6A8885A308D313198A2E03707344A4093822299F31D0082EFA98EC4E6C89").unwrap(),
-        //                 ),
+        //     message:
+        //
+        // hex::decode("243F6A8885A308D313198A2E03707344A4093822299F31D0082EFA98EC4E6C89").
+        // unwrap(),                 ),
         //     signature: Signature {
         //                     value: hex_to_bytes(
-        //                         "6CFF5C3BA86C69EA4B7376F31A9BCB4F74C1976089B2D9963DA2E5543E17776969E89B4C5564D00349106B8497785DD7D1D713A8AE82B32FA79D5F7FC407D39B",
-        //                     ),
+        //
+        // "6CFF5C3BA86C69EA4B7376F31A9BCB4F74C1976089B2D9963DA2E5543E17776969E89B4C5564D00349106B8497785DD7D1D713A8AE82B32FA79D5F7FC407D39B"
+        // ,                     ),
         //                 },
         //     verification_result: false,
         // },
@@ -136,11 +150,11 @@ pub fn test_vectors() -> Vec<TestVector> {
             seckey: None,
             pubkey: PublicKey::try_new(hex_to_bytes(
                 "DFF1D77F2A671C5F36183726DB2341BE58FEAE1DA2DECED843240F7B502BA659",
-            )).unwrap(),
+            ))
+            .unwrap(),
             aux_rand: None,
-            message: Some(
-                hex::decode("243F6A8885A308D313198A2E03707344A4093822299F31D0082EFA98EC4E6C89")
-                    .unwrap(),
+            message: hex_to_bytes::<32>(
+                "243F6A8885A308D313198A2E03707344A4093822299F31D0082EFA98EC4E6C89",
             ),
             signature: Signature {
                 value: hex_to_bytes(
@@ -153,11 +167,11 @@ pub fn test_vectors() -> Vec<TestVector> {
             seckey: None,
             pubkey: PublicKey::try_new(hex_to_bytes(
                 "DFF1D77F2A671C5F36183726DB2341BE58FEAE1DA2DECED843240F7B502BA659",
-            )).unwrap(),
+            ))
+            .unwrap(),
             aux_rand: None,
-            message: Some(
-                hex::decode("243F6A8885A308D313198A2E03707344A4093822299F31D0082EFA98EC4E6C89")
-                    .unwrap(),
+            message: hex_to_bytes::<32>(
+                "243F6A8885A308D313198A2E03707344A4093822299F31D0082EFA98EC4E6C89",
             ),
             signature: Signature {
                 value: hex_to_bytes(
@@ -170,11 +184,11 @@ pub fn test_vectors() -> Vec<TestVector> {
             seckey: None,
             pubkey: PublicKey::try_new(hex_to_bytes(
                 "DFF1D77F2A671C5F36183726DB2341BE58FEAE1DA2DECED843240F7B502BA659",
-            )).unwrap(),
+            ))
+            .unwrap(),
             aux_rand: None,
-            message: Some(
-                hex::decode("243F6A8885A308D313198A2E03707344A4093822299F31D0082EFA98EC4E6C89")
-                    .unwrap(),
+            message: hex_to_bytes::<32>(
+                "243F6A8885A308D313198A2E03707344A4093822299F31D0082EFA98EC4E6C89",
             ),
             signature: Signature {
                 value: hex_to_bytes(
@@ -187,11 +201,11 @@ pub fn test_vectors() -> Vec<TestVector> {
             seckey: None,
             pubkey: PublicKey::try_new(hex_to_bytes(
                 "DFF1D77F2A671C5F36183726DB2341BE58FEAE1DA2DECED843240F7B502BA659",
-            )).unwrap(),
+            ))
+            .unwrap(),
             aux_rand: None,
-            message: Some(
-                hex::decode("243F6A8885A308D313198A2E03707344A4093822299F31D0082EFA98EC4E6C89")
-                    .unwrap(),
+            message: hex_to_bytes::<32>(
+                "243F6A8885A308D313198A2E03707344A4093822299F31D0082EFA98EC4E6C89",
             ),
             signature: Signature {
                 value: hex_to_bytes(
@@ -204,11 +218,11 @@ pub fn test_vectors() -> Vec<TestVector> {
             seckey: None,
             pubkey: PublicKey::try_new(hex_to_bytes(
                 "DFF1D77F2A671C5F36183726DB2341BE58FEAE1DA2DECED843240F7B502BA659",
-            )).unwrap(),
+            ))
+            .unwrap(),
             aux_rand: None,
-            message: Some(
-                hex::decode("243F6A8885A308D313198A2E03707344A4093822299F31D0082EFA98EC4E6C89")
-                    .unwrap(),
+            message: hex_to_bytes::<32>(
+                "243F6A8885A308D313198A2E03707344A4093822299F31D0082EFA98EC4E6C89",
             ),
             signature: Signature {
                 value: hex_to_bytes(
@@ -221,11 +235,11 @@ pub fn test_vectors() -> Vec<TestVector> {
             seckey: None,
             pubkey: PublicKey::try_new(hex_to_bytes(
                 "DFF1D77F2A671C5F36183726DB2341BE58FEAE1DA2DECED843240F7B502BA659",
-            )).unwrap(),
+            ))
+            .unwrap(),
             aux_rand: None,
-            message: Some(
-                hex::decode("243F6A8885A308D313198A2E03707344A4093822299F31D0082EFA98EC4E6C89")
-                    .unwrap(),
+            message: hex_to_bytes::<32>(
+                "243F6A8885A308D313198A2E03707344A4093822299F31D0082EFA98EC4E6C89",
             ),
             signature: Signature {
                 value: hex_to_bytes(
@@ -238,11 +252,11 @@ pub fn test_vectors() -> Vec<TestVector> {
             seckey: None,
             pubkey: PublicKey::try_new(hex_to_bytes(
                 "DFF1D77F2A671C5F36183726DB2341BE58FEAE1DA2DECED843240F7B502BA659",
-            )).unwrap(),
+            ))
+            .unwrap(),
             aux_rand: None,
-            message: Some(
-                hex::decode("243F6A8885A308D313198A2E03707344A4093822299F31D0082EFA98EC4E6C89")
-                    .unwrap(),
+            message: hex_to_bytes::<32>(
+                "243F6A8885A308D313198A2E03707344A4093822299F31D0082EFA98EC4E6C89",
             ),
             signature: Signature {
                 value: hex_to_bytes(
@@ -255,11 +269,11 @@ pub fn test_vectors() -> Vec<TestVector> {
             seckey: None,
             pubkey: PublicKey::try_new(hex_to_bytes(
                 "DFF1D77F2A671C5F36183726DB2341BE58FEAE1DA2DECED843240F7B502BA659",
-            )).unwrap(),
+            ))
+            .unwrap(),
             aux_rand: None,
-            message: Some(
-                hex::decode("243F6A8885A308D313198A2E03707344A4093822299F31D0082EFA98EC4E6C89")
-                    .unwrap(),
+            message: hex_to_bytes::<32>(
+                "243F6A8885A308D313198A2E03707344A4093822299F31D0082EFA98EC4E6C89",
             ),
             signature: Signature {
                 value: hex_to_bytes(
@@ -275,90 +289,96 @@ pub fn test_vectors() -> Vec<TestVector> {
         //                     "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFFC30",
         //                 )).unwrap(),
         //     aux_rand: None,
-        //     message: Some(
-        //                     hex::decode("243F6A8885A308D313198A2E03707344A4093822299F31D0082EFA98EC4E6C89").unwrap(),
-        //                 ),
+        //     message:
+        //
+        // hex::decode("243F6A8885A308D313198A2E03707344A4093822299F31D0082EFA98EC4E6C89").
+        // unwrap(),                 ),
         //     signature: Signature {
         //                     value: hex_to_bytes(
-        //                         "6CFF5C3BA86C69EA4B7376F31A9BCB4F74C1976089B2D9963DA2E5543E17776969E89B4C5564D00349106B8497785DD7D1D713A8AE82B32FA79D5F7FC407D39B",
-        //                     ),
+        //
+        // "6CFF5C3BA86C69EA4B7376F31A9BCB4F74C1976089B2D9963DA2E5543E17776969E89B4C5564D00349106B8497785DD7D1D713A8AE82B32FA79D5F7FC407D39B"
+        // ,                     ),
         //                 },
         //     verification_result: false,
         // },
-        TestVector {
-            seckey: Some(PrivateKey::try_new(hex_to_bytes(
-                "0340034003400340034003400340034003400340034003400340034003400340",
-            )).unwrap()),
-            pubkey: PublicKey::try_new(hex_to_bytes(
-                "778CAA53B4393AC467774D09497A87224BF9FAB6F6E68B23086497324D6FD117",
-            )).unwrap(),
-            aux_rand: Some(hex_to_bytes::<32>(
-                "0000000000000000000000000000000000000000000000000000000000000000",
-            )),
-            message: None,
-            signature: Signature {
-                value: hex_to_bytes(
-                    "71535DB165ECD9FBBC046E5FFAEA61186BB6AD436732FCCC25291A55895464CF6069CE26BF03466228F19A3A62DB8A649F2D560FAC652827D1AF0574E427AB63",
-                ),
-            },
-            verification_result: true,
-        },
-        TestVector {
-            seckey: Some(PrivateKey::try_new(hex_to_bytes(
-                "0340034003400340034003400340034003400340034003400340034003400340",
-            )).unwrap()),
-            pubkey: PublicKey::try_new(hex_to_bytes(
-                "778CAA53B4393AC467774D09497A87224BF9FAB6F6E68B23086497324D6FD117",
-            )).unwrap(),
-            aux_rand: Some(hex_to_bytes::<32>(
-                "0000000000000000000000000000000000000000000000000000000000000000",
-            )),
-            message: Some(hex::decode("11").unwrap()),
-            signature: Signature {
-                value: hex_to_bytes(
-                    "08A20A0AFEF64124649232E0693C583AB1B9934AE63B4C3511F3AE1134C6A303EA3173BFEA6683BD101FA5AA5DBC1996FE7CACFC5A577D33EC14564CEC2BACBF",
-                ),
-            },
-            verification_result: true,
-        },
-        TestVector {
-            seckey: Some(PrivateKey::try_new(hex_to_bytes(
-                "0340034003400340034003400340034003400340034003400340034003400340",
-            )).unwrap()),
-            pubkey: PublicKey::try_new(hex_to_bytes(
-                "778CAA53B4393AC467774D09497A87224BF9FAB6F6E68B23086497324D6FD117",
-            )).unwrap(),
-            aux_rand: Some(hex_to_bytes::<32>(
-                "0000000000000000000000000000000000000000000000000000000000000000",
-            )),
-            message: Some(hex::decode("0102030405060708090A0B0C0D0E0F1011").unwrap()),
-            signature: Signature {
-                value: hex_to_bytes(
-                    "5130F39A4059B43BC7CAC09A19ECE52B5D8699D1A71E3C52DA9AFDB6B50AC370C4A482B77BF960F8681540E25B6771ECE1E5A37FD80E5A51897C5566A97EA5A5",
-                ),
-            },
-            verification_result: true,
-        },
-        TestVector {
-            seckey: Some(PrivateKey::try_new(hex_to_bytes(
-                "0340034003400340034003400340034003400340034003400340034003400340",
-            )).unwrap()),
-            pubkey: PublicKey::try_new(hex_to_bytes(
-                "778CAA53B4393AC467774D09497A87224BF9FAB6F6E68B23086497324D6FD117",
-            )).unwrap(),
-            aux_rand: Some(hex_to_bytes::<32>(
-                "0000000000000000000000000000000000000000000000000000000000000000",
-            )),
-            message: Some(
-                hex::decode("99999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999").unwrap(),
-            ),
-            signature: Signature {
-                value: hex_to_bytes(
-                    "403B12B0D8555A344175EA7EC746566303321E5DBFA8BE6F091635163ECA79A8585ED3E3170807E7C03B720FC54C7B23897FCBA0E9D0B4A06894CFD249F22367",
-                ),
-            },
-            verification_result: true,
-        },
+        // Test with invalid message length (0); valid test for BIP-340 post 2022.
+        // TestVector {
+        // seckey: PrivateKey::try_new(hex_to_bytes(
+        // "0340034003400340034003400340034003400340034003400340034003400340",
+        // )).unwrap()),
+        // pubkey: PublicKey::try_new(hex_to_bytes(
+        // "778CAA53B4393AC467774D09497A87224BF9FAB6F6E68B23086497324D6FD117",
+        // )).unwrap(),
+        // aux_rand: hex_to_bytes::<32>(
+        // "0000000000000000000000000000000000000000000000000000000000000000",
+        // )),
+        // message: None,
+        // signature: Signature {
+        // value: hex_to_bytes(
+        // "71535DB165ECD9FBBC046E5FFAEA61186BB6AD436732FCCC25291A55895464CF6069CE26BF03466228F19A3A62DB8A649F2D560FAC652827D1AF0574E427AB63",
+        // ),
+        // },
+        // verification_result: true,
+        // },
+        // Test with invalid message length (1); valid test for BIP-340 post 2022.
+        // TestVector {
+        // seckey: PrivateKey::try_new(hex_to_bytes(
+        // "0340034003400340034003400340034003400340034003400340034003400340",
+        // )).unwrap()),
+        // pubkey: PublicKey::try_new(hex_to_bytes(
+        // "778CAA53B4393AC467774D09497A87224BF9FAB6F6E68B23086497324D6FD117",
+        // )).unwrap(),
+        // aux_rand: hex_to_bytes::<32>(
+        // "0000000000000000000000000000000000000000000000000000000000000000",
+        // )),
+        // message: hex::decode("11").unwrap()),
+        // signature: Signature {
+        // value: hex_to_bytes(
+        // "08A20A0AFEF64124649232E0693C583AB1B9934AE63B4C3511F3AE1134C6A303EA3173BFEA6683BD101FA5AA5DBC1996FE7CACFC5A577D33EC14564CEC2BACBF",
+        // ),
+        // },
+        // verification_result: true,
+        // },
+        // Test with invalid message length (17); valid test for BIP-340 post 2022.
+        // TestVector {
+        // seckey: PrivateKey::try_new(hex_to_bytes(
+        // "0340034003400340034003400340034003400340034003400340034003400340",
+        // )).unwrap()),
+        // pubkey: PublicKey::try_new(hex_to_bytes(
+        // "778CAA53B4393AC467774D09497A87224BF9FAB6F6E68B23086497324D6FD117",
+        // )).unwrap(),
+        // aux_rand: hex_to_bytes::<32>(
+        // "0000000000000000000000000000000000000000000000000000000000000000",
+        // )),
+        // message: hex::decode("0102030405060708090A0B0C0D0E0F1011").unwrap()),
+        // signature: Signature {
+        // value: hex_to_bytes(
+        // "5130F39A4059B43BC7CAC09A19ECE52B5D8699D1A71E3C52DA9AFDB6B50AC370C4A482B77BF960F8681540E25B6771ECE1E5A37FD80E5A51897C5566A97EA5A5",
+        // ),
+        // },
+        // erification_result: true,
+        // },
+        // Test with invalid message length (100); valid test for BIP-340 post 2022.
+        // TestVector {
+        // seckey: PrivateKey::try_new(hex_to_bytes(
+        // "0340034003400340034003400340034003400340034003400340034003400340",
+        // )).unwrap()),
+        // pubkey: PublicKey::try_new(hex_to_bytes(
+        // "778CAA53B4393AC467774D09497A87224BF9FAB6F6E68B23086497324D6FD117",
+        // )).unwrap(),
+        // aux_rand: hex_to_bytes::<32>(
+        // "0000000000000000000000000000000000000000000000000000000000000000",
+        // )),
+        // message:
+        // hex::decode("99999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999").unwrap(),
+        // ),
+        // signature: Signature {
+        // value: hex_to_bytes(
+        // "403B12B0D8555A344175EA7EC746566303321E5DBFA8BE6F091635163ECA79A8585ED3E3170807E7C03B720FC54C7B23897FCBA0E9D0B4A06894CFD249F22367",
+        // ),
+        // },
+        // verification_result: true,
+        // },
     ]
 }
 
diff --git a/nssa/src/signature/mod.rs b/nssa/src/signature/mod.rs
index 3a594da6..a46b1ff5 100644
--- a/nssa/src/signature/mod.rs
+++ b/nssa/src/signature/mod.rs
@@ -36,8 +36,10 @@ impl FromStr for Signature {
 }
 
 impl Signature {
+    /// This function expects the incoming message to be prehashed to be pre-2022 BIP-340/Keycard
+    /// compatible.
     #[must_use]
-    pub fn new(key: &PrivateKey, message: &[u8]) -> Self {
+    pub fn new(key: &PrivateKey, message: &[u8; 32]) -> Self {
         let mut aux_random = [0_u8; 32];
         OsRng.fill_bytes(&mut aux_random);
         Self::new_with_aux_random(key, message, aux_random)
@@ -45,14 +47,14 @@ impl Signature {
 
     pub(crate) fn new_with_aux_random(
         key: &PrivateKey,
-        message: &[u8],
+        message: &[u8; 32],
         aux_random: [u8; 32],
     ) -> Self {
         let value = {
             let signing_key = k256::schnorr::SigningKey::from_bytes(key.value())
                 .expect("Expect valid signing key");
             signing_key
-                .sign_raw(message, &aux_random)
+                .sign_prehash_with_aux_rand(message, &aux_random)
                 .expect("Expect to produce a valid signature")
                 .to_bytes()
         };
@@ -61,7 +63,7 @@ impl Signature {
     }
 
     #[must_use]
-    pub fn is_valid_for(&self, bytes: &[u8], public_key: &PublicKey) -> bool {
+    pub fn is_valid_for(&self, bytes: &[u8; 32], public_key: &PublicKey) -> bool {
         let Ok(pk) = k256::schnorr::VerifyingKey::from_bytes(public_key.value()) else {
             return false;
         };
@@ -97,9 +99,8 @@ mod tests {
             let Some(aux_random) = test_vector.aux_rand else {
                 continue;
             };
-            let Some(message) = test_vector.message else {
-                continue;
-            };
+            let message = test_vector.message;
+
             if !test_vector.verification_result {
                 continue;
             }
@@ -114,7 +115,7 @@ mod tests {
     #[test]
     fn signature_verification_from_bip340_test_vectors() {
         for (i, test_vector) in bip340_test_vectors::test_vectors().into_iter().enumerate() {
-            let message = test_vector.message.unwrap_or(vec![]);
+            let message = test_vector.message;
             let expected_result = test_vector.verification_result;
 
             let result = test_vector
diff --git a/nssa/src/state.rs b/nssa/src/state.rs
index f86f429f..9e4d8524 100644
--- a/nssa/src/state.rs
+++ b/nssa/src/state.rs
@@ -362,8 +362,8 @@ pub mod tests {
     use std::collections::HashMap;
 
     use nssa_core::{
-        BlockId, Commitment, Nullifier, NullifierPublicKey, NullifierSecretKey, SharedSecretKey,
-        Timestamp,
+        BlockId, Commitment, InputAccountIdentity, Nullifier, NullifierPublicKey,
+        NullifierSecretKey, SharedSecretKey, Timestamp,
         account::{Account, AccountId, AccountWithMetadata, Nonce, data::Data},
         encryption::{EphemeralPublicKey, Scalar, ViewingPublicKey},
         program::{
@@ -459,7 +459,8 @@ pub mod tests {
 
         #[must_use]
         pub fn with_private_account(mut self, keys: &TestPrivateKeys, account: &Account) -> Self {
-            let commitment = Commitment::new(&keys.npk(), account);
+            let account_id = AccountId::from((&keys.npk(), 0));
+            let commitment = Commitment::new(&account_id, account);
             self.private_state.0.extend(&[commitment]);
             self
         }
@@ -617,13 +618,13 @@ pub mod tests {
             ..Account::default()
         };
 
-        let npk1 = keys1.npk();
-        let npk2 = keys2.npk();
+        let account_id1 = AccountId::from((&keys1.npk(), 0));
+        let account_id2 = AccountId::from((&keys2.npk(), 0));
 
-        let init_commitment1 = Commitment::new(&npk1, &account);
-        let init_commitment2 = Commitment::new(&npk2, &account);
-        let init_nullifier1 = Nullifier::for_account_initialization(&npk1);
-        let init_nullifier2 = Nullifier::for_account_initialization(&npk2);
+        let init_commitment1 = Commitment::new(&account_id1, &account);
+        let init_commitment2 = Commitment::new(&account_id2, &account);
+        let init_nullifier1 = Nullifier::for_account_initialization(&account_id1);
+        let init_nullifier2 = Nullifier::for_account_initialization(&account_id2);
 
         let initial_private_accounts = vec![
             (init_commitment1, init_nullifier1),
@@ -1283,7 +1284,8 @@ pub mod tests {
 
         let sender_nonce = sender.account.nonce;
 
-        let recipient = AccountWithMetadata::new(Account::default(), false, &recipient_keys.npk());
+        let recipient =
+            AccountWithMetadata::new(Account::default(), false, (&recipient_keys.npk(), 0));
 
         let esk = [3; 32];
         let shared_secret = SharedSecretKey::new(&esk, &recipient_keys.vpk());
@@ -1292,10 +1294,14 @@ pub mod tests {
         let (output, proof) = circuit::execute_and_prove(
             vec![sender, recipient],
             Program::serialize_instruction(balance_to_move).unwrap(),
-            vec![0, 2],
-            vec![(recipient_keys.npk(), shared_secret)],
-            vec![],
-            vec![None],
+            vec![
+                InputAccountIdentity::Public,
+                InputAccountIdentity::PrivateUnauthorized {
+                    npk: recipient_keys.npk(),
+                    ssk: shared_secret,
+                    identifier: 0,
+                },
+            ],
             &Program::authenticated_transfer_program().into(),
         )
         .unwrap();
@@ -1320,11 +1326,15 @@ pub mod tests {
         state: &V03State,
     ) -> PrivacyPreservingTransaction {
         let program = Program::authenticated_transfer_program();
-        let sender_commitment = Commitment::new(&sender_keys.npk(), sender_private_account);
-        let sender_pre =
-            AccountWithMetadata::new(sender_private_account.clone(), true, &sender_keys.npk());
+        let sender_account_id = AccountId::from((&sender_keys.npk(), 0));
+        let sender_commitment = Commitment::new(&sender_account_id, sender_private_account);
+        let sender_pre = AccountWithMetadata::new(
+            sender_private_account.clone(),
+            true,
+            (&sender_keys.npk(), 0),
+        );
         let recipient_pre =
-            AccountWithMetadata::new(Account::default(), false, &recipient_keys.npk());
+            AccountWithMetadata::new(Account::default(), false, (&recipient_keys.npk(), 0));
 
         let esk_1 = [3; 32];
         let shared_secret_1 = SharedSecretKey::new(&esk_1, &sender_keys.vpk());
@@ -1337,13 +1347,21 @@ pub mod tests {
         let (output, proof) = circuit::execute_and_prove(
             vec![sender_pre, recipient_pre],
             Program::serialize_instruction(balance_to_move).unwrap(),
-            vec![1, 2],
             vec![
-                (sender_keys.npk(), shared_secret_1),
-                (recipient_keys.npk(), shared_secret_2),
+                InputAccountIdentity::PrivateAuthorizedUpdate {
+                    ssk: shared_secret_1,
+                    nsk: sender_keys.nsk,
+                    membership_proof: state
+                        .get_proof_for_commitment(&sender_commitment)
+                        .expect("sender's commitment must be in state"),
+                    identifier: 0,
+                },
+                InputAccountIdentity::PrivateUnauthorized {
+                    npk: recipient_keys.npk(),
+                    ssk: shared_secret_2,
+                    identifier: 0,
+                },
             ],
-            vec![sender_keys.nsk],
-            vec![state.get_proof_for_commitment(&sender_commitment), None],
             &program.into(),
         )
         .unwrap();
@@ -1372,9 +1390,13 @@ pub mod tests {
         state: &V03State,
     ) -> PrivacyPreservingTransaction {
         let program = Program::authenticated_transfer_program();
-        let sender_commitment = Commitment::new(&sender_keys.npk(), sender_private_account);
-        let sender_pre =
-            AccountWithMetadata::new(sender_private_account.clone(), true, &sender_keys.npk());
+        let sender_account_id = AccountId::from((&sender_keys.npk(), 0));
+        let sender_commitment = Commitment::new(&sender_account_id, sender_private_account);
+        let sender_pre = AccountWithMetadata::new(
+            sender_private_account.clone(),
+            true,
+            (&sender_keys.npk(), 0),
+        );
         let recipient_pre = AccountWithMetadata::new(
             state.get_account_by_id(*recipient_account_id),
             false,
@@ -1388,10 +1410,17 @@ pub mod tests {
         let (output, proof) = circuit::execute_and_prove(
             vec![sender_pre, recipient_pre],
             Program::serialize_instruction(balance_to_move).unwrap(),
-            vec![1, 0],
-            vec![(sender_keys.npk(), shared_secret)],
-            vec![sender_keys.nsk],
-            vec![state.get_proof_for_commitment(&sender_commitment)],
+            vec![
+                InputAccountIdentity::PrivateAuthorizedUpdate {
+                    ssk: shared_secret,
+                    nsk: sender_keys.nsk,
+                    membership_proof: state
+                        .get_proof_for_commitment(&sender_commitment)
+                        .expect("sender's commitment must be in state"),
+                    identifier: 0,
+                },
+                InputAccountIdentity::Public,
+            ],
             &program.into(),
         )
         .unwrap();
@@ -1476,8 +1505,10 @@ pub mod tests {
             &state,
         );
 
+        let sender_account_id = AccountId::from((&sender_keys.npk(), 0));
+        let recipient_account_id = AccountId::from((&recipient_keys.npk(), 0));
         let expected_new_commitment_1 = Commitment::new(
-            &sender_keys.npk(),
+            &sender_account_id,
             &Account {
                 program_owner: Program::authenticated_transfer_program().id(),
                 nonce: sender_nonce.private_account_nonce_increment(&sender_keys.nsk),
@@ -1486,15 +1517,15 @@ pub mod tests {
             },
         );
 
-        let sender_pre_commitment = Commitment::new(&sender_keys.npk(), &sender_private_account);
+        let sender_pre_commitment = Commitment::new(&sender_account_id, &sender_private_account);
         let expected_new_nullifier =
             Nullifier::for_account_update(&sender_pre_commitment, &sender_keys.nsk);
 
         let expected_new_commitment_2 = Commitment::new(
-            &recipient_keys.npk(),
+            &recipient_account_id,
             &Account {
                 program_owner: Program::authenticated_transfer_program().id(),
-                nonce: Nonce::private_account_nonce_init(&recipient_keys.npk()),
+                nonce: Nonce::private_account_nonce_init(&recipient_account_id),
                 balance: balance_to_move,
                 ..Account::default()
             },
@@ -1553,8 +1584,9 @@ pub mod tests {
             &state,
         );
 
+        let sender_account_id = AccountId::from((&sender_keys.npk(), 0));
         let expected_new_commitment = Commitment::new(
-            &sender_keys.npk(),
+            &sender_account_id,
             &Account {
                 program_owner: Program::authenticated_transfer_program().id(),
                 nonce: sender_nonce.private_account_nonce_increment(&sender_keys.nsk),
@@ -1563,7 +1595,7 @@ pub mod tests {
             },
         );
 
-        let sender_pre_commitment = Commitment::new(&sender_keys.npk(), &sender_private_account);
+        let sender_pre_commitment = Commitment::new(&sender_account_id, &sender_private_account);
         let expected_new_nullifier =
             Nullifier::for_account_update(&sender_pre_commitment, &sender_keys.nsk);
 
@@ -1602,10 +1634,7 @@ pub mod tests {
         let result = execute_and_prove(
             vec![public_account],
             Program::serialize_instruction(10_u128).unwrap(),
-            vec![0],
-            vec![],
-            vec![],
-            vec![],
+            vec![InputAccountIdentity::Public],
             &program.into(),
         );
 
@@ -1628,10 +1657,7 @@ pub mod tests {
         let result = execute_and_prove(
             vec![public_account],
             Program::serialize_instruction(10_u128).unwrap(),
-            vec![0],
-            vec![],
-            vec![],
-            vec![],
+            vec![InputAccountIdentity::Public],
             &program.into(),
         );
 
@@ -1654,10 +1680,7 @@ pub mod tests {
         let result = execute_and_prove(
             vec![public_account],
             Program::serialize_instruction(()).unwrap(),
-            vec![0],
-            vec![],
-            vec![],
-            vec![],
+            vec![InputAccountIdentity::Public],
             &program.into(),
         );
 
@@ -1680,10 +1703,7 @@ pub mod tests {
         let result = execute_and_prove(
             vec![public_account],
             Program::serialize_instruction(vec![0]).unwrap(),
-            vec![0],
-            vec![],
-            vec![],
-            vec![],
+            vec![InputAccountIdentity::Public],
             &program.into(),
         );
 
@@ -1714,10 +1734,7 @@ pub mod tests {
         let result = execute_and_prove(
             vec![public_account],
             Program::serialize_instruction(large_data).unwrap(),
-            vec![0],
-            vec![],
-            vec![],
-            vec![],
+            vec![InputAccountIdentity::Public],
             &program.into(),
         );
 
@@ -1740,10 +1757,7 @@ pub mod tests {
         let result = execute_and_prove(
             vec![public_account],
             Program::serialize_instruction(()).unwrap(),
-            vec![0],
-            vec![],
-            vec![],
-            vec![],
+            vec![InputAccountIdentity::Public],
             &program.into(),
         );
 
@@ -1775,10 +1789,7 @@ pub mod tests {
         let result = execute_and_prove(
             vec![public_account_1, public_account_2],
             Program::serialize_instruction(()).unwrap(),
-            vec![0, 0],
-            vec![],
-            vec![],
-            vec![],
+            vec![InputAccountIdentity::Public, InputAccountIdentity::Public],
             &program.into(),
         );
 
@@ -1801,10 +1812,7 @@ pub mod tests {
         let result = execute_and_prove(
             vec![public_account],
             Program::serialize_instruction(()).unwrap(),
-            vec![0],
-            vec![],
-            vec![],
-            vec![],
+            vec![InputAccountIdentity::Public],
             &program.into(),
         );
 
@@ -1836,10 +1844,7 @@ pub mod tests {
         let result = execute_and_prove(
             vec![public_account_1, public_account_2],
             Program::serialize_instruction(10_u128).unwrap(),
-            vec![0, 0],
-            vec![],
-            vec![],
-            vec![],
+            vec![InputAccountIdentity::Public, InputAccountIdentity::Public],
             &program.into(),
         );
 
@@ -1868,170 +1873,11 @@ pub mod tests {
             AccountId::new([1; 32]),
         );
 
-        // Setting only one visibility mask for a circuit execution with two pre_state accounts.
-        let visibility_mask = [0];
+        // Single account_identity entry for a circuit execution with two pre_state accounts.
         let result = execute_and_prove(
             vec![public_account_1, public_account_2],
             Program::serialize_instruction(10_u128).unwrap(),
-            visibility_mask.to_vec(),
-            vec![],
-            vec![],
-            vec![],
-            &program.into(),
-        );
-
-        assert!(matches!(result, Err(NssaError::CircuitProvingError(_))));
-    }
-
-    #[test]
-    fn circuit_fails_if_insufficient_nonces_are_provided() {
-        let program = Program::simple_balance_transfer();
-        let sender_keys = test_private_account_keys_1();
-        let recipient_keys = test_private_account_keys_2();
-        let private_account_1 = AccountWithMetadata::new(
-            Account {
-                program_owner: program.id(),
-                balance: 100,
-                ..Account::default()
-            },
-            true,
-            &sender_keys.npk(),
-        );
-        let private_account_2 =
-            AccountWithMetadata::new(Account::default(), false, &recipient_keys.npk());
-
-        let result = execute_and_prove(
-            vec![private_account_1, private_account_2],
-            Program::serialize_instruction(10_u128).unwrap(),
-            vec![1, 2],
-            vec![
-                (
-                    sender_keys.npk(),
-                    SharedSecretKey::new(&[55; 32], &sender_keys.vpk()),
-                ),
-                (
-                    recipient_keys.npk(),
-                    SharedSecretKey::new(&[56; 32], &recipient_keys.vpk()),
-                ),
-            ],
-            vec![sender_keys.nsk],
-            vec![Some((0, vec![]))],
-            &program.into(),
-        );
-
-        assert!(matches!(result, Err(NssaError::CircuitProvingError(_))));
-    }
-
-    #[test]
-    fn circuit_fails_if_insufficient_keys_are_provided() {
-        let program = Program::simple_balance_transfer();
-        let sender_keys = test_private_account_keys_1();
-        let private_account_1 = AccountWithMetadata::new(
-            Account {
-                program_owner: program.id(),
-                balance: 100,
-                ..Account::default()
-            },
-            true,
-            &sender_keys.npk(),
-        );
-        let private_account_2 =
-            AccountWithMetadata::new(Account::default(), false, AccountId::new([1; 32]));
-
-        // Setting only one key for an execution with two private accounts.
-        let private_account_keys = [(
-            sender_keys.npk(),
-            SharedSecretKey::new(&[55; 32], &sender_keys.vpk()),
-        )];
-        let result = execute_and_prove(
-            vec![private_account_1, private_account_2],
-            Program::serialize_instruction(10_u128).unwrap(),
-            vec![1, 2],
-            private_account_keys.to_vec(),
-            vec![sender_keys.nsk],
-            vec![Some((0, vec![]))],
-            &program.into(),
-        );
-
-        assert!(matches!(result, Err(NssaError::CircuitProvingError(_))));
-    }
-
-    #[test]
-    fn circuit_fails_if_insufficient_commitment_proofs_are_provided() {
-        let program = Program::simple_balance_transfer();
-        let sender_keys = test_private_account_keys_1();
-        let recipient_keys = test_private_account_keys_2();
-        let private_account_1 = AccountWithMetadata::new(
-            Account {
-                program_owner: program.id(),
-                balance: 100,
-                ..Account::default()
-            },
-            true,
-            &sender_keys.npk(),
-        );
-        let private_account_2 =
-            AccountWithMetadata::new(Account::default(), false, &recipient_keys.npk());
-
-        // Setting no second commitment proof.
-        let private_account_membership_proofs = [Some((0, vec![]))];
-        let result = execute_and_prove(
-            vec![private_account_1, private_account_2],
-            Program::serialize_instruction(10_u128).unwrap(),
-            vec![1, 2],
-            vec![
-                (
-                    sender_keys.npk(),
-                    SharedSecretKey::new(&[55; 32], &sender_keys.vpk()),
-                ),
-                (
-                    recipient_keys.npk(),
-                    SharedSecretKey::new(&[56; 32], &recipient_keys.vpk()),
-                ),
-            ],
-            vec![sender_keys.nsk],
-            private_account_membership_proofs.to_vec(),
-            &program.into(),
-        );
-
-        assert!(matches!(result, Err(NssaError::CircuitProvingError(_))));
-    }
-
-    #[test]
-    fn circuit_fails_if_insufficient_auth_keys_are_provided() {
-        let program = Program::simple_balance_transfer();
-        let sender_keys = test_private_account_keys_1();
-        let recipient_keys = test_private_account_keys_2();
-        let private_account_1 = AccountWithMetadata::new(
-            Account {
-                program_owner: program.id(),
-                balance: 100,
-                ..Account::default()
-            },
-            true,
-            &sender_keys.npk(),
-        );
-        let private_account_2 =
-            AccountWithMetadata::new(Account::default(), false, &recipient_keys.npk());
-
-        // Setting no auth key for an execution with one non default private accounts.
-        let private_account_nsks = [];
-        let result = execute_and_prove(
-            vec![private_account_1, private_account_2],
-            Program::serialize_instruction(10_u128).unwrap(),
-            vec![1, 2],
-            vec![
-                (
-                    sender_keys.npk(),
-                    SharedSecretKey::new(&[55; 32], &sender_keys.vpk()),
-                ),
-                (
-                    recipient_keys.npk(),
-                    SharedSecretKey::new(&[56; 32], &recipient_keys.vpk()),
-                ),
-            ],
-            private_account_nsks.to_vec(),
-            vec![],
+            vec![InputAccountIdentity::Public],
             &program.into(),
         );
 
@@ -2050,36 +1896,31 @@ pub mod tests {
                 ..Account::default()
             },
             true,
-            &sender_keys.npk(),
+            (&sender_keys.npk(), 0),
         );
         let private_account_2 =
-            AccountWithMetadata::new(Account::default(), false, &recipient_keys.npk());
+            AccountWithMetadata::new(Account::default(), false, (&recipient_keys.npk(), 0));
 
-        let private_account_keys = [
-            // First private account is the sender
-            (
-                sender_keys.npk(),
-                SharedSecretKey::new(&[55; 32], &sender_keys.vpk()),
-            ),
-            // Second private account is the recipient
-            (
-                recipient_keys.npk(),
-                SharedSecretKey::new(&[56; 32], &recipient_keys.vpk()),
-            ),
-        ];
-
-        // Setting the recipient key to authorize the sender.
-        // This should be set to the sender private account in
-        // a normal circumstance. The recipient can't authorize this.
-        let private_account_nsks = [recipient_keys.nsk];
-        let private_account_membership_proofs = [Some((0, vec![]))];
+        // Setting the recipient nsk to authorize the sender.
+        // This should be set to the sender private account in a normal circumstance.
+        // `PrivateAuthorizedUpdate` derives npk from nsk and asserts equality with
+        // `pre_state.account_id`, so a mismatched nsk fails that check.
         let result = execute_and_prove(
             vec![private_account_1, private_account_2],
             Program::serialize_instruction(10_u128).unwrap(),
-            vec![1, 2],
-            private_account_keys.to_vec(),
-            private_account_nsks.to_vec(),
-            private_account_membership_proofs.to_vec(),
+            vec![
+                InputAccountIdentity::PrivateAuthorizedUpdate {
+                    ssk: SharedSecretKey::new(&[55; 32], &sender_keys.vpk()),
+                    nsk: recipient_keys.nsk,
+                    membership_proof: (0, vec![]),
+                    identifier: 0,
+                },
+                InputAccountIdentity::PrivateUnauthorized {
+                    npk: recipient_keys.npk(),
+                    ssk: SharedSecretKey::new(&[56; 32], &recipient_keys.vpk()),
+                    identifier: 0,
+                },
+            ],
             &program.into(),
         );
 
@@ -2098,7 +1939,7 @@ pub mod tests {
                 ..Account::default()
             },
             true,
-            &sender_keys.npk(),
+            (&sender_keys.npk(), 0),
         );
         let private_account_2 = AccountWithMetadata::new(
             Account {
@@ -2107,25 +1948,25 @@ pub mod tests {
                 ..Account::default()
             },
             false,
-            &recipient_keys.npk(),
+            (&recipient_keys.npk(), 0),
         );
 
         let result = execute_and_prove(
             vec![private_account_1, private_account_2],
             Program::serialize_instruction(10_u128).unwrap(),
-            vec![1, 2],
             vec![
-                (
-                    sender_keys.npk(),
-                    SharedSecretKey::new(&[55; 32], &sender_keys.vpk()),
-                ),
-                (
-                    recipient_keys.npk(),
-                    SharedSecretKey::new(&[56; 32], &recipient_keys.vpk()),
-                ),
+                InputAccountIdentity::PrivateAuthorizedUpdate {
+                    ssk: SharedSecretKey::new(&[55; 32], &sender_keys.vpk()),
+                    nsk: sender_keys.nsk,
+                    membership_proof: (0, vec![]),
+                    identifier: 0,
+                },
+                InputAccountIdentity::PrivateUnauthorized {
+                    npk: recipient_keys.npk(),
+                    ssk: SharedSecretKey::new(&[56; 32], &recipient_keys.vpk()),
+                    identifier: 0,
+                },
             ],
-            vec![sender_keys.nsk],
-            vec![Some((0, vec![]))],
             &program.into(),
         );
 
@@ -2144,7 +1985,7 @@ pub mod tests {
                 ..Account::default()
             },
             true,
-            &sender_keys.npk(),
+            (&sender_keys.npk(), 0),
         );
         let private_account_2 = AccountWithMetadata::new(
             Account {
@@ -2153,25 +1994,25 @@ pub mod tests {
                 ..Account::default()
             },
             false,
-            &recipient_keys.npk(),
+            (&recipient_keys.npk(), 0),
         );
 
         let result = execute_and_prove(
             vec![private_account_1, private_account_2],
             Program::serialize_instruction(10_u128).unwrap(),
-            vec![1, 2],
             vec![
-                (
-                    sender_keys.npk(),
-                    SharedSecretKey::new(&[55; 32], &sender_keys.vpk()),
-                ),
-                (
-                    recipient_keys.npk(),
-                    SharedSecretKey::new(&[56; 32], &recipient_keys.vpk()),
-                ),
+                InputAccountIdentity::PrivateAuthorizedUpdate {
+                    ssk: SharedSecretKey::new(&[55; 32], &sender_keys.vpk()),
+                    nsk: sender_keys.nsk,
+                    membership_proof: (0, vec![]),
+                    identifier: 0,
+                },
+                InputAccountIdentity::PrivateUnauthorized {
+                    npk: recipient_keys.npk(),
+                    ssk: SharedSecretKey::new(&[56; 32], &recipient_keys.vpk()),
+                    identifier: 0,
+                },
             ],
-            vec![sender_keys.nsk],
-            vec![Some((0, vec![]))],
             &program.into(),
         );
 
@@ -2190,7 +2031,7 @@ pub mod tests {
                 ..Account::default()
             },
             true,
-            &sender_keys.npk(),
+            (&sender_keys.npk(), 0),
         );
         let private_account_2 = AccountWithMetadata::new(
             Account {
@@ -2199,25 +2040,25 @@ pub mod tests {
                 ..Account::default()
             },
             false,
-            &recipient_keys.npk(),
+            (&recipient_keys.npk(), 0),
         );
 
         let result = execute_and_prove(
             vec![private_account_1, private_account_2],
             Program::serialize_instruction(10_u128).unwrap(),
-            vec![1, 2],
             vec![
-                (
-                    sender_keys.npk(),
-                    SharedSecretKey::new(&[55; 32], &sender_keys.vpk()),
-                ),
-                (
-                    recipient_keys.npk(),
-                    SharedSecretKey::new(&[56; 32], &recipient_keys.vpk()),
-                ),
+                InputAccountIdentity::PrivateAuthorizedUpdate {
+                    ssk: SharedSecretKey::new(&[55; 32], &sender_keys.vpk()),
+                    nsk: sender_keys.nsk,
+                    membership_proof: (0, vec![]),
+                    identifier: 0,
+                },
+                InputAccountIdentity::PrivateUnauthorized {
+                    npk: recipient_keys.npk(),
+                    ssk: SharedSecretKey::new(&[56; 32], &recipient_keys.vpk()),
+                    identifier: 0,
+                },
             ],
-            vec![sender_keys.nsk],
-            vec![Some((0, vec![]))],
             &program.into(),
         );
 
@@ -2236,7 +2077,7 @@ pub mod tests {
                 ..Account::default()
             },
             true,
-            &sender_keys.npk(),
+            (&sender_keys.npk(), 0),
         );
         let private_account_2 = AccountWithMetadata::new(
             Account {
@@ -2245,25 +2086,25 @@ pub mod tests {
                 ..Account::default()
             },
             false,
-            &recipient_keys.npk(),
+            (&recipient_keys.npk(), 0),
         );
 
         let result = execute_and_prove(
             vec![private_account_1, private_account_2],
             Program::serialize_instruction(10_u128).unwrap(),
-            vec![1, 2],
             vec![
-                (
-                    sender_keys.npk(),
-                    SharedSecretKey::new(&[55; 32], &sender_keys.vpk()),
-                ),
-                (
-                    recipient_keys.npk(),
-                    SharedSecretKey::new(&[56; 32], &recipient_keys.vpk()),
-                ),
+                InputAccountIdentity::PrivateAuthorizedUpdate {
+                    ssk: SharedSecretKey::new(&[55; 32], &sender_keys.vpk()),
+                    nsk: sender_keys.nsk,
+                    membership_proof: (0, vec![]),
+                    identifier: 0,
+                },
+                InputAccountIdentity::PrivateUnauthorized {
+                    npk: recipient_keys.npk(),
+                    ssk: SharedSecretKey::new(&[56; 32], &recipient_keys.vpk()),
+                    identifier: 0,
+                },
             ],
-            vec![sender_keys.nsk],
-            vec![Some((0, vec![]))],
             &program.into(),
         );
 
@@ -2283,31 +2124,31 @@ pub mod tests {
                 ..Account::default()
             },
             true,
-            &sender_keys.npk(),
+            (&sender_keys.npk(), 0),
         );
         let private_account_2 = AccountWithMetadata::new(
             Account::default(),
             // This should be set to false in normal circumstances
             true,
-            &recipient_keys.npk(),
+            (&recipient_keys.npk(), 0),
         );
 
         let result = execute_and_prove(
             vec![private_account_1, private_account_2],
             Program::serialize_instruction(10_u128).unwrap(),
-            vec![1, 2],
             vec![
-                (
-                    sender_keys.npk(),
-                    SharedSecretKey::new(&[55; 32], &sender_keys.vpk()),
-                ),
-                (
-                    recipient_keys.npk(),
-                    SharedSecretKey::new(&[56; 32], &recipient_keys.vpk()),
-                ),
+                InputAccountIdentity::PrivateAuthorizedUpdate {
+                    ssk: SharedSecretKey::new(&[55; 32], &sender_keys.vpk()),
+                    nsk: sender_keys.nsk,
+                    membership_proof: (0, vec![]),
+                    identifier: 0,
+                },
+                InputAccountIdentity::PrivateUnauthorized {
+                    npk: recipient_keys.npk(),
+                    ssk: SharedSecretKey::new(&[56; 32], &recipient_keys.vpk()),
+                    identifier: 0,
+                },
             ],
-            vec![sender_keys.nsk],
-            vec![Some((0, vec![]))],
             &program.into(),
         );
 
@@ -2336,14 +2177,16 @@ pub mod tests {
         let private_pda_account =
             AccountWithMetadata::new(Account::default(), false, AccountId::new([1; 32]));
 
-        let visibility_mask = [0, 3];
         let result = execute_and_prove(
             vec![public_account_1, private_pda_account],
             Program::serialize_instruction(10_u128).unwrap(),
-            visibility_mask.to_vec(),
-            vec![(npk, shared_secret)],
-            vec![],
-            vec![None],
+            vec![
+                InputAccountIdentity::Public,
+                InputAccountIdentity::PrivatePdaInit {
+                    npk,
+                    ssk: shared_secret,
+                },
+            ],
             &program.into(),
         );
 
@@ -2369,10 +2212,10 @@ pub mod tests {
         let result = execute_and_prove(
             vec![pre_state],
             Program::serialize_instruction(seed).unwrap(),
-            vec![3],
-            vec![(npk, shared_secret)],
-            vec![],
-            vec![None],
+            vec![InputAccountIdentity::PrivatePdaInit {
+                npk,
+                ssk: shared_secret,
+            }],
             &program.into(),
         );
 
@@ -2407,10 +2250,10 @@ pub mod tests {
         let result = execute_and_prove(
             vec![pre_state],
             Program::serialize_instruction(seed).unwrap(),
-            vec![3],
-            vec![(npk_b, shared_secret)],
-            vec![],
-            vec![None],
+            vec![InputAccountIdentity::PrivatePdaInit {
+                npk: npk_b,
+                ssk: shared_secret,
+            }],
             &program.into(),
         );
 
@@ -2441,10 +2284,10 @@ pub mod tests {
         let result = execute_and_prove(
             vec![pre_state],
             Program::serialize_instruction((seed, seed, callee_id)).unwrap(),
-            vec![3],
-            vec![(npk, shared_secret)],
-            vec![],
-            vec![None],
+            vec![InputAccountIdentity::PrivatePdaInit {
+                npk,
+                ssk: shared_secret,
+            }],
             &program_with_deps,
         );
 
@@ -2478,10 +2321,10 @@ pub mod tests {
         let result = execute_and_prove(
             vec![pre_state],
             Program::serialize_instruction((claim_seed, wrong_delegated_seed, callee_id)).unwrap(),
-            vec![3],
-            vec![(npk, shared_secret)],
-            vec![],
-            vec![None],
+            vec![InputAccountIdentity::PrivatePdaInit {
+                npk,
+                ssk: shared_secret,
+            }],
             &program_with_deps,
         );
 
@@ -2514,10 +2357,16 @@ pub mod tests {
         let result = execute_and_prove(
             vec![pre_a, pre_b],
             Program::serialize_instruction(seed).unwrap(),
-            vec![3, 3],
-            vec![(keys_a.npk(), shared_a), (keys_b.npk(), shared_b)],
-            vec![],
-            vec![None, None],
+            vec![
+                InputAccountIdentity::PrivatePdaInit {
+                    npk: keys_a.npk(),
+                    ssk: shared_a,
+                },
+                InputAccountIdentity::PrivatePdaInit {
+                    npk: keys_b.npk(),
+                    ssk: shared_b,
+                },
+            ],
             &program.into(),
         );
 
@@ -2558,139 +2407,10 @@ pub mod tests {
         let result = execute_and_prove(
             vec![owned_pre_state],
             Program::serialize_instruction(()).unwrap(),
-            vec![3],
-            vec![(npk, shared_secret)],
-            vec![],
-            vec![None],
-            &program.into(),
-        );
-
-        assert!(matches!(result, Err(NssaError::CircuitProvingError(_))));
-    }
-
-    #[test]
-    fn circuit_should_fail_with_too_many_nonces() {
-        let program = Program::simple_balance_transfer();
-        let sender_keys = test_private_account_keys_1();
-        let recipient_keys = test_private_account_keys_2();
-        let private_account_1 = AccountWithMetadata::new(
-            Account {
-                program_owner: program.id(),
-                balance: 100,
-                ..Account::default()
-            },
-            true,
-            &sender_keys.npk(),
-        );
-        let private_account_2 =
-            AccountWithMetadata::new(Account::default(), false, &recipient_keys.npk());
-
-        let result = execute_and_prove(
-            vec![private_account_1, private_account_2],
-            Program::serialize_instruction(10_u128).unwrap(),
-            vec![1, 2],
-            vec![
-                (
-                    sender_keys.npk(),
-                    SharedSecretKey::new(&[55; 32], &sender_keys.vpk()),
-                ),
-                (
-                    recipient_keys.npk(),
-                    SharedSecretKey::new(&[56; 32], &recipient_keys.vpk()),
-                ),
-            ],
-            vec![sender_keys.nsk],
-            vec![Some((0, vec![]))],
-            &program.into(),
-        );
-
-        assert!(matches!(result, Err(NssaError::CircuitProvingError(_))));
-    }
-
-    #[test]
-    fn circuit_should_fail_with_too_many_private_account_keys() {
-        let program = Program::simple_balance_transfer();
-        let sender_keys = test_private_account_keys_1();
-        let recipient_keys = test_private_account_keys_2();
-        let private_account_1 = AccountWithMetadata::new(
-            Account {
-                program_owner: program.id(),
-                balance: 100,
-                ..Account::default()
-            },
-            true,
-            &sender_keys.npk(),
-        );
-        let private_account_2 =
-            AccountWithMetadata::new(Account::default(), false, &recipient_keys.npk());
-
-        // Setting three private account keys for a circuit execution with only two private
-        // accounts.
-        let private_account_keys = [
-            (
-                sender_keys.npk(),
-                SharedSecretKey::new(&[55; 32], &sender_keys.vpk()),
-            ),
-            (
-                recipient_keys.npk(),
-                SharedSecretKey::new(&[56; 32], &recipient_keys.vpk()),
-            ),
-            (
-                sender_keys.npk(),
-                SharedSecretKey::new(&[57; 32], &sender_keys.vpk()),
-            ),
-        ];
-        let result = execute_and_prove(
-            vec![private_account_1, private_account_2],
-            Program::serialize_instruction(10_u128).unwrap(),
-            vec![1, 2],
-            private_account_keys.to_vec(),
-            vec![sender_keys.nsk],
-            vec![Some((0, vec![]))],
-            &program.into(),
-        );
-
-        assert!(matches!(result, Err(NssaError::CircuitProvingError(_))));
-    }
-
-    #[test]
-    fn circuit_should_fail_with_too_many_private_account_auth_keys() {
-        let program = Program::simple_balance_transfer();
-        let sender_keys = test_private_account_keys_1();
-        let recipient_keys = test_private_account_keys_2();
-        let private_account_1 = AccountWithMetadata::new(
-            Account {
-                program_owner: program.id(),
-                balance: 100,
-                ..Account::default()
-            },
-            true,
-            &sender_keys.npk(),
-        );
-        let private_account_2 =
-            AccountWithMetadata::new(Account::default(), false, &recipient_keys.npk());
-
-        // Setting two private account keys for a circuit execution with only one non default
-        // private account (visibility mask equal to 1 means that auth keys are expected).
-        let visibility_mask = [1, 2];
-        let private_account_nsks = [sender_keys.nsk, recipient_keys.nsk];
-        let private_account_membership_proofs = [Some((0, vec![])), Some((1, vec![]))];
-        let result = execute_and_prove(
-            vec![private_account_1, private_account_2],
-            Program::serialize_instruction(10_u128).unwrap(),
-            visibility_mask.to_vec(),
-            vec![
-                (
-                    sender_keys.npk(),
-                    SharedSecretKey::new(&[55; 32], &sender_keys.vpk()),
-                ),
-                (
-                    recipient_keys.npk(),
-                    SharedSecretKey::new(&[56; 32], &recipient_keys.vpk()),
-                ),
-            ],
-            private_account_nsks.to_vec(),
-            private_account_membership_proofs.to_vec(),
+            vec![InputAccountIdentity::PrivatePdaInit {
+                npk,
+                ssk: shared_secret,
+            }],
             &program.into(),
         );
 
@@ -2764,23 +2484,27 @@ pub mod tests {
                 ..Account::default()
             },
             true,
-            &sender_keys.npk(),
+            (&sender_keys.npk(), 0),
         );
 
-        let visibility_mask = [1, 1];
-        let private_account_nsks = [sender_keys.nsk, sender_keys.nsk];
-        let private_account_membership_proofs = [Some((1, vec![])), Some((1, vec![]))];
         let shared_secret = SharedSecretKey::new(&[55; 32], &sender_keys.vpk());
         let result = execute_and_prove(
             vec![private_account_1.clone(), private_account_1],
             Program::serialize_instruction(100_u128).unwrap(),
-            visibility_mask.to_vec(),
             vec![
-                (sender_keys.npk(), shared_secret),
-                (sender_keys.npk(), shared_secret),
+                InputAccountIdentity::PrivateAuthorizedUpdate {
+                    ssk: shared_secret,
+                    nsk: sender_keys.nsk,
+                    membership_proof: (1, vec![]),
+                    identifier: 0,
+                },
+                InputAccountIdentity::PrivateAuthorizedUpdate {
+                    ssk: shared_secret,
+                    nsk: sender_keys.nsk,
+                    membership_proof: (1, vec![]),
+                    identifier: 0,
+                },
             ],
-            private_account_nsks.to_vec(),
-            private_account_membership_proofs.to_vec(),
             &program.into(),
         );
 
@@ -3071,10 +2795,7 @@ pub mod tests {
         let result = execute_and_prove(
             vec![public_account],
             Program::serialize_instruction(0_u128).unwrap(),
-            vec![0],
-            vec![],
-            vec![],
-            vec![],
+            vec![InputAccountIdentity::Public],
             &program.into(),
         );
 
@@ -3091,14 +2812,16 @@ pub mod tests {
             balance: 100,
             ..Account::default()
         };
-        let sender_commitment = Commitment::new(&sender_keys.npk(), &sender_private_account);
-        let sender_init_nullifier = Nullifier::for_account_initialization(&sender_keys.npk());
+        let sender_account_id = AccountId::from((&sender_keys.npk(), 0));
+        let sender_commitment = Commitment::new(&sender_account_id, &sender_private_account);
+        let sender_init_nullifier = Nullifier::for_account_initialization(&sender_account_id);
         let mut state = V03State::new_with_genesis_accounts(
             &[],
             vec![(sender_commitment.clone(), sender_init_nullifier)],
             0,
         );
-        let sender_pre = AccountWithMetadata::new(sender_private_account, true, &sender_keys.npk());
+        let sender_pre =
+            AccountWithMetadata::new(sender_private_account, true, (&sender_keys.npk(), 0));
         let recipient_private_key = PrivateKey::try_new([2; 32]).unwrap();
         let recipient_account_id =
             AccountId::from(&PublicKey::new_from_private_key(&recipient_private_key));
@@ -3111,10 +2834,17 @@ pub mod tests {
         let (output, proof) = execute_and_prove(
             vec![sender_pre, recipient_pre],
             Program::serialize_instruction(37_u128).unwrap(),
-            vec![1, 0],
-            vec![(sender_keys.npk(), shared_secret)],
-            vec![sender_keys.nsk],
-            vec![state.get_proof_for_commitment(&sender_commitment)],
+            vec![
+                InputAccountIdentity::PrivateAuthorizedUpdate {
+                    ssk: shared_secret,
+                    nsk: sender_keys.nsk,
+                    membership_proof: state
+                        .get_proof_for_commitment(&sender_commitment)
+                        .expect("sender's commitment must be in state"),
+                    identifier: 0,
+                },
+                InputAccountIdentity::Public,
+            ],
             &program.into(),
         )
         .unwrap();
@@ -3164,7 +2894,7 @@ pub mod tests {
                 ..Account::default()
             },
             true,
-            &from_keys.npk(),
+            (&from_keys.npk(), 0),
         );
         let to_account = AccountWithMetadata::new(
             Account {
@@ -3172,13 +2902,15 @@ pub mod tests {
                 ..Account::default()
             },
             true,
-            &to_keys.npk(),
+            (&to_keys.npk(), 0),
         );
 
-        let from_commitment = Commitment::new(&from_keys.npk(), &from_account.account);
-        let to_commitment = Commitment::new(&to_keys.npk(), &to_account.account);
-        let from_init_nullifier = Nullifier::for_account_initialization(&from_keys.npk());
-        let to_init_nullifier = Nullifier::for_account_initialization(&to_keys.npk());
+        let from_account_id = AccountId::from((&from_keys.npk(), 0));
+        let to_account_id = AccountId::from((&to_keys.npk(), 0));
+        let from_commitment = Commitment::new(&from_account_id, &from_account.account);
+        let to_commitment = Commitment::new(&to_account_id, &to_account.account);
+        let from_init_nullifier = Nullifier::for_account_initialization(&from_account_id);
+        let to_init_nullifier = Nullifier::for_account_initialization(&to_account_id);
         let mut state = V03State::new_with_genesis_accounts(
             &[],
             vec![
@@ -3217,25 +2949,36 @@ pub mod tests {
             nonce: from_new_nonce,
             ..from_account.account.clone()
         };
-        let from_expected_commitment = Commitment::new(&from_keys.npk(), &from_expected_post);
+        let from_expected_commitment = Commitment::new(&from_account_id, &from_expected_post);
 
         let to_expected_post = Account {
             balance: u128::from(number_of_calls) * amount,
             nonce: to_new_nonce,
             ..to_account.account.clone()
         };
-        let to_expected_commitment = Commitment::new(&to_keys.npk(), &to_expected_post);
+        let to_expected_commitment = Commitment::new(&to_account_id, &to_expected_post);
 
         // Act
         let (output, proof) = execute_and_prove(
             vec![to_account, from_account],
             Program::serialize_instruction(instruction).unwrap(),
-            vec![1, 1],
-            vec![(from_keys.npk(), to_ss), (to_keys.npk(), from_ss)],
-            vec![from_keys.nsk, to_keys.nsk],
             vec![
-                state.get_proof_for_commitment(&from_commitment),
-                state.get_proof_for_commitment(&to_commitment),
+                InputAccountIdentity::PrivateAuthorizedUpdate {
+                    ssk: to_ss,
+                    nsk: from_keys.nsk,
+                    membership_proof: state
+                        .get_proof_for_commitment(&from_commitment)
+                        .expect("from's commitment must be in state"),
+                    identifier: 0,
+                },
+                InputAccountIdentity::PrivateAuthorizedUpdate {
+                    ssk: from_ss,
+                    nsk: to_keys.nsk,
+                    membership_proof: state
+                        .get_proof_for_commitment(&to_commitment)
+                        .expect("to's commitment must be in state"),
+                    identifier: 0,
+                },
             ],
             &program_with_deps,
         )
@@ -3483,7 +3226,7 @@ pub mod tests {
 
         // Create an authorized private account with default values (new account being initialized)
         let authorized_account =
-            AccountWithMetadata::new(Account::default(), true, &private_keys.npk());
+            AccountWithMetadata::new(Account::default(), true, (&private_keys.npk(), 0));
 
         let program = Program::authenticated_transfer_program();
 
@@ -3499,10 +3242,11 @@ pub mod tests {
         let (output, proof) = execute_and_prove(
             vec![authorized_account],
             Program::serialize_instruction(balance).unwrap(),
-            vec![1],
-            vec![(private_keys.npk(), shared_secret)],
-            vec![private_keys.nsk],
-            vec![None],
+            vec![InputAccountIdentity::PrivateAuthorizedInit {
+                ssk: shared_secret,
+                nsk: private_keys.nsk,
+                identifier: 0,
+            }],
             &program.into(),
         )
         .unwrap();
@@ -3522,7 +3266,8 @@ pub mod tests {
         let result = state.transition_from_privacy_preserving_transaction(&tx, 1, 0);
         assert!(result.is_ok());
 
-        let nullifier = Nullifier::for_account_initialization(&private_keys.npk());
+        let account_id = AccountId::from((&private_keys.npk(), 0));
+        let nullifier = Nullifier::for_account_initialization(&account_id);
         assert!(state.private_state.1.contains(&nullifier));
     }
 
@@ -3536,7 +3281,7 @@ pub mod tests {
         // operate them without the corresponding private keys, so unauthorized private claiming
         // remains allowed.
         let unauthorized_account =
-            AccountWithMetadata::new(Account::default(), false, &private_keys.npk());
+            AccountWithMetadata::new(Account::default(), false, (&private_keys.npk(), 0));
 
         let program = Program::claimer();
         let esk = [5; 32];
@@ -3546,10 +3291,11 @@ pub mod tests {
         let (output, proof) = execute_and_prove(
             vec![unauthorized_account],
             Program::serialize_instruction(0_u128).unwrap(),
-            vec![2],
-            vec![(private_keys.npk(), shared_secret)],
-            vec![],
-            vec![None],
+            vec![InputAccountIdentity::PrivateUnauthorized {
+                npk: private_keys.npk(),
+                ssk: shared_secret,
+                identifier: 0,
+            }],
             &program.into(),
         )
         .unwrap();
@@ -3569,7 +3315,8 @@ pub mod tests {
             .transition_from_privacy_preserving_transaction(&tx, 1, 0)
             .unwrap();
 
-        let nullifier = Nullifier::for_account_initialization(&private_keys.npk());
+        let account_id = AccountId::from((&private_keys.npk(), 0));
+        let nullifier = Nullifier::for_account_initialization(&account_id);
         assert!(state.private_state.1.contains(&nullifier));
     }
 
@@ -3582,7 +3329,7 @@ pub mod tests {
 
         // Step 1: Create a new private account with authorization
         let authorized_account =
-            AccountWithMetadata::new(Account::default(), true, &private_keys.npk());
+            AccountWithMetadata::new(Account::default(), true, (&private_keys.npk(), 0));
 
         let claimer_program = Program::claimer();
 
@@ -3597,10 +3344,11 @@ pub mod tests {
         let (output, proof) = execute_and_prove(
             vec![authorized_account.clone()],
             Program::serialize_instruction(balance).unwrap(),
-            vec![1],
-            vec![(private_keys.npk(), shared_secret)],
-            vec![private_keys.nsk],
-            vec![None],
+            vec![InputAccountIdentity::PrivateAuthorizedInit {
+                ssk: shared_secret,
+                nsk: private_keys.nsk,
+                identifier: 0,
+            }],
             &claimer_program.into(),
         )
         .unwrap();
@@ -3624,7 +3372,8 @@ pub mod tests {
         );
 
         // Verify the account is now initialized (nullifier exists)
-        let nullifier = Nullifier::for_account_initialization(&private_keys.npk());
+        let account_id = AccountId::from((&private_keys.npk(), 0));
+        let nullifier = Nullifier::for_account_initialization(&account_id);
         assert!(state.private_state.1.contains(&nullifier));
 
         // Prepare new state of account
@@ -3642,10 +3391,11 @@ pub mod tests {
         let res = execute_and_prove(
             vec![account_metadata],
             Program::serialize_instruction(()).unwrap(),
-            vec![1],
-            vec![(private_keys.npk(), shared_secret2)],
-            vec![private_keys.nsk],
-            vec![None],
+            vec![InputAccountIdentity::PrivateAuthorizedInit {
+                ssk: shared_secret2,
+                nsk: private_keys.nsk,
+                identifier: 0,
+            }],
             &noop_program.into(),
         );
 
@@ -3711,20 +3461,19 @@ pub mod tests {
         let program = Program::changer_claimer();
         let sender_keys = test_private_account_keys_1();
         let private_account =
-            AccountWithMetadata::new(Account::default(), true, &sender_keys.npk());
+            AccountWithMetadata::new(Account::default(), true, (&sender_keys.npk(), 0));
         // Don't change data (None) and don't claim (false)
         let instruction: (Option<Vec<u8>>, bool) = (None, false);
 
         let result = execute_and_prove(
             vec![private_account],
             Program::serialize_instruction(instruction).unwrap(),
-            vec![1],
-            vec![(
-                sender_keys.npk(),
-                SharedSecretKey::new(&[3; 32], &sender_keys.vpk()),
-            )],
-            vec![sender_keys.nsk],
-            vec![Some((0, vec![]))],
+            vec![InputAccountIdentity::PrivateAuthorizedUpdate {
+                ssk: SharedSecretKey::new(&[3; 32], &sender_keys.vpk()),
+                nsk: sender_keys.nsk,
+                membership_proof: (0, vec![]),
+                identifier: 0,
+            }],
             &program.into(),
         );
 
@@ -3737,7 +3486,7 @@ pub mod tests {
         let program = Program::changer_claimer();
         let sender_keys = test_private_account_keys_1();
         let private_account =
-            AccountWithMetadata::new(Account::default(), true, &sender_keys.npk());
+            AccountWithMetadata::new(Account::default(), true, (&sender_keys.npk(), 0));
         // Change data but don't claim (false) - should fail
         let new_data = vec![1, 2, 3, 4, 5];
         let instruction: (Option<Vec<u8>>, bool) = (Some(new_data), false);
@@ -3745,13 +3494,12 @@ pub mod tests {
         let result = execute_and_prove(
             vec![private_account],
             Program::serialize_instruction(instruction).unwrap(),
-            vec![1],
-            vec![(
-                sender_keys.npk(),
-                SharedSecretKey::new(&[3; 32], &sender_keys.vpk()),
-            )],
-            vec![sender_keys.nsk],
-            vec![Some((0, vec![]))],
+            vec![InputAccountIdentity::PrivateAuthorizedUpdate {
+                ssk: SharedSecretKey::new(&[3; 32], &sender_keys.vpk()),
+                nsk: sender_keys.nsk,
+                membership_proof: (0, vec![]),
+                identifier: 0,
+            }],
             &program.into(),
         );
 
@@ -3777,11 +3525,12 @@ pub mod tests {
             sender_keys.account_id(),
         );
         let recipient_account =
-            AccountWithMetadata::new(Account::default(), true, &recipient_keys.npk());
+            AccountWithMetadata::new(Account::default(), true, (&recipient_keys.npk(), 0));
 
+        let recipient_account_id = AccountId::from((&recipient_keys.npk(), 0));
         let recipient_commitment =
-            Commitment::new(&recipient_keys.npk(), &recipient_account.account);
-        let recipient_init_nullifier = Nullifier::for_account_initialization(&recipient_keys.npk());
+            Commitment::new(&recipient_account_id, &recipient_account.account);
+        let recipient_init_nullifier = Nullifier::for_account_initialization(&recipient_account_id);
         let state = V03State::new_with_genesis_accounts(
             &[(sender_account.account_id, sender_account.account.balance)],
             vec![(recipient_commitment.clone(), recipient_init_nullifier)],
@@ -3803,10 +3552,17 @@ pub mod tests {
         let result = execute_and_prove(
             vec![sender_account, recipient_account],
             Program::serialize_instruction(instruction).unwrap(),
-            vec![0, 1],
-            vec![(recipient_keys.npk(), recipient)],
-            vec![recipient_keys.nsk],
-            vec![state.get_proof_for_commitment(&recipient_commitment)],
+            vec![
+                InputAccountIdentity::Public,
+                InputAccountIdentity::PrivateAuthorizedUpdate {
+                    ssk: recipient,
+                    nsk: recipient_keys.nsk,
+                    membership_proof: state
+                        .get_proof_for_commitment(&recipient_commitment)
+                        .expect("recipient's commitment must be in state"),
+                    identifier: 0,
+                },
+            ],
             &program_with_deps,
         );
 
@@ -3939,7 +3695,7 @@ pub mod tests {
         let block_validity_window: BlockValidityWindow = validity_window.try_into().unwrap();
         let validity_window_program = Program::validity_window();
         let account_keys = test_private_account_keys_1();
-        let pre = AccountWithMetadata::new(Account::default(), false, &account_keys.npk());
+        let pre = AccountWithMetadata::new(Account::default(), false, (&account_keys.npk(), 0));
         let mut state = V03State::new_with_genesis_accounts(&[], vec![], 0).with_test_programs();
         let tx = {
             let esk = [3; 32];
@@ -3953,10 +3709,11 @@ pub mod tests {
             let (output, proof) = circuit::execute_and_prove(
                 vec![pre],
                 Program::serialize_instruction(instruction).unwrap(),
-                vec![2],
-                vec![(account_keys.npk(), shared_secret)],
-                vec![],
-                vec![None],
+                vec![InputAccountIdentity::PrivateUnauthorized {
+                    npk: account_keys.npk(),
+                    ssk: shared_secret,
+                    identifier: 0,
+                }],
                 &validity_window_program.into(),
             )
             .unwrap();
@@ -4008,7 +3765,7 @@ pub mod tests {
             validity_window.try_into().unwrap();
         let validity_window_program = Program::validity_window();
         let account_keys = test_private_account_keys_1();
-        let pre = AccountWithMetadata::new(Account::default(), false, &account_keys.npk());
+        let pre = AccountWithMetadata::new(Account::default(), false, (&account_keys.npk(), 0));
         let mut state = V03State::new_with_genesis_accounts(&[], vec![], 0).with_test_programs();
         let tx = {
             let esk = [3; 32];
@@ -4022,10 +3779,11 @@ pub mod tests {
             let (output, proof) = circuit::execute_and_prove(
                 vec![pre],
                 Program::serialize_instruction(instruction).unwrap(),
-                vec![2],
-                vec![(account_keys.npk(), shared_secret)],
-                vec![],
-                vec![None],
+                vec![InputAccountIdentity::PrivateUnauthorized {
+                    npk: account_keys.npk(),
+                    ssk: shared_secret,
+                    identifier: 0,
+                }],
                 &validity_window_program.into(),
             )
             .unwrap();
diff --git a/program_methods/guest/src/bin/privacy_preserving_circuit.rs b/program_methods/guest/src/bin/privacy_preserving_circuit.rs
index 8018cd80..f658ea53 100644
--- a/program_methods/guest/src/bin/privacy_preserving_circuit.rs
+++ b/program_methods/guest/src/bin/privacy_preserving_circuit.rs
@@ -4,9 +4,9 @@ use std::{
 };
 
 use nssa_core::{
-    Commitment, CommitmentSetDigest, DUMMY_COMMITMENT_HASH, EncryptionScheme, MembershipProof,
-    Nullifier, NullifierPublicKey, NullifierSecretKey, PrivacyPreservingCircuitInput,
-    PrivacyPreservingCircuitOutput, SharedSecretKey,
+    Commitment, CommitmentSetDigest, DUMMY_COMMITMENT_HASH, EncryptionScheme, Identifier,
+    InputAccountIdentity, MembershipProof, Nullifier, NullifierPublicKey, NullifierSecretKey,
+    PrivacyPreservingCircuitInput, PrivacyPreservingCircuitOutput, SharedSecretKey,
     account::{Account, AccountId, AccountWithMetadata, Nonce},
     compute_digest_for_path,
     program::{
@@ -17,22 +17,24 @@ use nssa_core::{
 };
 use risc0_zkvm::{guest::env, serde::to_vec};
 
+const PRIVATE_PDA_FIXED_IDENTIFIER: Identifier = u128::MAX;
+
 /// State of the involved accounts before and after program execution.
 struct ExecutionState {
     pre_states: Vec<AccountWithMetadata>,
     post_states: HashMap<AccountId, Account>,
     block_validity_window: BlockValidityWindow,
     timestamp_validity_window: TimestampValidityWindow,
-    /// Positions (in `pre_states`) of mask-3 accounts whose supplied npk has been bound to
-    /// their `AccountId` via a proven `AccountId::for_private_pda(program_id, seed, npk)`
+    /// Positions (in `pre_states`) of private-PDA accounts whose supplied npk has been bound
+    /// to their `AccountId` via a proven `AccountId::for_private_pda(program_id, seed, npk)`
     /// check.
     /// Two proof paths populate this set: a `Claim::Pda(seed)` in a program's `post_state` on
     /// that `pre_state`, or a caller's `ChainedCall.pda_seeds` entry matching that `pre_state`
     /// under the private derivation. Binding is an idempotent property, not an event: the same
     /// position can legitimately be bound through both paths in the same tx (e.g. a program
     /// claims a private PDA and then delegates it to a callee), and the set uses `contains`,
-    /// not `assert!(insert)`. After the main loop, every mask-3 position must appear in this
-    /// set; otherwise the npk is unbound and the circuit rejects.
+    /// not `assert!(insert)`. After the main loop, every private-PDA position must appear in
+    /// this set; otherwise the npk is unbound and the circuit rejects.
     private_pda_bound_positions: HashSet<usize>,
     /// Across the whole transaction, each `(program_id, seed)` pair may resolve to at most one
     /// `AccountId`. A seed under a program can derive a family of accounts, one public PDA and
@@ -43,39 +45,29 @@ struct ExecutionState {
     /// `AccountId` entry or as an equality check against the existing one, making the rule: one
     /// `(program, seed)` → one account per tx.
     pda_family_binding: HashMap<(ProgramId, PdaSeed), AccountId>,
-    /// Map from a mask-3 `pre_state`'s position in `visibility_mask` to the npk supplied for
-    /// that position in `private_account_keys`. Built once in `derive_from_outputs` by walking
-    /// `visibility_mask` in lock-step with `private_account_keys`, used later by the claim and
-    /// caller-seeds authorization paths.
+    /// Map from a private-PDA `pre_state`'s position in `account_identities` to the npk that
+    /// variant supplies for that position. Populated once in `derive_from_outputs` by walking
+    /// `account_identities` and consulting `npk_if_private_pda`. Used later by the claim and
+    /// caller-seeds authorization paths to verify
+    /// `AccountId::for_private_pda(program_id, seed, npk) == pre_state.account_id`.
     private_pda_npk_by_position: HashMap<usize, NullifierPublicKey>,
 }
 
 impl ExecutionState {
     /// Validate program outputs and derive the overall execution state.
     pub fn derive_from_outputs(
-        visibility_mask: &[u8],
-        private_account_keys: &[(NullifierPublicKey, SharedSecretKey)],
+        account_identities: &[InputAccountIdentity],
         program_id: ProgramId,
         program_outputs: Vec<ProgramOutput>,
     ) -> Self {
-        // Build position → npk map for mask-3 pre_states. `private_account_keys` is consumed in
-        // pre_state order across all masks 1/2/3, so walk `visibility_mask` in lock-step. The
-        // downstream `compute_circuit_output` also consumes the same iterator and its trailing
-        // assertions catch an over-supply of keys; under-supply surfaces here.
+        // Build position → npk map for private-PDA pre_states, indexed by position in
+        // `account_identities`. The vec is documented as 1:1 with the program's pre_state order,
+        // so position here matches `pre_state_position` used downstream in
+        // `validate_and_sync_states`.
         let mut private_pda_npk_by_position: HashMap<usize, NullifierPublicKey> = HashMap::new();
-        {
-            let mut keys_iter = private_account_keys.iter();
-            for (pos, &mask) in visibility_mask.iter().enumerate() {
-                if matches!(mask, 1..=3) {
-                    let (npk, _) = keys_iter.next().unwrap_or_else(|| {
-                        panic!(
-                            "private_account_keys shorter than visibility_mask demands: no key for masked position {pos} (mask {mask})"
-                        )
-                    });
-                    if mask == 3 {
-                        private_pda_npk_by_position.insert(pos, *npk);
-                    }
-                }
+        for (pos, account_identity) in account_identities.iter().enumerate() {
+            if let Some(npk) = account_identity.npk_if_private_pda() {
+                private_pda_npk_by_position.insert(pos, npk);
             }
         }
 
@@ -192,7 +184,7 @@ impl ExecutionState {
             }
 
             execution_state.validate_and_sync_states(
-                visibility_mask,
+                account_identities,
                 chained_call.program_id,
                 caller_program_id,
                 &chained_call.pda_seeds,
@@ -209,12 +201,12 @@ impl ExecutionState {
             "Inner call without a chained call found",
         );
 
-        // Every mask-3 pre_state must have had its npk bound to its account_id, either via a
-        // `Claim::Pda(seed)` in some program's post_state or via a caller's `pda_seeds` matching
-        // the private derivation. An unbound mask-3 pre_state has no cryptographic link between
-        // the supplied npk and the account_id, and must be rejected.
-        for (pos, &mask) in visibility_mask.iter().enumerate() {
-            if mask == 3 {
+        // Every private-PDA pre_state must have had its npk bound to its account_id, either via
+        // a `Claim::Pda(seed)` in some program's post_state or via a caller's `pda_seeds`
+        // matching the private derivation. An unbound private-PDA pre_state has no
+        // cryptographic link between the supplied npk and the account_id, and must be rejected.
+        for (pos, account_identity) in account_identities.iter().enumerate() {
+            if account_identity.is_private_pda() {
                 assert!(
                     execution_state.private_pda_bound_positions.contains(&pos),
                     "private PDA pre_state at position {pos} has no proven (seed, npk) binding via Claim::Pda or caller pda_seeds"
@@ -249,7 +241,7 @@ impl ExecutionState {
     /// Validate program pre and post states and populate the execution state.
     fn validate_and_sync_states(
         &mut self,
-        visibility_mask: &[u8],
+        account_identities: &[InputAccountIdentity],
         program_id: ProgramId,
         caller_program_id: Option<ProgramId>,
         caller_pda_seeds: &[PdaSeed],
@@ -327,9 +319,9 @@ impl ExecutionState {
                     .position(|acc| acc.account_id == pre_account_id)
                     .expect("Pre state must exist at this point");
 
-                let mask = visibility_mask[pre_state_position];
-                match mask {
-                    0 => match claim {
+                let account_identity = &account_identities[pre_state_position];
+                if account_identity.is_public() {
+                    match claim {
                         Claim::Authorized => {
                             // Note: no need to check authorized pdas because we have already
                             // checked consistency of authorization above.
@@ -351,40 +343,40 @@ impl ExecutionState {
                                 pre_account_id,
                             );
                         }
-                    },
-                    3 => {
-                        match claim {
-                            Claim::Authorized => {
-                                assert!(
-                                    pre_is_authorized,
-                                    "Cannot claim unauthorized private PDA {pre_account_id}"
-                                );
-                            }
-                            Claim::Pda(seed) => {
-                                let npk = self
+                    }
+                } else if account_identity.is_private_pda() {
+                    match claim {
+                        Claim::Authorized => {
+                            assert!(
+                                pre_is_authorized,
+                                "Cannot claim unauthorized private PDA {pre_account_id}"
+                            );
+                        }
+                        Claim::Pda(seed) => {
+                            let npk = self
                                 .private_pda_npk_by_position
                                 .get(&pre_state_position)
-                                .expect("private PDA pre_state must have an npk in the position map");
-                                let pda = AccountId::for_private_pda(&program_id, &seed, npk);
-                                assert_eq!(
-                                    pre_account_id, pda,
-                                    "Invalid private PDA claim for account {pre_account_id}"
+                                .expect(
+                                    "private PDA pre_state must have an npk in the position map",
                                 );
-                                self.private_pda_bound_positions.insert(pre_state_position);
-                                assert_family_binding(
-                                    &mut self.pda_family_binding,
-                                    program_id,
-                                    seed,
-                                    pre_account_id,
-                                );
-                            }
+                            let pda = AccountId::for_private_pda(&program_id, &seed, npk);
+                            assert_eq!(
+                                pre_account_id, pda,
+                                "Invalid private PDA claim for account {pre_account_id}"
+                            );
+                            self.private_pda_bound_positions.insert(pre_state_position);
+                            assert_family_binding(
+                                &mut self.pda_family_binding,
+                                program_id,
+                                seed,
+                                pre_account_id,
+                            );
                         }
                     }
-                    _ => {
-                        // Mask 1/2: standard private accounts don't enforce the claim semantics.
-                        // Unauthorized private claiming is intentionally allowed since operating
-                        // these accounts requires the npk/nsk keypair anyway.
-                    }
+                } else {
+                    // Standalone private accounts: don't enforce the claim semantics.
+                    // Unauthorized private claiming is intentionally allowed since operating
+                    // these accounts requires the npk/nsk keypair anyway.
                 }
 
                 post.account_mut().program_owner = program_id;
@@ -486,10 +478,7 @@ fn resolve_authorization_and_record_bindings(
 
 fn compute_circuit_output(
     execution_state: ExecutionState,
-    visibility_mask: &[u8],
-    private_account_keys: &[(NullifierPublicKey, SharedSecretKey)],
-    private_account_nsks: &[NullifierSecretKey],
-    private_account_membership_proofs: &[Option<MembershipProof>],
+    account_identities: &[InputAccountIdentity],
 ) -> PrivacyPreservingCircuitOutput {
     let mut output = PrivacyPreservingCircuitOutput {
         public_pre_states: Vec::new(),
@@ -503,280 +492,268 @@ fn compute_circuit_output(
 
     let states_iter = execution_state.into_states_iter();
     assert_eq!(
-        visibility_mask.len(),
+        account_identities.len(),
         states_iter.len(),
-        "Invalid visibility mask length"
+        "Invalid account_identities length"
     );
 
-    let mut private_keys_iter = private_account_keys.iter();
-    let mut private_nsks_iter = private_account_nsks.iter();
-    let mut private_membership_proofs_iter = private_account_membership_proofs.iter();
-
     let mut output_index = 0;
-    for (account_visibility_mask, (pre_state, post_state)) in
-        visibility_mask.iter().copied().zip(states_iter)
-    {
-        match account_visibility_mask {
-            0 => {
-                // Public account
+    for (account_identity, (pre_state, post_state)) in account_identities.iter().zip(states_iter) {
+        match account_identity {
+            InputAccountIdentity::Public => {
                 output.public_pre_states.push(pre_state);
                 output.public_post_states.push(post_state);
             }
-            1 | 2 => {
-                let Some((npk, shared_secret)) = private_keys_iter.next() else {
-                    panic!("Missing private account key");
-                };
+            InputAccountIdentity::PrivateAuthorizedInit {
+                ssk,
+                nsk,
+                identifier,
+            } => {
+                assert_ne!(
+                    *identifier, PRIVATE_PDA_FIXED_IDENTIFIER,
+                    "Identifier must be different from {PRIVATE_PDA_FIXED_IDENTIFIER}. This is reserved for private PDA."
+                );
+                let npk = NullifierPublicKey::from(nsk);
+                let account_id = AccountId::from((&npk, *identifier));
 
+                assert_eq!(account_id, pre_state.account_id, "AccountId mismatch");
+                assert!(
+                    pre_state.is_authorized,
+                    "Pre-state not authorized for authenticated private account"
+                );
                 assert_eq!(
-                    AccountId::from(npk),
-                    pre_state.account_id,
-                    "AccountId mismatch"
+                    pre_state.account,
+                    Account::default(),
+                    "Found new private account with non default values"
                 );
 
-                let (new_nullifier, new_nonce) = if account_visibility_mask == 1 {
-                    // Private account with authentication
-
-                    let Some(nsk) = private_nsks_iter.next() else {
-                        panic!("Missing private account nullifier secret key");
-                    };
-
-                    // Verify the nullifier public key
-                    assert_eq!(
-                        npk,
-                        &NullifierPublicKey::from(nsk),
-                        "Nullifier public key mismatch"
-                    );
-
-                    // Check pre_state authorization
-                    assert!(
-                        pre_state.is_authorized,
-                        "Pre-state not authorized for authenticated private account"
-                    );
-
-                    let Some(membership_proof_opt) = private_membership_proofs_iter.next() else {
-                        panic!("Missing membership proof");
-                    };
-
-                    let new_nullifier = compute_nullifier_and_set_digest(
-                        membership_proof_opt.as_ref(),
-                        &pre_state.account,
-                        npk,
-                        nsk,
-                    );
-
-                    let new_nonce = pre_state.account.nonce.private_account_nonce_increment(nsk);
-
-                    (new_nullifier, new_nonce)
-                } else {
-                    // Private account without authentication
-
-                    assert_eq!(
-                        pre_state.account,
-                        Account::default(),
-                        "Found new private account with non default values",
-                    );
-
-                    assert!(
-                        !pre_state.is_authorized,
-                        "Found new private account marked as authorized."
-                    );
-
-                    let Some(membership_proof_opt) = private_membership_proofs_iter.next() else {
-                        panic!("Missing membership proof");
-                    };
-
-                    assert!(
-                        membership_proof_opt.is_none(),
-                        "Membership proof must be None for unauthorized accounts"
-                    );
-
-                    let nullifier = Nullifier::for_account_initialization(npk);
-
-                    let new_nonce = Nonce::private_account_nonce_init(npk);
-
-                    ((nullifier, DUMMY_COMMITMENT_HASH), new_nonce)
-                };
-                output.new_nullifiers.push(new_nullifier);
-
-                // Update post-state with new nonce
-                let mut post_with_updated_nonce = post_state;
-                post_with_updated_nonce.nonce = new_nonce;
-
-                // Compute commitment
-                let commitment_post = Commitment::new(npk, &post_with_updated_nonce);
-
-                // Encrypt and push post state
-                let encrypted_account = EncryptionScheme::encrypt(
-                    &post_with_updated_nonce,
-                    shared_secret,
-                    &commitment_post,
-                    output_index,
+                let new_nullifier = (
+                    Nullifier::for_account_initialization(&account_id),
+                    DUMMY_COMMITMENT_HASH,
                 );
+                let new_nonce = pre_state.account.nonce.private_account_nonce_increment(nsk);
 
-                output.new_commitments.push(commitment_post);
-                output.ciphertexts.push(encrypted_account);
-                output_index = output_index
-                    .checked_add(1)
-                    .unwrap_or_else(|| panic!("Too many private accounts, output index overflow"));
+                emit_private_output(
+                    &mut output,
+                    &mut output_index,
+                    post_state,
+                    &account_id,
+                    *identifier,
+                    ssk,
+                    new_nullifier,
+                    new_nonce,
+                );
             }
-            3 => {
-                // Private PDA account. The supplied npk has already been bound to
-                // `pre_state.account_id` upstream in `validate_and_sync_states`, either via a
-                // `Claim::Pda(seed)` match or via a caller `pda_seeds` match, both of which
-                // assert `AccountId::for_private_pda(owner, seed, npk) == account_id`. The
-                // post-loop assertion in `derive_from_outputs` (see the
-                // `private_pda_bound_positions` check) guarantees that every mask-3
-                // position has been through at least one such binding, so this
-                // branch can safely use the wallet npk without re-verifying.
-                let Some((npk, shared_secret)) = private_keys_iter.next() else {
-                    panic!("Missing private account key");
-                };
+            InputAccountIdentity::PrivateAuthorizedUpdate {
+                ssk,
+                nsk,
+                membership_proof,
+                identifier,
+            } => {
+                assert_ne!(
+                    *identifier, PRIVATE_PDA_FIXED_IDENTIFIER,
+                    "Identifier must be different from {PRIVATE_PDA_FIXED_IDENTIFIER}. This is reserved for private PDA."
+                );
+                let npk = NullifierPublicKey::from(nsk);
+                let account_id = AccountId::from((&npk, *identifier));
 
-                let (new_nullifier, new_nonce) = if pre_state.is_authorized {
-                    // Existing private PDA with authentication (like mask 1)
-                    let Some(nsk) = private_nsks_iter.next() else {
-                        panic!("Missing private account nullifier secret key");
-                    };
-                    assert_eq!(
-                        npk,
-                        &NullifierPublicKey::from(nsk),
-                        "Nullifier public key mismatch"
-                    );
-
-                    let Some(membership_proof_opt) = private_membership_proofs_iter.next() else {
-                        panic!("Missing membership proof");
-                    };
-
-                    let new_nullifier = compute_nullifier_and_set_digest(
-                        membership_proof_opt.as_ref(),
-                        &pre_state.account,
-                        npk,
-                        nsk,
-                    );
-                    let new_nonce = pre_state.account.nonce.private_account_nonce_increment(nsk);
-                    (new_nullifier, new_nonce)
-                } else {
-                    // New private PDA (like mask 2). The default + unauthorized requirement
-                    // here rules out use cases like a fully-private multisig, which would need
-                    // a non-default, non-authorized private PDA input account.
-                    // TODO(private-pdas-pr-2/3): relax this once the wallet can supply a
-                    // `(seed, owner)` side input so the npk-to-account_id binding can be
-                    // re-verified for an existing private PDA without a `Claim::Pda` or caller
-                    // `pda_seeds` match.
-                    assert_eq!(
-                        pre_state.account,
-                        Account::default(),
-                        "New private PDA must be default"
-                    );
-
-                    let Some(membership_proof_opt) = private_membership_proofs_iter.next() else {
-                        panic!("Missing membership proof");
-                    };
-                    assert!(
-                        membership_proof_opt.is_none(),
-                        "Membership proof must be None for new accounts"
-                    );
-
-                    let nullifier = Nullifier::for_account_initialization(npk);
-                    let new_nonce = Nonce::private_account_nonce_init(npk);
-                    ((nullifier, DUMMY_COMMITMENT_HASH), new_nonce)
-                };
-                output.new_nullifiers.push(new_nullifier);
-
-                let mut post_with_updated_nonce = post_state;
-                post_with_updated_nonce.nonce = new_nonce;
-
-                let commitment_post = Commitment::new(npk, &post_with_updated_nonce);
-
-                let encrypted_account = EncryptionScheme::encrypt(
-                    &post_with_updated_nonce,
-                    shared_secret,
-                    &commitment_post,
-                    output_index,
+                assert_eq!(account_id, pre_state.account_id, "AccountId mismatch");
+                assert!(
+                    pre_state.is_authorized,
+                    "Pre-state not authorized for authenticated private account"
                 );
 
-                output.new_commitments.push(commitment_post);
-                output.ciphertexts.push(encrypted_account);
-                output_index = output_index
-                    .checked_add(1)
-                    .unwrap_or_else(|| panic!("Too many private accounts, output index overflow"));
+                let new_nullifier = compute_update_nullifier_and_set_digest(
+                    membership_proof,
+                    &pre_state.account,
+                    &account_id,
+                    nsk,
+                );
+                let new_nonce = pre_state.account.nonce.private_account_nonce_increment(nsk);
+
+                emit_private_output(
+                    &mut output,
+                    &mut output_index,
+                    post_state,
+                    &account_id,
+                    *identifier,
+                    ssk,
+                    new_nullifier,
+                    new_nonce,
+                );
+            }
+            InputAccountIdentity::PrivateUnauthorized {
+                npk,
+                ssk,
+                identifier,
+            } => {
+                assert_ne!(
+                    *identifier, PRIVATE_PDA_FIXED_IDENTIFIER,
+                    "Identifier must be different from {PRIVATE_PDA_FIXED_IDENTIFIER}. This is reserved for private PDA."
+                );
+                let account_id = AccountId::from((npk, *identifier));
+
+                assert_eq!(account_id, pre_state.account_id, "AccountId mismatch");
+                assert_eq!(
+                    pre_state.account,
+                    Account::default(),
+                    "Found new private account with non default values",
+                );
+                assert!(
+                    !pre_state.is_authorized,
+                    "Found new private account marked as authorized."
+                );
+
+                let new_nullifier = (
+                    Nullifier::for_account_initialization(&account_id),
+                    DUMMY_COMMITMENT_HASH,
+                );
+                let new_nonce = Nonce::private_account_nonce_init(&account_id);
+
+                emit_private_output(
+                    &mut output,
+                    &mut output_index,
+                    post_state,
+                    &account_id,
+                    *identifier,
+                    ssk,
+                    new_nullifier,
+                    new_nonce,
+                );
+            }
+            InputAccountIdentity::PrivatePdaInit { npk: _, ssk } => {
+                // The npk-to-account_id binding is established upstream in
+                // `validate_and_sync_states` via `Claim::Pda(seed)` or a caller `pda_seeds`
+                // match. Here we only enforce the init pre-conditions. The supplied npk on
+                // the variant has been recorded into `private_pda_npk_by_position` and used
+                // for the binding check; we use `pre_state.account_id` directly for nullifier
+                // and commitment derivation.
+                assert!(
+                    !pre_state.is_authorized,
+                    "PrivatePdaInit requires unauthorized pre_state"
+                );
+                assert_eq!(
+                    pre_state.account,
+                    Account::default(),
+                    "New private PDA must be default"
+                );
+
+                let new_nullifier = (
+                    Nullifier::for_account_initialization(&pre_state.account_id),
+                    DUMMY_COMMITMENT_HASH,
+                );
+                let new_nonce = Nonce::private_account_nonce_init(&pre_state.account_id);
+
+                let account_id = pre_state.account_id;
+                emit_private_output(
+                    &mut output,
+                    &mut output_index,
+                    post_state,
+                    &account_id,
+                    PRIVATE_PDA_FIXED_IDENTIFIER,
+                    ssk,
+                    new_nullifier,
+                    new_nonce,
+                );
+            }
+            InputAccountIdentity::PrivatePdaUpdate {
+                ssk,
+                nsk,
+                membership_proof,
+            } => {
+                // The npk binding is established upstream. Authorization must already be set;
+                // an unauthorized PrivatePdaUpdate would mean the prover supplied an nsk for an
+                // unbound PDA, which the upstream binding check would have rejected anyway,
+                // but we assert here to fail fast and document the precondition.
+                assert!(
+                    pre_state.is_authorized,
+                    "PrivatePdaUpdate requires authorized pre_state"
+                );
+
+                let new_nullifier = compute_update_nullifier_and_set_digest(
+                    membership_proof,
+                    &pre_state.account,
+                    &pre_state.account_id,
+                    nsk,
+                );
+                let new_nonce = pre_state.account.nonce.private_account_nonce_increment(nsk);
+
+                let account_id = pre_state.account_id;
+                emit_private_output(
+                    &mut output,
+                    &mut output_index,
+                    post_state,
+                    &account_id,
+                    PRIVATE_PDA_FIXED_IDENTIFIER,
+                    ssk,
+                    new_nullifier,
+                    new_nonce,
+                );
             }
-            _ => panic!("Invalid visibility mask value"),
         }
     }
 
-    assert!(
-        private_keys_iter.next().is_none(),
-        "Too many private account keys"
-    );
-
-    assert!(
-        private_nsks_iter.next().is_none(),
-        "Too many private account nullifier secret keys"
-    );
-
-    assert!(
-        private_membership_proofs_iter.next().is_none(),
-        "Too many private account membership proofs"
-    );
-
     output
 }
 
-fn compute_nullifier_and_set_digest(
-    membership_proof_opt: Option<&MembershipProof>,
+#[expect(
+    clippy::too_many_arguments,
+    reason = "All seven inputs are distinct concerns from the variant arms; bundling would be artificial"
+)]
+fn emit_private_output(
+    output: &mut PrivacyPreservingCircuitOutput,
+    output_index: &mut u32,
+    post_state: Account,
+    account_id: &AccountId,
+    identifier: Identifier,
+    shared_secret: &SharedSecretKey,
+    new_nullifier: (Nullifier, CommitmentSetDigest),
+    new_nonce: Nonce,
+) {
+    output.new_nullifiers.push(new_nullifier);
+
+    let mut post_with_updated_nonce = post_state;
+    post_with_updated_nonce.nonce = new_nonce;
+
+    let commitment_post = Commitment::new(account_id, &post_with_updated_nonce);
+    let encrypted_account = EncryptionScheme::encrypt(
+        &post_with_updated_nonce,
+        identifier,
+        shared_secret,
+        &commitment_post,
+        *output_index,
+    );
+
+    output.new_commitments.push(commitment_post);
+    output.ciphertexts.push(encrypted_account);
+    *output_index = output_index
+        .checked_add(1)
+        .unwrap_or_else(|| panic!("Too many private accounts, output index overflow"));
+}
+
+fn compute_update_nullifier_and_set_digest(
+    membership_proof: &MembershipProof,
     pre_account: &Account,
-    npk: &NullifierPublicKey,
+    account_id: &AccountId,
     nsk: &NullifierSecretKey,
 ) -> (Nullifier, CommitmentSetDigest) {
-    membership_proof_opt.as_ref().map_or_else(
-        || {
-            assert_eq!(
-                *pre_account,
-                Account::default(),
-                "Found new private account with non default values"
-            );
-
-            // Compute initialization nullifier
-            let nullifier = Nullifier::for_account_initialization(npk);
-            (nullifier, DUMMY_COMMITMENT_HASH)
-        },
-        |membership_proof| {
-            // Compute commitment set digest associated with provided auth path
-            let commitment_pre = Commitment::new(npk, pre_account);
-            let set_digest = compute_digest_for_path(&commitment_pre, membership_proof);
-
-            // Compute update nullifier
-            let nullifier = Nullifier::for_account_update(&commitment_pre, nsk);
-            (nullifier, set_digest)
-        },
-    )
+    let commitment_pre = Commitment::new(account_id, pre_account);
+    let set_digest = compute_digest_for_path(&commitment_pre, membership_proof);
+    let nullifier = Nullifier::for_account_update(&commitment_pre, nsk);
+    (nullifier, set_digest)
 }
 
 fn main() {
     let PrivacyPreservingCircuitInput {
         program_outputs,
-        visibility_mask,
-        private_account_keys,
-        private_account_nsks,
-        private_account_membership_proofs,
+        account_identities,
         program_id,
     } = env::read();
 
-    let execution_state = ExecutionState::derive_from_outputs(
-        &visibility_mask,
-        &private_account_keys,
-        program_id,
-        program_outputs,
-    );
+    let execution_state =
+        ExecutionState::derive_from_outputs(&account_identities, program_id, program_outputs);
 
-    let output = compute_circuit_output(
-        execution_state,
-        &visibility_mask,
-        &private_account_keys,
-        &private_account_nsks,
-        &private_account_membership_proofs,
-    );
+    let output = compute_circuit_output(execution_state, &account_identities);
 
     env::commit(&output);
 }
diff --git a/sequencer/core/Cargo.toml b/sequencer/core/Cargo.toml
index efd0e359..827c8b2e 100644
--- a/sequencer/core/Cargo.toml
+++ b/sequencer/core/Cargo.toml
@@ -13,7 +13,7 @@ nssa_core.workspace = true
 common.workspace = true
 storage.workspace = true
 mempool.workspace = true
-bedrock_client.workspace = true
+logos-blockchain-zone-sdk.workspace = true
 testnet_initial_state.workspace = true
 
 anyhow.workspace = true
@@ -30,7 +30,6 @@ rand.workspace = true
 borsh.workspace = true
 bytesize.workspace = true
 url.workspace = true
-jsonrpsee = { workspace = true, features = ["ws-client"] }
 
 [features]
 default = []
diff --git a/sequencer/core/src/block_publisher.rs b/sequencer/core/src/block_publisher.rs
new file mode 100644
index 00000000..9f4c8235
--- /dev/null
+++ b/sequencer/core/src/block_publisher.rs
@@ -0,0 +1,136 @@
+use std::{sync::Arc, time::Duration};
+
+use anyhow::{Context as _, Result, anyhow};
+use common::block::Block;
+use log::warn;
+pub use logos_blockchain_core::mantle::ops::channel::MsgId;
+pub use logos_blockchain_key_management_system_service::keys::Ed25519Key;
+pub use logos_blockchain_zone_sdk::sequencer::SequencerCheckpoint;
+use logos_blockchain_zone_sdk::{
+    CommonHttpClient,
+    adapter::NodeHttpClient,
+    sequencer::{Event, SequencerConfig as ZoneSdkSequencerConfig, SequencerHandle, ZoneSequencer},
+    state::InscriptionInfo,
+};
+use tokio::task::JoinHandle;
+
+use crate::config::BedrockConfig;
+
+/// Sink for `Event::Published` checkpoints emitted by the drive task.
+/// Caller is responsible for persistence (e.g. writing to rocksdb).
+pub type CheckpointSink = Box<dyn Fn(SequencerCheckpoint) + Send + Sync + 'static>;
+
+/// Sink for finalized L2 block ids derived from `Event::TxsFinalized` and
+/// `Event::FinalizedInscriptions`. Caller is responsible for cleanup
+/// (e.g. marking pending blocks as finalized in storage).
+pub type FinalizedBlockSink = Box<dyn Fn(u64) + Send + Sync + 'static>;
+
+#[expect(async_fn_in_trait, reason = "We don't care about Send/Sync here")]
+pub trait BlockPublisherTrait: Clone {
+    async fn new(
+        config: &BedrockConfig,
+        bedrock_signing_key: Ed25519Key,
+        resubmit_interval: Duration,
+        initial_checkpoint: Option<SequencerCheckpoint>,
+        on_checkpoint: CheckpointSink,
+        on_finalized_block: FinalizedBlockSink,
+    ) -> Result<Self>;
+
+    /// Fire-and-forget publish. Zone-sdk drives the actual submission and
+    /// retries internally; this just hands the payload off.
+    async fn publish_block(&self, block: &Block) -> Result<()>;
+}
+
+/// Real block publisher backed by zone-sdk's `ZoneSequencer`.
+#[derive(Clone)]
+pub struct ZoneSdkPublisher {
+    handle: SequencerHandle<NodeHttpClient>,
+    // Aborts the drive task when the last clone is dropped.
+    _drive_task: Arc<DriveTaskGuard>,
+}
+
+struct DriveTaskGuard(JoinHandle<()>);
+
+impl Drop for DriveTaskGuard {
+    fn drop(&mut self) {
+        self.0.abort();
+    }
+}
+
+impl BlockPublisherTrait for ZoneSdkPublisher {
+    async fn new(
+        config: &BedrockConfig,
+        bedrock_signing_key: Ed25519Key,
+        resubmit_interval: Duration,
+        initial_checkpoint: Option<SequencerCheckpoint>,
+        on_checkpoint: CheckpointSink,
+        on_finalized_block: FinalizedBlockSink,
+    ) -> Result<Self> {
+        let basic_auth = config.auth.clone().map(Into::into);
+        let node = NodeHttpClient::new(CommonHttpClient::new(basic_auth), config.node_url.clone());
+
+        let zone_sdk_config = ZoneSdkSequencerConfig {
+            resubmit_interval,
+            ..ZoneSdkSequencerConfig::default()
+        };
+
+        let (mut sequencer, mut handle) = ZoneSequencer::init_with_config(
+            config.channel_id,
+            bedrock_signing_key,
+            node,
+            zone_sdk_config,
+            initial_checkpoint,
+        );
+
+        let drive_task = tokio::spawn(async move {
+            loop {
+                let Some(event) = sequencer.next_event().await else {
+                    continue;
+                };
+                match event {
+                    Event::Published { checkpoint, .. } => on_checkpoint(checkpoint),
+                    Event::TxsFinalized { inscriptions, .. }
+                    | Event::FinalizedInscriptions { inscriptions } => {
+                        if let Some(max_block_id) = max_block_id_from_inscriptions(&inscriptions) {
+                            on_finalized_block(max_block_id);
+                        }
+                    }
+                    Event::ChannelUpdate { .. } | Event::Ready => {}
+                }
+            }
+        });
+
+        handle.wait_ready().await;
+
+        Ok(Self {
+            handle,
+            _drive_task: Arc::new(DriveTaskGuard(drive_task)),
+        })
+    }
+
+    async fn publish_block(&self, block: &Block) -> Result<()> {
+        let data = borsh::to_vec(block).context("Failed to serialize block")?;
+        self.handle
+            .publish_message(data)
+            .await
+            .map_err(|e| anyhow!("zone-sdk publish failed: {e}"))?;
+        Ok(())
+    }
+}
+
+/// Deserialize each inscription payload as a `Block` and return the highest
+/// `block_id`. Bad payloads are logged and skipped.
+fn max_block_id_from_inscriptions(inscriptions: &[InscriptionInfo]) -> Option<u64> {
+    inscriptions
+        .iter()
+        .filter_map(
+            |inscription| match borsh::from_slice::<Block>(&inscription.payload) {
+                Ok(block) => Some(block.header.block_id),
+                Err(err) => {
+                    warn!("Failed to deserialize finalized inscription as Block: {err:#}");
+                    None
+                }
+            },
+        )
+        .max()
+}
diff --git a/sequencer/core/src/block_settlement_client.rs b/sequencer/core/src/block_settlement_client.rs
deleted file mode 100644
index 6b32f8de..00000000
--- a/sequencer/core/src/block_settlement_client.rs
+++ /dev/null
@@ -1,116 +0,0 @@
-use anyhow::{Context as _, Result};
-use bedrock_client::BedrockClient;
-pub use common::block::Block;
-pub use logos_blockchain_core::mantle::{MantleTx, SignedMantleTx, ops::channel::MsgId};
-use logos_blockchain_core::mantle::{
-    Op, OpProof, Transaction as _,
-    ops::channel::{ChannelId, inscribe::InscriptionOp},
-};
-pub use logos_blockchain_key_management_system_service::keys::Ed25519Key;
-use logos_blockchain_key_management_system_service::keys::Ed25519PublicKey;
-
-use crate::config::BedrockConfig;
-
-#[expect(async_fn_in_trait, reason = "We don't care about Send/Sync here")]
-pub trait BlockSettlementClientTrait: Clone {
-    //// Create a new client.
-    fn new(config: &BedrockConfig, signing_key: Ed25519Key) -> Result<Self>;
-
-    /// Get the bedrock channel ID used by this client.
-    fn bedrock_channel_id(&self) -> ChannelId;
-
-    /// Get the bedrock signing key used by this client.
-    fn bedrock_signing_key(&self) -> &Ed25519Key;
-
-    /// Post a transaction to the node.
-    async fn submit_inscribe_tx_to_bedrock(&self, tx: SignedMantleTx) -> Result<()>;
-
-    /// Create and sign a transaction for inscribing data.
-    fn create_inscribe_tx(&self, block: &Block) -> Result<(SignedMantleTx, MsgId)> {
-        let inscription_data = borsh::to_vec(block)?;
-        log::debug!(
-            "The size of the block {} is {} bytes",
-            block.header.block_id,
-            inscription_data.len()
-        );
-        let verifying_key_bytes = self.bedrock_signing_key().public_key().to_bytes();
-        let verifying_key =
-            Ed25519PublicKey::from_bytes(&verifying_key_bytes).expect("valid ed25519 public key");
-
-        let inscribe_op = InscriptionOp {
-            channel_id: self.bedrock_channel_id(),
-            inscription: inscription_data,
-            parent: block.bedrock_parent_id.into(),
-            signer: verifying_key,
-        };
-        let inscribe_op_id = inscribe_op.id();
-
-        let inscribe_tx = MantleTx {
-            ops: vec![Op::ChannelInscribe(inscribe_op)],
-            // Altruistic test config
-            storage_gas_price: 0.into(),
-            execution_gas_price: 0.into(),
-        };
-
-        let tx_hash = inscribe_tx.hash();
-        let signature_bytes = self
-            .bedrock_signing_key()
-            .sign_payload(tx_hash.as_signing_bytes().as_ref())
-            .to_bytes();
-        let signature =
-            logos_blockchain_key_management_system_service::keys::Ed25519Signature::from_bytes(
-                &signature_bytes,
-            );
-
-        let signed_mantle_tx = SignedMantleTx {
-            ops_proofs: vec![OpProof::Ed25519Sig(signature)],
-            mantle_tx: inscribe_tx,
-        };
-        Ok((signed_mantle_tx, inscribe_op_id))
-    }
-}
-
-/// A component that posts block data to logos blockchain.
-#[derive(Clone)]
-pub struct BlockSettlementClient {
-    client: BedrockClient,
-    signing_key: Ed25519Key,
-    channel_id: ChannelId,
-}
-
-impl BlockSettlementClientTrait for BlockSettlementClient {
-    fn new(config: &BedrockConfig, signing_key: Ed25519Key) -> Result<Self> {
-        let client =
-            BedrockClient::new(config.backoff, config.node_url.clone(), config.auth.clone())
-                .context("Failed to initialize bedrock client")?;
-        Ok(Self {
-            client,
-            signing_key,
-            channel_id: config.channel_id,
-        })
-    }
-
-    async fn submit_inscribe_tx_to_bedrock(&self, tx: SignedMantleTx) -> Result<()> {
-        let (parent_id, msg_id) = match tx.mantle_tx.ops.first() {
-            Some(Op::ChannelInscribe(inscribe)) => (inscribe.parent, inscribe.id()),
-            _ => panic!("Expected ChannelInscribe op"),
-        };
-        self.client
-            .post_transaction(tx)
-            .await
-            .context("Failed to post transaction to Bedrock after retries")?
-            .context("Failed to post transaction to Bedrock with non-retryable error")?;
-
-        log::debug!("Posted block to Bedrock with parent id {parent_id:?} and msg id: {msg_id:?}");
-
-        Ok(())
-    }
-
-    fn bedrock_channel_id(&self) -> ChannelId {
-        self.channel_id
-    }
-
-    fn bedrock_signing_key(&self) -> &Ed25519Key {
-        &self.signing_key
-    }
-}
diff --git a/sequencer/core/src/block_store.rs b/sequencer/core/src/block_store.rs
index 7e47005d..e85b5d33 100644
--- a/sequencer/core/src/block_store.rs
+++ b/sequencer/core/src/block_store.rs
@@ -1,16 +1,17 @@
-use std::{collections::HashMap, path::Path};
+use std::{collections::HashMap, path::Path, sync::Arc};
 
-use anyhow::Result;
+use anyhow::{Context as _, Result};
 use common::{
     HashType,
     block::{Block, BlockMeta, MantleMsgId},
     transaction::NSSATransaction,
 };
+use logos_blockchain_zone_sdk::sequencer::SequencerCheckpoint;
 use nssa::V03State;
 use storage::{error::DbError, sequencer::RocksDBIO};
 
 pub struct SequencerStore {
-    dbio: RocksDBIO,
+    dbio: Arc<RocksDBIO>,
     // TODO: Consider adding the hashmap to the database for faster recovery.
     tx_hash_to_block_map: HashMap<HashType, u64>,
     genesis_id: u64,
@@ -30,7 +31,11 @@ impl SequencerStore {
     ) -> Result<Self> {
         let tx_hash_to_block_map = block_to_transactions_map(genesis_block);
 
-        let dbio = RocksDBIO::open_or_create(location, genesis_block, genesis_msg_id)?;
+        let dbio = Arc::new(RocksDBIO::open_or_create(
+            location,
+            genesis_block,
+            genesis_msg_id,
+        )?);
 
         let genesis_id = dbio.get_meta_first_block_in_db()?;
 
@@ -42,6 +47,14 @@ impl SequencerStore {
         })
     }
 
+    /// Shared handle to the underlying rocksdb. Used to persist the zone-sdk
+    /// checkpoint from the sequencer's drive task without needing &mut to the
+    /// store.
+    #[must_use]
+    pub fn dbio(&self) -> Arc<RocksDBIO> {
+        Arc::clone(&self.dbio)
+    }
+
     pub fn get_block_at_id(&self, id: u64) -> Result<Option<Block>, DbError> {
         self.dbio.get_block(id)
     }
@@ -55,6 +68,7 @@ impl SequencerStore {
     }
 
     /// Returns the transaction corresponding to the given hash, if it exists in the blockchain.
+    #[must_use]
     pub fn get_transaction_by_hash(&self, hash: HashType) -> Option<NSSATransaction> {
         let block_id = *self.tx_hash_to_block_map.get(&hash)?;
         let block = self
@@ -76,10 +90,12 @@ impl SequencerStore {
         Ok(self.dbio.latest_block_meta()?)
     }
 
+    #[must_use]
     pub const fn genesis_id(&self) -> u64 {
         self.genesis_id
     }
 
+    #[must_use]
     pub const fn signing_key(&self) -> &nssa::PrivateKey {
         &self.signing_key
     }
@@ -100,9 +116,26 @@ impl SequencerStore {
         Ok(())
     }
 
+    #[must_use]
     pub fn get_nssa_state(&self) -> Option<V03State> {
         self.dbio.get_nssa_state().ok()
     }
+
+    pub fn get_zone_checkpoint(&self) -> Result<Option<SequencerCheckpoint>> {
+        let Some(bytes) = self.dbio.get_zone_sdk_checkpoint_bytes()? else {
+            return Ok(None);
+        };
+        let checkpoint: SequencerCheckpoint = serde_json::from_slice(&bytes)
+            .context("Failed to deserialize stored zone-sdk checkpoint")?;
+        Ok(Some(checkpoint))
+    }
+
+    pub fn set_zone_checkpoint(&self, checkpoint: &SequencerCheckpoint) -> Result<()> {
+        let bytes =
+            serde_json::to_vec(checkpoint).context("Failed to serialize zone-sdk checkpoint")?;
+        self.dbio.put_zone_sdk_checkpoint_bytes(&bytes)?;
+        Ok(())
+    }
 }
 
 pub(crate) fn block_to_transactions_map(block: &Block) -> HashMap<HashType, u64> {
diff --git a/sequencer/core/src/config.rs b/sequencer/core/src/config.rs
index fa4a2fa7..b33dd694 100644
--- a/sequencer/core/src/config.rs
+++ b/sequencer/core/src/config.rs
@@ -6,7 +6,6 @@ use std::{
 };
 
 use anyhow::Result;
-use bedrock_client::BackoffConfig;
 use bytesize::ByteSize;
 use common::config::BasicAuth;
 use humantime_serde;
@@ -42,8 +41,6 @@ pub struct SequencerConfig {
     pub signing_key: [u8; 32],
     /// Bedrock configuration options.
     pub bedrock_config: BedrockConfig,
-    /// Indexer RPC URL.
-    pub indexer_rpc_url: Url,
     #[serde(skip_serializing_if = "Option::is_none")]
     pub initial_public_accounts: Option<Vec<PublicAccountPublicInitialData>>,
     #[serde(skip_serializing_if = "Option::is_none")]
@@ -52,9 +49,6 @@ pub struct SequencerConfig {
 
 #[derive(Clone, Serialize, Deserialize)]
 pub struct BedrockConfig {
-    /// Fibonacci backoff retry strategy configuration.
-    #[serde(default)]
-    pub backoff: BackoffConfig,
     /// Bedrock channel ID.
     pub channel_id: ChannelId,
     /// Bedrock Url.
diff --git a/sequencer/core/src/indexer_client.rs b/sequencer/core/src/indexer_client.rs
deleted file mode 100644
index 960b77a4..00000000
--- a/sequencer/core/src/indexer_client.rs
+++ /dev/null
@@ -1,34 +0,0 @@
-use std::{ops::Deref, sync::Arc};
-
-use anyhow::{Context as _, Result};
-use log::info;
-pub use url::Url;
-
-#[expect(async_fn_in_trait, reason = "We don't care about Send/Sync here")]
-pub trait IndexerClientTrait: Clone {
-    async fn new(indexer_url: &Url) -> Result<Self>;
-}
-
-#[derive(Clone)]
-pub struct IndexerClient(Arc<jsonrpsee::ws_client::WsClient>);
-
-impl IndexerClientTrait for IndexerClient {
-    async fn new(indexer_url: &Url) -> Result<Self> {
-        info!("Connecting to Indexer at {indexer_url}");
-
-        let client = jsonrpsee::ws_client::WsClientBuilder::default()
-            .build(indexer_url)
-            .await
-            .context("Failed to create websocket client")?;
-
-        Ok(Self(Arc::new(client)))
-    }
-}
-
-impl Deref for IndexerClient {
-    type Target = jsonrpsee::ws_client::WsClient;
-
-    fn deref(&self) -> &Self::Target {
-        &self.0
-    }
-}
diff --git a/sequencer/core/src/lib.rs b/sequencer/core/src/lib.rs
index 47037fbd..bce8151f 100644
--- a/sequencer/core/src/lib.rs
+++ b/sequencer/core/src/lib.rs
@@ -1,7 +1,6 @@
 use std::{path::Path, time::Instant};
 
 use anyhow::{Context as _, Result, anyhow};
-use bedrock_client::SignedMantleTx;
 #[cfg(feature = "testnet")]
 use common::PINATA_BASE58;
 use common::{
@@ -20,33 +19,27 @@ pub use storage::error::DbError;
 use testnet_initial_state::initial_state;
 
 use crate::{
-    block_settlement_client::{BlockSettlementClient, BlockSettlementClientTrait, MsgId},
+    block_publisher::{BlockPublisherTrait, ZoneSdkPublisher},
     block_store::SequencerStore,
-    indexer_client::{IndexerClient, IndexerClientTrait},
 };
 
-pub mod block_settlement_client;
+pub mod block_publisher;
 pub mod block_store;
 pub mod config;
-pub mod indexer_client;
 
 #[cfg(feature = "mock")]
 pub mod mock;
 
-pub struct SequencerCore<
-    BC: BlockSettlementClientTrait = BlockSettlementClient,
-    IC: IndexerClientTrait = IndexerClient,
-> {
+pub struct SequencerCore<BP: BlockPublisherTrait = ZoneSdkPublisher> {
     state: nssa::V03State,
     store: SequencerStore,
     mempool: MemPool<NSSATransaction>,
     sequencer_config: SequencerConfig,
     chain_height: u64,
-    block_settlement_client: BC,
-    indexer_client: IC,
+    block_publisher: BP,
 }
 
-impl<BC: BlockSettlementClientTrait, IC: IndexerClientTrait> SequencerCore<BC, IC> {
+impl<BP: BlockPublisherTrait> SequencerCore<BP> {
     /// Starts the sequencer using the provided configuration.
     /// If an existing database is found, the sequencer state is loaded from it and
     /// assumed to represent the correct latest state consistent with Bedrock-finalized data.
@@ -70,23 +63,16 @@ impl<BC: BlockSettlementClientTrait, IC: IndexerClientTrait> SequencerCore<BC, I
             load_or_create_signing_key(&config.home.join("bedrock_signing_key"))
                 .expect("Failed to load or create bedrock signing key");
 
-        let block_settlement_client = BC::new(&config.bedrock_config, bedrock_signing_key)
-            .expect("Failed to initialize Block Settlement Client");
-
-        let indexer_client = IC::new(&config.indexer_rpc_url)
-            .await
-            .expect("Failed to create Indexer Client");
-
-        let (_tx, genesis_msg_id) = block_settlement_client
-            .create_inscribe_tx(&genesis_block)
-            .expect("Failed to create inscribe tx for genesis block");
+        // TODO: Remove msg_id from BlockMeta — it is no longer needed now that
+        // zone-sdk manages L1 settlement state via its own checkpoint.
+        let genesis_msg_id = [0_u8; 32];
 
         // Sequencer should panic if unable to open db,
         // as fixing this issue may require actions non-native to program scope
         let store = SequencerStore::open_db_with_genesis(
             &config.home.join("rocksdb"),
             &genesis_block,
-            genesis_msg_id.into(),
+            genesis_msg_id,
             signing_key,
         )
         .unwrap();
@@ -94,6 +80,51 @@ impl<BC: BlockSettlementClientTrait, IC: IndexerClientTrait> SequencerCore<BC, I
             .latest_block_meta()
             .expect("Failed to read latest block meta from store");
 
+        let initial_checkpoint = store
+            .get_zone_checkpoint()
+            .expect("Failed to load zone-sdk checkpoint");
+        let is_fresh_start = initial_checkpoint.is_none();
+
+        let dbio_for_checkpoint = store.dbio();
+        let on_checkpoint: block_publisher::CheckpointSink = Box::new(move |cp| {
+            let bytes = match serde_json::to_vec(&cp) {
+                Ok(b) => b,
+                Err(err) => {
+                    error!("Failed to serialize zone-sdk checkpoint: {err:#}");
+                    return;
+                }
+            };
+            if let Err(err) = dbio_for_checkpoint.put_zone_sdk_checkpoint_bytes(&bytes) {
+                error!("Failed to persist zone-sdk checkpoint: {err:#}");
+            }
+        });
+
+        let dbio_for_finalized = store.dbio();
+        let on_finalized_block: block_publisher::FinalizedBlockSink = Box::new(move |block_id| {
+            if let Err(err) = dbio_for_finalized.clean_pending_blocks_up_to(block_id) {
+                error!("Failed to mark pending blocks finalized up to {block_id}: {err:#}");
+            }
+        });
+
+        let block_publisher = BP::new(
+            &config.bedrock_config,
+            bedrock_signing_key,
+            config.retry_pending_blocks_timeout,
+            initial_checkpoint,
+            on_checkpoint,
+            on_finalized_block,
+        )
+        .await
+        .expect("Failed to initialize Block Publisher");
+
+        // On a truly fresh start (no checkpoint persisted yet), publish the
+        // genesis block so the indexer can find the channel start. After the
+        // first publish, zone-sdk's checkpoint persistence covers further
+        // restarts.
+        if is_fresh_start && let Err(err) = block_publisher.publish_block(&genesis_block).await {
+            error!("Failed to publish genesis block: {err:#}");
+        }
+
         #[cfg_attr(not(feature = "testnet"), allow(unused_mut))]
         let mut state = if let Some(state) = store.get_nssa_state() {
             info!("Found local database. Loading state and pending blocks from it.");
@@ -110,6 +141,7 @@ impl<BC: BlockSettlementClientTrait, IC: IndexerClientTrait> SequencerCore<BC, I
                     .iter()
                     .map(|init_comm_data| {
                         let npk = &init_comm_data.npk;
+                        let account_id = nssa::AccountId::from((npk, 0));
 
                         let mut acc = init_comm_data.account.clone();
 
@@ -117,8 +149,8 @@ impl<BC: BlockSettlementClientTrait, IC: IndexerClientTrait> SequencerCore<BC, I
                             nssa::program::Program::authenticated_transfer_program().id();
 
                         (
-                            nssa_core::Commitment::new(npk, &acc),
-                            nssa_core::Nullifier::for_account_initialization(npk),
+                            nssa_core::Commitment::new(&account_id, &acc),
+                            nssa_core::Nullifier::for_account_initialization(&account_id),
                         )
                     })
                     .collect()
@@ -158,35 +190,33 @@ impl<BC: BlockSettlementClientTrait, IC: IndexerClientTrait> SequencerCore<BC, I
             mempool,
             chain_height: latest_block_meta.id,
             sequencer_config: config,
-            block_settlement_client,
-            indexer_client,
+            block_publisher,
         };
 
         (sequencer_core, mempool_handle)
     }
 
+    /// Produces a new block from mempool transactions and publishes it via zone-sdk.
     pub async fn produce_new_block(&mut self) -> Result<u64> {
-        let (tx, _msg_id) = self
-            .produce_new_block_with_mempool_transactions()
-            .context("Failed to produce new block with mempool transactions")?;
-        match self
-            .block_settlement_client
-            .submit_inscribe_tx_to_bedrock(tx)
-            .await
-        {
-            Ok(()) => {}
-            Err(err) => {
-                error!("Failed to post block data to Bedrock with error: {err:#}");
-            }
+        let block = self
+            .build_block_from_mempool()
+            .context("Failed to build block from mempool transactions")?;
+
+        // TODO: Remove msg_id from store.update — it is no longer needed now that
+        // zone-sdk manages L1 settlement state via its own checkpoint.
+        let placeholder_msg_id = [0_u8; 32];
+
+        if let Err(err) = self.block_publisher.publish_block(&block).await {
+            error!("Failed to publish block to Bedrock with error: {err:#}");
         }
+        self.store.update(&block, placeholder_msg_id, &self.state)?;
 
         Ok(self.chain_height)
     }
 
-    /// Produces new block from transactions in mempool and packs it into a `SignedMantleTx`.
-    pub fn produce_new_block_with_mempool_transactions(
-        &mut self,
-    ) -> Result<(SignedMantleTx, MsgId)> {
+    /// Builds a new block from transactions in the mempool.
+    /// Does NOT publish or store the block — the caller is responsible for that.
+    pub fn build_block_from_mempool(&mut self) -> Result<Block> {
         let now = Instant::now();
 
         let new_block_height = self.next_block_id();
@@ -276,21 +306,12 @@ impl<BC: BlockSettlementClientTrait, IC: IndexerClientTrait> SequencerCore<BC, I
             timestamp: new_block_timestamp,
         };
 
+        // TODO: Remove bedrock_parent_id from Block — it is no longer needed now
+        // that zone-sdk manages the inscription parent chain internally.
+        let placeholder_parent_id = [0_u8; 32];
         let block = hashable_data
             .clone()
-            .into_pending_block(self.store.signing_key(), latest_block_meta.msg_id);
-
-        let (tx, msg_id) = self
-            .block_settlement_client
-            .create_inscribe_tx(&block)
-            .with_context(|| {
-                format!(
-                    "Failed to create inscribe transaction for block with id {}",
-                    block.header.block_id
-                )
-            })?;
-
-        self.store.update(&block, msg_id.into(), &self.state)?;
+            .into_pending_block(self.store.signing_key(), placeholder_parent_id);
 
         self.chain_height = new_block_height;
 
@@ -299,7 +320,7 @@ impl<BC: BlockSettlementClientTrait, IC: IndexerClientTrait> SequencerCore<BC, I
             hashable_data.transactions.len(),
             now.elapsed().as_secs()
         );
-        Ok((tx, msg_id))
+        Ok(block)
     }
 
     pub const fn state(&self) -> &nssa::V03State {
@@ -318,22 +339,19 @@ impl<BC: BlockSettlementClientTrait, IC: IndexerClientTrait> SequencerCore<BC, I
         &self.sequencer_config
     }
 
-    /// Deletes finalized blocks from the sequencer's pending block list.
-    /// This method must be called when new blocks are finalized on Bedrock.
-    /// All pending blocks with an ID less than or equal to `last_finalized_block_id`
-    /// are removed from the database.
-    pub fn clean_finalized_blocks_from_db(&mut self, last_finalized_block_id: u64) -> Result<()> {
-        self.get_pending_blocks()?
-            .iter()
-            .map(|block| block.header.block_id)
-            .min()
-            .map_or(Ok(()), |first_pending_block_id| {
-                info!("Clearing pending blocks up to id: {last_finalized_block_id}");
-                // TODO: Delete blocks instead of marking them as finalized.
-                // Current approach is used because we still have `GetBlockDataRequest`.
-                (first_pending_block_id..=last_finalized_block_id)
-                    .try_for_each(|id| self.store.mark_block_as_finalized(id))
-            })
+    /// Marks all pending blocks with `block_id <= last_finalized_block_id` as
+    /// finalized. Idempotent. Production callers don't invoke this directly —
+    /// it's wired up in `start_from_config` to the publisher's
+    /// `on_finalized_block` sink, which fires on `Event::TxsFinalized` /
+    /// `Event::FinalizedInscriptions`. Kept on the type for tests.
+    // TODO: Delete blocks instead of marking them as finalized. Current
+    // approach is used because we still have `GetBlockDataRequest`.
+    pub fn clean_finalized_blocks_from_db(&self, last_finalized_block_id: u64) -> Result<()> {
+        info!("Clearing pending blocks up to id: {last_finalized_block_id}");
+        self.store
+            .dbio()
+            .clean_pending_blocks_up_to(last_finalized_block_id)?;
+        Ok(())
     }
 
     /// Returns the list of stored pending blocks.
@@ -347,12 +365,8 @@ impl<BC: BlockSettlementClientTrait, IC: IndexerClientTrait> SequencerCore<BC, I
             .collect())
     }
 
-    pub fn block_settlement_client(&self) -> BC {
-        self.block_settlement_client.clone()
-    }
-
-    pub fn indexer_client(&self) -> IC {
-        self.indexer_client.clone()
+    pub fn block_publisher(&self) -> BP {
+        self.block_publisher.clone()
     }
 
     fn next_block_id(&self) -> u64 {
@@ -391,7 +405,6 @@ mod tests {
 
     use std::{pin::pin, time::Duration};
 
-    use bedrock_client::BackoffConfig;
     use common::{
         test_utils::sequencer_sign_key_for_testing,
         transaction::{NSSATransaction, clock_invocation},
@@ -419,16 +432,11 @@ mod tests {
             block_create_timeout: Duration::from_secs(1),
             signing_key: *sequencer_sign_key_for_testing().value(),
             bedrock_config: BedrockConfig {
-                backoff: BackoffConfig {
-                    start_delay: Duration::from_millis(100),
-                    max_retries: 5,
-                },
                 channel_id: ChannelId::from([0; 32]),
                 node_url: "http://not-used-in-unit-tests".parse().unwrap(),
                 auth: None,
             },
             retry_pending_blocks_timeout: Duration::from_mins(4),
-            indexer_rpc_url: "ws://localhost:8779".parse().unwrap(),
             initial_public_accounts: None,
             initial_private_accounts: None,
         }
@@ -456,9 +464,7 @@ mod tests {
         let tx = common::test_utils::produce_dummy_empty_transaction();
         mempool_handle.push(tx).await.unwrap();
 
-        sequencer
-            .produce_new_block_with_mempool_transactions()
-            .unwrap();
+        sequencer.produce_new_block().await.unwrap();
 
         (sequencer, mempool_handle)
     }
@@ -603,23 +609,21 @@ mod tests {
         assert!(poll.is_pending());
 
         // Empty the mempool by producing a block
-        sequencer
-            .produce_new_block_with_mempool_transactions()
-            .unwrap();
+        sequencer.produce_new_block().await.unwrap();
 
         // Resolve the pending push
         assert!(push_fut.await.is_ok());
     }
 
     #[tokio::test]
-    async fn produce_new_block_with_mempool_transactions() {
+    async fn build_block_from_mempool() {
         let (mut sequencer, mempool_handle) = common_setup().await;
         let genesis_height = sequencer.chain_height;
 
         let tx = common::test_utils::produce_dummy_empty_transaction();
         mempool_handle.push(tx).await.unwrap();
 
-        let result = sequencer.produce_new_block_with_mempool_transactions();
+        let result = sequencer.build_block_from_mempool();
         assert!(result.is_ok());
         assert_eq!(sequencer.chain_height, genesis_height + 1);
     }
@@ -644,9 +648,7 @@ mod tests {
         mempool_handle.push(tx_replay).await.unwrap();
 
         // Create block
-        sequencer
-            .produce_new_block_with_mempool_transactions()
-            .unwrap();
+        sequencer.produce_new_block().await.unwrap();
         let block = sequencer
             .store
             .get_block_at_id(sequencer.chain_height)
@@ -678,9 +680,7 @@ mod tests {
 
         // The transaction should be included the first time
         mempool_handle.push(tx.clone()).await.unwrap();
-        sequencer
-            .produce_new_block_with_mempool_transactions()
-            .unwrap();
+        sequencer.produce_new_block().await.unwrap();
         let block = sequencer
             .store
             .get_block_at_id(sequencer.chain_height)
@@ -696,9 +696,7 @@ mod tests {
 
         // Add same transaction should fail
         mempool_handle.push(tx.clone()).await.unwrap();
-        sequencer
-            .produce_new_block_with_mempool_transactions()
-            .unwrap();
+        sequencer.produce_new_block().await.unwrap();
         let block = sequencer
             .store
             .get_block_at_id(sequencer.chain_height)
@@ -737,9 +735,7 @@ mod tests {
             );
 
             mempool_handle.push(tx.clone()).await.unwrap();
-            sequencer
-                .produce_new_block_with_mempool_transactions()
-                .unwrap();
+            sequencer.produce_new_block().await.unwrap();
             let block = sequencer
                 .store
                 .get_block_at_id(sequencer.chain_height)
@@ -777,15 +773,9 @@ mod tests {
         let config = setup_sequencer_config();
         let (mut sequencer, _mempool_handle) =
             SequencerCoreWithMockClients::start_from_config(config).await;
-        sequencer
-            .produce_new_block_with_mempool_transactions()
-            .unwrap();
-        sequencer
-            .produce_new_block_with_mempool_transactions()
-            .unwrap();
-        sequencer
-            .produce_new_block_with_mempool_transactions()
-            .unwrap();
+        sequencer.produce_new_block().await.unwrap();
+        sequencer.produce_new_block().await.unwrap();
+        sequencer.produce_new_block().await.unwrap();
         assert_eq!(sequencer.get_pending_blocks().unwrap().len(), 4);
     }
 
@@ -794,15 +784,9 @@ mod tests {
         let config = setup_sequencer_config();
         let (mut sequencer, _mempool_handle) =
             SequencerCoreWithMockClients::start_from_config(config).await;
-        sequencer
-            .produce_new_block_with_mempool_transactions()
-            .unwrap();
-        sequencer
-            .produce_new_block_with_mempool_transactions()
-            .unwrap();
-        sequencer
-            .produce_new_block_with_mempool_transactions()
-            .unwrap();
+        sequencer.produce_new_block().await.unwrap();
+        sequencer.produce_new_block().await.unwrap();
+        sequencer.produce_new_block().await.unwrap();
 
         let last_finalized_block = 3;
         sequencer
@@ -835,9 +819,7 @@ mod tests {
             );
 
             mempool_handle.push(tx).await.unwrap();
-            sequencer
-                .produce_new_block_with_mempool_transactions()
-                .unwrap();
+            sequencer.produce_new_block().await.unwrap();
 
             // Get the metadata of the last block produced
             sequencer.store.latest_block_meta().unwrap()
@@ -860,9 +842,7 @@ mod tests {
         mempool_handle.push(tx.clone()).await.unwrap();
 
         // Step 4: Produce new block
-        sequencer
-            .produce_new_block_with_mempool_transactions()
-            .unwrap();
+        sequencer.produce_new_block().await.unwrap();
 
         // Step 5: Verify the new block has correct previous block metadata
         let new_block = sequencer
@@ -875,10 +855,6 @@ mod tests {
             new_block.header.prev_block_hash, expected_prev_meta.hash,
             "New block's prev_block_hash should match the stored metadata hash"
         );
-        assert_eq!(
-            new_block.bedrock_parent_id, expected_prev_meta.msg_id,
-            "New block's bedrock_parent_id should match the stored metadata msg_id"
-        );
         assert_eq!(
             new_block.body.transactions,
             vec![
@@ -913,9 +889,7 @@ mod tests {
             .await
             .unwrap();
         mempool_handle.push(crafted_clock_tx).await.unwrap();
-        sequencer
-            .produce_new_block_with_mempool_transactions()
-            .unwrap();
+        sequencer.produce_new_block().await.unwrap();
 
         let block = sequencer
             .store
@@ -948,15 +922,11 @@ mod tests {
             // Produce multiple blocks to advance chain height
             let tx = common::test_utils::produce_dummy_empty_transaction();
             mempool_handle.push(tx).await.unwrap();
-            sequencer
-                .produce_new_block_with_mempool_transactions()
-                .unwrap();
+            sequencer.produce_new_block().await.unwrap();
 
             let tx = common::test_utils::produce_dummy_empty_transaction();
             mempool_handle.push(tx).await.unwrap();
-            sequencer
-                .produce_new_block_with_mempool_transactions()
-                .unwrap();
+            sequencer.produce_new_block().await.unwrap();
 
             // Return the current chain height (should be genesis_id + 2)
             sequencer.chain_height
@@ -993,9 +963,7 @@ mod tests {
                 ),
             ));
         mempool_handle.push(deploy_tx).await.unwrap();
-        sequencer
-            .produce_new_block_with_mempool_transactions()
-            .unwrap();
+        sequencer.produce_new_block().await.unwrap();
 
         // Build a user transaction that invokes clock_chain_caller, which in turn chain-calls the
         // clock program with the clock accounts. The sequencer should detect that the resulting
@@ -1020,9 +988,7 @@ mod tests {
         ));
 
         mempool_handle.push(user_tx).await.unwrap();
-        sequencer
-            .produce_new_block_with_mempool_transactions()
-            .unwrap();
+        sequencer.produce_new_block().await.unwrap();
 
         let block = sequencer
             .store
@@ -1056,7 +1022,7 @@ mod tests {
         mempool_handle.push(tx).await.unwrap();
 
         // Block production must fail because the appended clock tx cannot execute.
-        let result = sequencer.produce_new_block_with_mempool_transactions();
+        let result = sequencer.produce_new_block().await;
         assert!(
             result.is_err(),
             "Block production should abort when clock account data is corrupted"
@@ -1075,7 +1041,7 @@ mod tests {
             program::Program,
         };
         use nssa_core::{
-            SharedSecretKey,
+            InputAccountIdentity, SharedSecretKey,
             account::AccountWithMetadata,
             encryption::{EphemeralPublicKey, EphemeralSecretKey, ViewingPublicKey},
         };
@@ -1107,12 +1073,17 @@ mod tests {
         let epk = EphemeralPublicKey::from_scalar(esk);
 
         let (output, proof) = execute_and_prove(
-            vec![AccountWithMetadata::new(Account::default(), true, &npk)],
+            vec![AccountWithMetadata::new(
+                Account::default(),
+                true,
+                (&npk, 0),
+            )],
             Program::serialize_instruction(0_u128).unwrap(),
-            vec![1],
-            vec![(npk, shared_secret)],
-            vec![nsk],
-            vec![None],
+            vec![InputAccountIdentity::PrivateAuthorizedInit {
+                ssk: shared_secret,
+                nsk,
+                identifier: 0,
+            }],
             &Program::authenticated_transfer_program().into(),
         )
         .unwrap();
diff --git a/sequencer/core/src/mock.rs b/sequencer/core/src/mock.rs
index 45a682e2..ebe6ea5d 100644
--- a/sequencer/core/src/mock.rs
+++ b/sequencer/core/src/mock.rs
@@ -1,76 +1,34 @@
-use anyhow::{Result, anyhow};
-use bedrock_client::SignedMantleTx;
-use logos_blockchain_core::mantle::ops::channel::ChannelId;
+use std::time::Duration;
+
+use anyhow::Result;
+use common::block::Block;
 use logos_blockchain_key_management_system_service::keys::Ed25519Key;
-use url::Url;
 
 use crate::{
-    block_settlement_client::BlockSettlementClientTrait, config::BedrockConfig,
-    indexer_client::IndexerClientTrait,
+    block_publisher::{
+        BlockPublisherTrait, CheckpointSink, FinalizedBlockSink, SequencerCheckpoint,
+    },
+    config::BedrockConfig,
 };
 
-pub type SequencerCoreWithMockClients =
-    crate::SequencerCore<MockBlockSettlementClient, MockIndexerClient>;
+pub type SequencerCoreWithMockClients = crate::SequencerCore<MockBlockPublisher>;
 
 #[derive(Clone)]
-pub struct MockBlockSettlementClient {
-    bedrock_channel_id: ChannelId,
-    bedrock_signing_key: Ed25519Key,
-}
+pub struct MockBlockPublisher;
 
-impl BlockSettlementClientTrait for MockBlockSettlementClient {
-    fn new(config: &BedrockConfig, signing_key: Ed25519Key) -> Result<Self> {
-        Ok(Self {
-            bedrock_channel_id: config.channel_id,
-            bedrock_signing_key: signing_key,
-        })
+impl BlockPublisherTrait for MockBlockPublisher {
+    async fn new(
+        _config: &BedrockConfig,
+        _bedrock_signing_key: Ed25519Key,
+        _resubmit_interval: Duration,
+        _initial_checkpoint: Option<SequencerCheckpoint>,
+        _on_checkpoint: CheckpointSink,
+        _on_finalized_block: FinalizedBlockSink,
+    ) -> Result<Self> {
+        Ok(Self)
     }
 
-    fn bedrock_channel_id(&self) -> ChannelId {
-        self.bedrock_channel_id
-    }
-
-    fn bedrock_signing_key(&self) -> &Ed25519Key {
-        &self.bedrock_signing_key
-    }
-
-    async fn submit_inscribe_tx_to_bedrock(&self, _tx: SignedMantleTx) -> Result<()> {
+    async fn publish_block(&self, _block: &Block) -> Result<()> {
         Ok(())
     }
 }
-
-#[derive(Clone)]
-pub struct MockBlockSettlementClientWithError {
-    bedrock_channel_id: ChannelId,
-    bedrock_signing_key: Ed25519Key,
-}
-
-impl BlockSettlementClientTrait for MockBlockSettlementClientWithError {
-    fn new(config: &BedrockConfig, signing_key: Ed25519Key) -> Result<Self> {
-        Ok(Self {
-            bedrock_channel_id: config.channel_id,
-            bedrock_signing_key: signing_key,
-        })
-    }
-
-    fn bedrock_channel_id(&self) -> ChannelId {
-        self.bedrock_channel_id
-    }
-
-    fn bedrock_signing_key(&self) -> &Ed25519Key {
-        &self.bedrock_signing_key
-    }
-
-    async fn submit_inscribe_tx_to_bedrock(&self, _tx: SignedMantleTx) -> Result<()> {
-        Err(anyhow!("Mock error"))
-    }
-}
-
-#[derive(Copy, Clone)]
-pub struct MockIndexerClient;
-
-impl IndexerClientTrait for MockIndexerClient {
-    async fn new(_indexer_url: &Url) -> Result<Self> {
-        Ok(Self)
-    }
-}
diff --git a/sequencer/service/Cargo.toml b/sequencer/service/Cargo.toml
index 6fee808c..beed6be2 100644
--- a/sequencer/service/Cargo.toml
+++ b/sequencer/service/Cargo.toml
@@ -14,7 +14,6 @@ mempool.workspace = true
 sequencer_core = { workspace = true, features = ["testnet"] }
 sequencer_service_protocol.workspace = true
 sequencer_service_rpc = { workspace = true, features = ["server"] }
-indexer_service_rpc = { workspace = true, features = ["client"] }
 
 clap = { workspace = true, features = ["derive", "env"] }
 anyhow.workspace = true
diff --git a/sequencer/service/src/lib.rs b/sequencer/service/src/lib.rs
index 5373b31f..319b75ad 100644
--- a/sequencer/service/src/lib.rs
+++ b/sequencer/service/src/lib.rs
@@ -5,15 +5,13 @@ use bytesize::ByteSize;
 use common::transaction::NSSATransaction;
 use futures::never::Never;
 use jsonrpsee::server::ServerHandle;
-#[cfg(not(feature = "standalone"))]
-use log::warn;
 use log::{error, info};
 use mempool::MemPoolHandle;
+#[cfg(not(feature = "standalone"))]
+use sequencer_core::SequencerCore;
 #[cfg(feature = "standalone")]
 use sequencer_core::SequencerCoreWithMockClients as SequencerCore;
 pub use sequencer_core::config::*;
-#[cfg(not(feature = "standalone"))]
-use sequencer_core::{SequencerCore, block_settlement_client::BlockSettlementClientTrait as _};
 use sequencer_service_rpc::RpcServer as _;
 use tokio::{sync::Mutex, task::JoinHandle};
 
@@ -29,8 +27,6 @@ pub struct SequencerHandle {
     /// Option because of `Drop` which forbids to simply move out of `self` in `stopped()`.
     server_handle: Option<ServerHandle>,
     main_loop_handle: JoinHandle<Result<Never>>,
-    retry_pending_blocks_loop_handle: JoinHandle<Result<Never>>,
-    listen_for_bedrock_blocks_loop_handle: JoinHandle<Result<Never>>,
 }
 
 impl SequencerHandle {
@@ -38,15 +34,11 @@ impl SequencerHandle {
         addr: SocketAddr,
         server_handle: ServerHandle,
         main_loop_handle: JoinHandle<Result<Never>>,
-        retry_pending_blocks_loop_handle: JoinHandle<Result<Never>>,
-        listen_for_bedrock_blocks_loop_handle: JoinHandle<Result<Never>>,
     ) -> Self {
         Self {
             addr,
             server_handle: Some(server_handle),
             main_loop_handle,
-            retry_pending_blocks_loop_handle,
-            listen_for_bedrock_blocks_loop_handle,
         }
     }
 
@@ -60,8 +52,6 @@ impl SequencerHandle {
             addr: _,
             server_handle,
             main_loop_handle,
-            retry_pending_blocks_loop_handle,
-            listen_for_bedrock_blocks_loop_handle,
         } = &mut self;
 
         let server_handle = server_handle.take().expect("Server handle is set");
@@ -75,16 +65,6 @@ impl SequencerHandle {
                    .context("Main loop task panicked")?
                    .context("Main loop exited unexpectedly")
             }
-            res = retry_pending_blocks_loop_handle => {
-                res
-                   .context("Retry pending blocks loop task panicked")?
-                   .context("Retry pending blocks loop exited unexpectedly")
-            }
-            res = listen_for_bedrock_blocks_loop_handle => {
-                res
-                   .context("Listen for bedrock blocks loop task panicked")?
-                   .context("Listen for bedrock blocks loop exited unexpectedly")
-            }
         }
     }
 
@@ -98,14 +78,10 @@ impl SequencerHandle {
             addr: _,
             server_handle,
             main_loop_handle,
-            retry_pending_blocks_loop_handle,
-            listen_for_bedrock_blocks_loop_handle,
         } = self;
 
         let stopped = server_handle.as_ref().is_none_or(ServerHandle::is_stopped)
-            || main_loop_handle.is_finished()
-            || retry_pending_blocks_loop_handle.is_finished()
-            || listen_for_bedrock_blocks_loop_handle.is_finished();
+            || main_loop_handle.is_finished();
         !stopped
     }
 
@@ -121,13 +97,9 @@ impl Drop for SequencerHandle {
             addr: _,
             server_handle,
             main_loop_handle,
-            retry_pending_blocks_loop_handle,
-            listen_for_bedrock_blocks_loop_handle,
         } = self;
 
         main_loop_handle.abort();
-        retry_pending_blocks_loop_handle.abort();
-        listen_for_bedrock_blocks_loop_handle.abort();
 
         let Some(handle) = server_handle else {
             return;
@@ -141,7 +113,6 @@ impl Drop for SequencerHandle {
 
 pub async fn run(config: SequencerConfig, port: u16) -> Result<SequencerHandle> {
     let block_timeout = config.block_create_timeout;
-    let retry_pending_blocks_timeout = config.retry_pending_blocks_timeout;
     let max_block_size = config.max_block_size;
 
     let (sequencer_core, mempool_handle) = SequencerCore::start_from_config(config).await;
@@ -159,34 +130,10 @@ pub async fn run(config: SequencerConfig, port: u16) -> Result<SequencerHandle>
     .await?;
     info!("RPC server started");
 
-    #[cfg(not(feature = "standalone"))]
-    {
-        info!("Submitting stored pending blocks");
-        retry_pending_blocks(&seq_core_wrapped)
-            .await
-            .expect("Failed to submit pending blocks on startup");
-    }
-
     info!("Starting main sequencer loop");
-    let main_loop_handle = tokio::spawn(main_loop(Arc::clone(&seq_core_wrapped), block_timeout));
+    let main_loop_handle = tokio::spawn(main_loop(seq_core_wrapped, block_timeout));
 
-    info!("Starting pending block retry loop");
-    let retry_pending_blocks_loop_handle = tokio::spawn(retry_pending_blocks_loop(
-        Arc::clone(&seq_core_wrapped),
-        retry_pending_blocks_timeout,
-    ));
-
-    info!("Starting bedrock block listening loop");
-    let listen_for_bedrock_blocks_loop_handle =
-        tokio::spawn(listen_for_bedrock_blocks_loop(seq_core_wrapped));
-
-    Ok(SequencerHandle::new(
-        addr,
-        server_handle,
-        main_loop_handle,
-        retry_pending_blocks_loop_handle,
-        listen_for_bedrock_blocks_loop_handle,
-    ))
+    Ok(SequencerHandle::new(addr, server_handle, main_loop_handle))
 }
 
 async fn run_server(
@@ -235,118 +182,3 @@ async fn main_loop(seq_core: Arc<Mutex<SequencerCore>>, block_timeout: Duration)
         info!("Waiting for new transactions");
     }
 }
-
-#[cfg(not(feature = "standalone"))]
-async fn retry_pending_blocks(seq_core: &Arc<Mutex<SequencerCore>>) -> Result<()> {
-    use std::time::Instant;
-
-    use log::debug;
-
-    let (mut pending_blocks, block_settlement_client) = {
-        let sequencer_core = seq_core.lock().await;
-        let client = sequencer_core.block_settlement_client();
-        let pending_blocks = sequencer_core
-            .get_pending_blocks()
-            .expect("Sequencer should be able to retrieve pending blocks");
-        (pending_blocks, client)
-    };
-
-    pending_blocks.sort_by(|block1, block2| block1.header.block_id.cmp(&block2.header.block_id));
-
-    if !pending_blocks.is_empty() {
-        info!(
-            "Resubmitting blocks from {} to {}",
-            pending_blocks.first().unwrap().header.block_id,
-            pending_blocks.last().unwrap().header.block_id
-        );
-    }
-
-    for block in &pending_blocks {
-        debug!(
-            "Resubmitting pending block with id {}",
-            block.header.block_id
-        );
-        // TODO: We could cache the inscribe tx for each pending block to avoid re-creating it
-        // on every retry.
-        let now = Instant::now();
-        let (tx, _msg_id) = block_settlement_client
-            .create_inscribe_tx(block)
-            .context("Failed to create inscribe tx for pending block")?;
-
-        debug!("Create inscribe: {:?}", now.elapsed());
-
-        let now = Instant::now();
-        if let Err(e) = block_settlement_client
-            .submit_inscribe_tx_to_bedrock(tx)
-            .await
-        {
-            warn!(
-                "Failed to resubmit block with id {} with error {e:#}",
-                block.header.block_id
-            );
-        }
-        debug!("Post: {:?}", now.elapsed());
-    }
-    Ok(())
-}
-
-#[cfg(not(feature = "standalone"))]
-async fn retry_pending_blocks_loop(
-    seq_core: Arc<Mutex<SequencerCore>>,
-    retry_pending_blocks_timeout: Duration,
-) -> Result<Never> {
-    loop {
-        tokio::time::sleep(retry_pending_blocks_timeout).await;
-        retry_pending_blocks(&seq_core).await?;
-    }
-}
-
-#[cfg(not(feature = "standalone"))]
-async fn listen_for_bedrock_blocks_loop(seq_core: Arc<Mutex<SequencerCore>>) -> Result<Never> {
-    use indexer_service_rpc::RpcClient as _;
-
-    let indexer_client = seq_core.lock().await.indexer_client();
-
-    let retry_delay = Duration::from_secs(5);
-
-    loop {
-        // TODO: Subscribe from the first pending block ID?
-        let mut subscription = indexer_client
-            .subscribe_to_finalized_blocks()
-            .await
-            .context("Failed to subscribe to finalized blocks")?;
-
-        while let Some(block_id) = subscription.next().await {
-            let block_id = block_id.context("Failed to get next block from subscription")?;
-
-            info!("Received new L2 block with ID {block_id}");
-
-            seq_core
-                .lock()
-                .await
-                .clean_finalized_blocks_from_db(block_id)
-                .with_context(|| {
-                    format!("Failed to clean finalized blocks from DB for block ID {block_id}")
-                })?;
-        }
-
-        warn!(
-            "Block subscription closed unexpectedly, reason: {:?}, retrying after {retry_delay:?}",
-            subscription.close_reason()
-        );
-        tokio::time::sleep(retry_delay).await;
-    }
-}
-
-#[cfg(feature = "standalone")]
-async fn listen_for_bedrock_blocks_loop(_seq_core: Arc<Mutex<SequencerCore>>) -> Result<Never> {
-    std::future::pending::<Result<Never>>().await
-}
-
-#[cfg(feature = "standalone")]
-async fn retry_pending_blocks_loop(
-    _seq_core: Arc<Mutex<SequencerCore>>,
-    _retry_pending_blocks_timeout: Duration,
-) -> Result<Never> {
-    std::future::pending::<Result<Never>>().await
-}
diff --git a/sequencer/service/src/service.rs b/sequencer/service/src/service.rs
index 71645363..0bb8e1dd 100644
--- a/sequencer/service/src/service.rs
+++ b/sequencer/service/src/service.rs
@@ -8,10 +8,7 @@ use jsonrpsee::{
 use log::warn;
 use mempool::MemPoolHandle;
 use nssa::{self, program::Program};
-use sequencer_core::{
-    DbError, SequencerCore, block_settlement_client::BlockSettlementClientTrait,
-    indexer_client::IndexerClientTrait,
-};
+use sequencer_core::{DbError, SequencerCore, block_publisher::BlockPublisherTrait};
 use sequencer_service_protocol::{
     Account, AccountId, Block, BlockId, Commitment, HashType, MembershipProof, Nonce, ProgramId,
 };
@@ -19,15 +16,15 @@ use tokio::sync::Mutex;
 
 const NOT_FOUND_ERROR_CODE: i32 = -31999;
 
-pub struct SequencerService<BC: BlockSettlementClientTrait, IC: IndexerClientTrait> {
-    sequencer: Arc<Mutex<SequencerCore<BC, IC>>>,
+pub struct SequencerService<BC: BlockPublisherTrait> {
+    sequencer: Arc<Mutex<SequencerCore<BC>>>,
     mempool_handle: MemPoolHandle<NSSATransaction>,
     max_block_size: u64,
 }
 
-impl<BC: BlockSettlementClientTrait, IC: IndexerClientTrait> SequencerService<BC, IC> {
+impl<BC: BlockPublisherTrait> SequencerService<BC> {
     pub const fn new(
-        sequencer: Arc<Mutex<SequencerCore<BC, IC>>>,
+        sequencer: Arc<Mutex<SequencerCore<BC>>>,
         mempool_handle: MemPoolHandle<NSSATransaction>,
         max_block_size: u64,
     ) -> Self {
@@ -40,8 +37,8 @@ impl<BC: BlockSettlementClientTrait, IC: IndexerClientTrait> SequencerService<BC
 }
 
 #[async_trait]
-impl<BC: BlockSettlementClientTrait + Send + 'static, IC: IndexerClientTrait + Send + 'static>
-    sequencer_service_rpc::RpcServer for SequencerService<BC, IC>
+impl<BC: BlockPublisherTrait + Send + 'static> sequencer_service_rpc::RpcServer
+    for SequencerService<BC>
 {
     async fn send_transaction(&self, tx: NSSATransaction) -> Result<HashType, ErrorObjectOwned> {
         // Reserve ~200 bytes for block header overhead
diff --git a/storage/src/indexer/indexer_cells.rs b/storage/src/indexer/indexer_cells.rs
index 76a2c035..615902bd 100644
--- a/storage/src/indexer/indexer_cells.rs
+++ b/storage/src/indexer/indexer_cells.rs
@@ -8,7 +8,8 @@ use crate::{
     indexer::{
         ACC_NUM_CELL_NAME, BLOCK_HASH_CELL_NAME, BREAKPOINT_CELL_NAME, CF_ACC_META,
         CF_BREAKPOINT_NAME, CF_HASH_TO_ID, CF_TX_TO_ID, DB_META_LAST_BREAKPOINT_ID,
-        DB_META_LAST_OBSERVED_L1_LIB_HEADER_ID_IN_DB_KEY, TX_HASH_CELL_NAME,
+        DB_META_LAST_OBSERVED_L1_LIB_HEADER_ID_IN_DB_KEY, DB_META_ZONE_SDK_INDEXER_CURSOR_KEY,
+        TX_HASH_CELL_NAME,
     },
 };
 
@@ -211,6 +212,41 @@ impl SimpleWritableCell for AccNumTxCell {
     }
 }
 
+/// Opaque bytes for the zone-sdk indexer cursor `Option<(MsgId, Slot)>`.
+/// The caller serializes via `serde_json` (neither type derives borsh).
+#[derive(BorshDeserialize)]
+pub struct ZoneSdkIndexerCursorCellOwned(pub Vec<u8>);
+
+impl SimpleStorableCell for ZoneSdkIndexerCursorCellOwned {
+    type KeyParams = ();
+
+    const CELL_NAME: &'static str = DB_META_ZONE_SDK_INDEXER_CURSOR_KEY;
+    const CF_NAME: &'static str = CF_META_NAME;
+}
+
+impl SimpleReadableCell for ZoneSdkIndexerCursorCellOwned {}
+
+#[derive(BorshSerialize)]
+pub struct ZoneSdkIndexerCursorCellRef<'bytes>(pub &'bytes [u8]);
+
+impl SimpleStorableCell for ZoneSdkIndexerCursorCellRef<'_> {
+    type KeyParams = ();
+
+    const CELL_NAME: &'static str = DB_META_ZONE_SDK_INDEXER_CURSOR_KEY;
+    const CF_NAME: &'static str = CF_META_NAME;
+}
+
+impl SimpleWritableCell for ZoneSdkIndexerCursorCellRef<'_> {
+    fn value_constructor(&self) -> DbResult<Vec<u8>> {
+        borsh::to_vec(&self).map_err(|err| {
+            DbError::borsh_cast_message(
+                err,
+                Some("Failed to serialize zone-sdk indexer cursor cell".to_owned()),
+            )
+        })
+    }
+}
+
 #[cfg(test)]
 mod uniform_tests {
     use crate::{
diff --git a/storage/src/indexer/mod.rs b/storage/src/indexer/mod.rs
index 7ef21258..75538835 100644
--- a/storage/src/indexer/mod.rs
+++ b/storage/src/indexer/mod.rs
@@ -22,6 +22,8 @@ pub const DB_META_LAST_OBSERVED_L1_LIB_HEADER_ID_IN_DB_KEY: &str =
     "last_observed_l1_lib_header_in_db";
 /// Key base for storing metainformation about the last breakpoint.
 pub const DB_META_LAST_BREAKPOINT_ID: &str = "last_breakpoint_id";
+/// Key base for storing the zone-sdk indexer cursor (opaque bytes).
+pub const DB_META_ZONE_SDK_INDEXER_CURSOR_KEY: &str = "zone_sdk_indexer_cursor";
 
 /// Cell name for a breakpoint.
 pub const BREAKPOINT_CELL_NAME: &str = "breakpoint";
diff --git a/storage/src/indexer/read_once.rs b/storage/src/indexer/read_once.rs
index b1ae0ada..8ab7fd23 100644
--- a/storage/src/indexer/read_once.rs
+++ b/storage/src/indexer/read_once.rs
@@ -4,7 +4,7 @@ use crate::{
     cells::shared_cells::{BlockCell, FirstBlockCell, FirstBlockSetCell, LastBlockCell},
     indexer::indexer_cells::{
         AccNumTxCell, BlockHashToBlockIdMapCell, BreakpointCellOwned, LastBreakpointIdCell,
-        LastObservedL1LibHeaderCell, TxHashToBlockIdMapCell,
+        LastObservedL1LibHeaderCell, TxHashToBlockIdMapCell, ZoneSdkIndexerCursorCellOwned,
     },
 };
 
@@ -64,4 +64,10 @@ impl RocksDBIO {
         self.get_opt::<AccNumTxCell>(acc_id)
             .map(|opt| opt.map(|cell| cell.0))
     }
+
+    pub fn get_zone_sdk_indexer_cursor_bytes(&self) -> DbResult<Option<Vec<u8>>> {
+        Ok(self
+            .get_opt::<ZoneSdkIndexerCursorCellOwned>(())?
+            .map(|cell| cell.0))
+    }
 }
diff --git a/storage/src/indexer/write_non_atomic.rs b/storage/src/indexer/write_non_atomic.rs
index 62b466a2..505360fa 100644
--- a/storage/src/indexer/write_non_atomic.rs
+++ b/storage/src/indexer/write_non_atomic.rs
@@ -4,6 +4,7 @@ use crate::{
     cells::shared_cells::{FirstBlockSetCell, LastBlockCell},
     indexer::indexer_cells::{
         BreakpointCellRef, LastBreakpointIdCell, LastObservedL1LibHeaderCell,
+        ZoneSdkIndexerCursorCellRef,
     },
 };
 
@@ -30,6 +31,10 @@ impl RocksDBIO {
         self.put(&FirstBlockSetCell(true), ())
     }
 
+    pub fn put_zone_sdk_indexer_cursor_bytes(&self, bytes: &[u8]) -> DbResult<()> {
+        self.put(&ZoneSdkIndexerCursorCellRef(bytes), ())
+    }
+
     // State
 
     pub fn put_breakpoint(&self, br_id: u64, breakpoint: &V03State) -> DbResult<()> {
diff --git a/storage/src/sequencer/mod.rs b/storage/src/sequencer/mod.rs
index 508f6c29..537d198d 100644
--- a/storage/src/sequencer/mod.rs
+++ b/storage/src/sequencer/mod.rs
@@ -12,7 +12,7 @@ use crate::{
     error::DbError,
     sequencer::sequencer_cells::{
         LastFinalizedBlockIdCell, LatestBlockMetaCellOwned, LatestBlockMetaCellRef,
-        NSSAStateCellOwned, NSSAStateCellRef,
+        NSSAStateCellOwned, NSSAStateCellRef, ZoneSdkCheckpointCellOwned, ZoneSdkCheckpointCellRef,
     },
 };
 
@@ -22,6 +22,8 @@ pub mod sequencer_cells;
 pub const DB_META_LAST_FINALIZED_BLOCK_ID: &str = "last_finalized_block_id";
 /// Key base for storing metainformation about the latest block meta.
 pub const DB_META_LATEST_BLOCK_META_KEY: &str = "latest_block_meta";
+/// Key base for storing the zone-sdk sequencer checkpoint (opaque bytes).
+pub const DB_META_ZONE_SDK_CHECKPOINT_KEY: &str = "zone_sdk_checkpoint";
 
 /// Key base for storing the NSSA state.
 pub const DB_NSSA_STATE_KEY: &str = "nssa_state";
@@ -205,6 +207,16 @@ impl RocksDBIO {
         self.get::<LatestBlockMetaCellOwned>(()).map(|val| val.0)
     }
 
+    pub fn get_zone_sdk_checkpoint_bytes(&self) -> DbResult<Option<Vec<u8>>> {
+        Ok(self
+            .get_opt::<ZoneSdkCheckpointCellOwned>(())?
+            .map(|cell| cell.0))
+    }
+
+    pub fn put_zone_sdk_checkpoint_bytes(&self, bytes: &[u8]) -> DbResult<()> {
+        self.put(&ZoneSdkCheckpointCellRef(bytes), ())
+    }
+
     pub fn put_block(
         &self,
         block: &Block,
@@ -275,6 +287,22 @@ impl RocksDBIO {
         Ok(())
     }
 
+    /// Mark every pending block with `block_id <= last_finalized` as finalized.
+    /// Idempotent — already-finalized blocks are skipped.
+    pub fn clean_pending_blocks_up_to(&self, last_finalized: u64) -> DbResult<()> {
+        let pending_ids: Vec<u64> = self
+            .get_all_blocks()
+            .filter_map(Result::ok)
+            .filter(|b| matches!(b.bedrock_status, BedrockStatus::Pending))
+            .map(|b| b.header.block_id)
+            .filter(|id| *id <= last_finalized)
+            .collect();
+        for id in pending_ids {
+            self.mark_block_as_finalized(id)?;
+        }
+        Ok(())
+    }
+
     pub fn mark_block_as_finalized(&self, block_id: u64) -> DbResult<()> {
         let mut block = self.get_block(block_id)?.ok_or_else(|| {
             DbError::db_interaction_error(format!("Block with id {block_id} not found"))
diff --git a/storage/src/sequencer/sequencer_cells.rs b/storage/src/sequencer/sequencer_cells.rs
index 0ad092d7..2bf65367 100644
--- a/storage/src/sequencer/sequencer_cells.rs
+++ b/storage/src/sequencer/sequencer_cells.rs
@@ -8,7 +8,7 @@ use crate::{
     error::DbError,
     sequencer::{
         CF_NSSA_STATE_NAME, DB_META_LAST_FINALIZED_BLOCK_ID, DB_META_LATEST_BLOCK_META_KEY,
-        DB_NSSA_STATE_KEY,
+        DB_META_ZONE_SDK_CHECKPOINT_KEY, DB_NSSA_STATE_KEY,
     },
 };
 
@@ -95,6 +95,42 @@ impl SimpleWritableCell for LatestBlockMetaCellRef<'_> {
     }
 }
 
+/// Opaque bytes for the zone-sdk sequencer checkpoint. The caller is
+/// responsible for the actual encoding (we use `serde_json` since
+/// `SequencerCheckpoint` only derives serde, not borsh).
+#[derive(BorshDeserialize)]
+pub struct ZoneSdkCheckpointCellOwned(pub Vec<u8>);
+
+impl SimpleStorableCell for ZoneSdkCheckpointCellOwned {
+    type KeyParams = ();
+
+    const CELL_NAME: &'static str = DB_META_ZONE_SDK_CHECKPOINT_KEY;
+    const CF_NAME: &'static str = CF_META_NAME;
+}
+
+impl SimpleReadableCell for ZoneSdkCheckpointCellOwned {}
+
+#[derive(BorshSerialize)]
+pub struct ZoneSdkCheckpointCellRef<'bytes>(pub &'bytes [u8]);
+
+impl SimpleStorableCell for ZoneSdkCheckpointCellRef<'_> {
+    type KeyParams = ();
+
+    const CELL_NAME: &'static str = DB_META_ZONE_SDK_CHECKPOINT_KEY;
+    const CF_NAME: &'static str = CF_META_NAME;
+}
+
+impl SimpleWritableCell for ZoneSdkCheckpointCellRef<'_> {
+    fn value_constructor(&self) -> DbResult<Vec<u8>> {
+        borsh::to_vec(&self).map_err(|err| {
+            DbError::borsh_cast_message(
+                err,
+                Some("Failed to serialize zone-sdk checkpoint cell".to_owned()),
+            )
+        })
+    }
+}
+
 #[cfg(test)]
 mod uniform_tests {
     use crate::{
diff --git a/test_program_methods/guest/src/bin/private_pda_spender.rs b/test_program_methods/guest/src/bin/private_pda_spender.rs
new file mode 100644
index 00000000..04ef91a4
--- /dev/null
+++ b/test_program_methods/guest/src/bin/private_pda_spender.rs
@@ -0,0 +1,118 @@
+use nssa_core::program::{
+    AccountPostState, ChainedCall, Claim, PdaSeed, ProgramId, ProgramInput, ProgramOutput,
+    read_nssa_inputs,
+};
+
+/// Single program for group PDA operations. Owns and operates the PDA directly.
+///
+/// Instruction: `(pda_seed, noop_program_id, amount, is_deposit)`.
+/// Pre-states: `[group_pda, counterparty]`.
+///
+/// **Deposit** (`is_deposit = true`, new PDA):
+/// Claims PDA via `Claim::Pda(seed)`, increases PDA balance, decreases counterparty.
+/// Counterparty must be authorized and owned by this program (or uninitialized).
+///
+/// **Spend** (`is_deposit = false`, existing PDA):
+/// Decreases PDA balance (this program owns it), increases counterparty.
+/// Chains to a noop callee with `pda_seeds` to establish the mask-3 binding
+/// that the circuit requires for existing private PDAs.
+type Instruction = (PdaSeed, ProgramId, u128, bool);
+
+#[expect(
+    clippy::allow_attributes,
+    reason = "allow is needed because the clones are only redundant in test compilation"
+)]
+#[allow(
+    clippy::redundant_clone,
+    reason = "clones needed in non-test compilation"
+)]
+fn main() {
+    let (
+        ProgramInput {
+            self_program_id,
+            caller_program_id,
+            pre_states,
+            instruction: (pda_seed, noop_id, amount, is_deposit),
+        },
+        instruction_words,
+    ) = read_nssa_inputs::<Instruction>();
+
+    let Ok([pda_pre, counterparty_pre]) = <[_; 2]>::try_from(pre_states.clone()) else {
+        panic!("expected exactly 2 pre_states: [group_pda, counterparty]");
+    };
+
+    if is_deposit {
+        // Deposit: claim PDA, transfer balance from counterparty to PDA.
+        // Both accounts must be owned by this program (or uninitialized) for
+        // validate_execution to allow balance changes.
+        assert!(
+            counterparty_pre.is_authorized,
+            "Counterparty must be authorized to deposit"
+        );
+
+        let mut pda_account = pda_pre.account;
+        let mut counterparty_account = counterparty_pre.account;
+
+        pda_account.balance = pda_account
+            .balance
+            .checked_add(amount)
+            .expect("PDA balance overflow");
+        counterparty_account.balance = counterparty_account
+            .balance
+            .checked_sub(amount)
+            .expect("Counterparty has insufficient balance");
+
+        let pda_post = AccountPostState::new_claimed_if_default(pda_account, Claim::Pda(pda_seed));
+        let counterparty_post = AccountPostState::new(counterparty_account);
+
+        ProgramOutput::new(
+            self_program_id,
+            caller_program_id,
+            instruction_words,
+            pre_states,
+            vec![pda_post, counterparty_post],
+        )
+        .write();
+    } else {
+        // Spend: decrease PDA balance (owned by this program), increase counterparty.
+        // Chain to noop with pda_seeds to establish the mask-3 binding for the
+        // existing PDA. The noop's pre_states must match our post_states.
+        // Authorization is enforced by the circuit's binding check, not here.
+
+        let mut pda_account = pda_pre.account.clone();
+        let mut counterparty_account = counterparty_pre.account.clone();
+
+        pda_account.balance = pda_account
+            .balance
+            .checked_sub(amount)
+            .expect("PDA has insufficient balance");
+        counterparty_account.balance = counterparty_account
+            .balance
+            .checked_add(amount)
+            .expect("Counterparty balance overflow");
+
+        let pda_post = AccountPostState::new(pda_account.clone());
+        let counterparty_post = AccountPostState::new(counterparty_account.clone());
+
+        // Chain to noop solely to establish the mask-3 binding via pda_seeds.
+        let mut noop_pda_pre = pda_pre;
+        noop_pda_pre.account = pda_account;
+        noop_pda_pre.is_authorized = true;
+
+        let mut noop_counterparty_pre = counterparty_pre;
+        noop_counterparty_pre.account = counterparty_account;
+
+        let noop_call = ChainedCall::new(noop_id, vec![noop_pda_pre, noop_counterparty_pre], &())
+            .with_pda_seeds(vec![pda_seed]);
+
+        ProgramOutput::new(
+            self_program_id,
+            caller_program_id,
+            instruction_words,
+            pre_states,
+            vec![pda_post, counterparty_post],
+        )
+        .with_chained_calls(vec![noop_call])
+        .write();
+    }
+}
diff --git a/testnet_initial_state/src/lib.rs b/testnet_initial_state/src/lib.rs
index 07d546fe..f6f1e288 100644
--- a/testnet_initial_state/src/lib.rs
+++ b/testnet_initial_state/src/lib.rs
@@ -95,9 +95,16 @@ pub struct PublicAccountPrivateInitialData {
 
 #[derive(Debug, Clone, Serialize, Deserialize)]
 pub struct PrivateAccountPrivateInitialData {
-    pub account_id: nssa::AccountId,
     pub account: nssa_core::account::Account,
     pub key_chain: KeyChain,
+    pub identifier: nssa_core::Identifier,
+}
+
+impl PrivateAccountPrivateInitialData {
+    #[must_use]
+    pub fn account_id(&self) -> nssa::AccountId {
+        nssa::AccountId::from((&self.key_chain.nullifier_public_key, self.identifier))
+    }
 }
 
 #[must_use]
@@ -142,7 +149,6 @@ pub fn initial_priv_accounts_private_keys() -> Vec<PrivateAccountPrivateInitialD
 
     vec![
         PrivateAccountPrivateInitialData {
-            account_id: AccountId::from(&key_chain_1.nullifier_public_key),
             account: Account {
                 program_owner: DEFAULT_PROGRAM_OWNER,
                 balance: PRIV_ACC_A_INITIAL_BALANCE,
@@ -150,9 +156,9 @@ pub fn initial_priv_accounts_private_keys() -> Vec<PrivateAccountPrivateInitialD
                 nonce: 0.into(),
             },
             key_chain: key_chain_1,
+            identifier: 0,
         },
         PrivateAccountPrivateInitialData {
-            account_id: AccountId::from(&key_chain_2.nullifier_public_key),
             account: Account {
                 program_owner: DEFAULT_PROGRAM_OWNER,
                 balance: PRIV_ACC_B_INITIAL_BALANCE,
@@ -160,6 +166,7 @@ pub fn initial_priv_accounts_private_keys() -> Vec<PrivateAccountPrivateInitialD
                 nonce: 0.into(),
             },
             key_chain: key_chain_2,
+            identifier: 0,
         },
     ]
 }
@@ -201,14 +208,15 @@ pub fn initial_state() -> V03State {
             .iter()
             .map(|init_comm_data| {
                 let npk = &init_comm_data.npk;
+                let account_id = nssa::AccountId::from((npk, 0));
 
                 let mut acc = init_comm_data.account.clone();
 
                 acc.program_owner = nssa::program::Program::authenticated_transfer_program().id();
 
                 (
-                    nssa_core::Commitment::new(npk, &acc),
-                    nssa_core::Nullifier::for_account_initialization(npk),
+                    nssa_core::Commitment::new(&account_id, &acc),
+                    nssa_core::Nullifier::for_account_initialization(&account_id),
                 )
             })
             .collect();
@@ -239,8 +247,8 @@ mod tests {
     const PUB_ACC_A_TEXT_ADDR: &str = "6iArKUXxhUJqS7kCaPNhwMWt3ro71PDyBj7jwAyE2VQV";
     const PUB_ACC_B_TEXT_ADDR: &str = "7wHg9sbJwc6h3NP1S9bekfAzB8CHifEcxKswCKUt3YQo";
 
-    const PRIV_ACC_A_TEXT_ADDR: &str = "5ya25h4Xc9GAmrGB2WrTEnEWtQKJwRwQx3Xfo2tucNcE";
-    const PRIV_ACC_B_TEXT_ADDR: &str = "E8HwiTyQe4H9HK7icTvn95HQMnzx49mP9A2ddtMLpNaN";
+    const PRIV_ACC_A_TEXT_ADDR: &str = "4eGX3M3rgjHsme8n3sSp89af8JRZtYVTesbJjLqaX1VQ";
+    const PRIV_ACC_B_TEXT_ADDR: &str = "3m6HQmCgmAvsxZtxAHPqqEqoBG4335fCG8TzxigyW7rE";
 
     #[test]
     fn pub_state_consistency() {
@@ -354,11 +362,11 @@ mod tests {
         );
 
         assert_eq!(
-            init_private_accs_keys[0].account_id.to_string(),
+            init_private_accs_keys[0].account_id().to_string(),
             PRIV_ACC_A_TEXT_ADDR
         );
         assert_eq!(
-            init_private_accs_keys[1].account_id.to_string(),
+            init_private_accs_keys[1].account_id().to_string(),
             PRIV_ACC_B_TEXT_ADDR
         );
 
diff --git a/wallet-ffi/src/account.rs b/wallet-ffi/src/account.rs
index 49f6a8de..6214ab01 100644
--- a/wallet-ffi/src/account.rs
+++ b/wallet-ffi/src/account.rs
@@ -7,7 +7,10 @@ use nssa::AccountId;
 use crate::{
     block_on,
     error::{print_error, WalletFfiError},
-    types::{FfiAccount, FfiAccountList, FfiAccountListEntry, FfiBytes32, WalletHandle},
+    types::{
+        FfiAccount, FfiAccountList, FfiAccountListEntry, FfiBytes32, FfiPrivateAccountKeys,
+        WalletHandle,
+    },
     wallet::get_wallet,
 };
 
@@ -59,10 +62,18 @@ pub unsafe extern "C" fn wallet_ffi_create_account_public(
     WalletFfiError::Success
 }
 
-/// Create a new private account.
+/// Create a new private account, storing a default account entry in local storage.
 ///
-/// Private accounts use privacy-preserving transactions with nullifiers
-/// and commitments.
+/// This is the private-account equivalent of `wallet_ffi_create_account_public`.
+/// It generates a key node, assigns a random identifier, and inserts a default
+/// account record so the account can immediately be used with
+/// `wallet_ffi_register_private_account`.
+///
+/// The identifier is chosen at random and is not encoded in the mnemonic seed.
+/// Once the account is initialized, the identifier is embedded in the encrypted
+/// transaction payload and can be recovered by running `sync-private` from the
+/// same mnemonic. An account that was created locally but has never been initialized
+/// cannot be recovered from the seed alone.
 ///
 /// # Parameters
 /// - `handle`: Valid wallet handle
@@ -107,6 +118,78 @@ pub unsafe extern "C" fn wallet_ffi_create_account_private(
     WalletFfiError::Success
 }
 
+/// Create a new private key node.
+///
+/// Returns the nullifier public key (npk) and viewing public key (vpk) to share with
+/// senders. Account IDs are discovered later via sync when senders initialize accounts
+/// under this key.
+///
+/// # Parameters
+/// - `handle`: Valid wallet handle
+/// - `out_keys`: Output pointer for the key data (npk + vpk)
+///
+/// # Returns
+/// - `Success` on successful creation
+/// - Error code on failure
+///
+/// # Memory
+/// The keys structure must be freed with `wallet_ffi_free_private_account_keys()`.
+///
+/// # Safety
+/// - `handle` must be a valid wallet handle from `wallet_ffi_create_new` or `wallet_ffi_open`
+/// - `out_keys` must be a valid pointer to a `FfiPrivateAccountKeys` struct
+#[no_mangle]
+pub unsafe extern "C" fn wallet_ffi_create_private_accounts_key(
+    handle: *mut WalletHandle,
+    out_keys: *mut FfiPrivateAccountKeys,
+) -> WalletFfiError {
+    let wrapper = match get_wallet(handle) {
+        Ok(w) => w,
+        Err(e) => return e,
+    };
+
+    if out_keys.is_null() {
+        print_error("Null output pointer for keys");
+        return WalletFfiError::NullPointer;
+    }
+
+    let mut wallet = match wrapper.core.lock() {
+        Ok(w) => w,
+        Err(e) => {
+            print_error(format!("Failed to lock wallet: {e}"));
+            return WalletFfiError::InternalError;
+        }
+    };
+
+    let chain_index = wallet.create_private_accounts_key(None);
+
+    let node = wallet
+        .storage()
+        .user_data
+        .private_key_tree
+        .key_map
+        .get(&chain_index)
+        .expect("Node was just inserted");
+
+    let key_chain = &node.value.0;
+    let npk_bytes = key_chain.nullifier_public_key.0;
+    let vpk_bytes = key_chain.viewing_public_key.to_bytes();
+    let vpk_len = vpk_bytes.len();
+    #[expect(
+        clippy::as_conversions,
+        reason = "We need to convert the boxed slice into a raw pointer for FFI"
+    )]
+    let vpk_ptr = Box::into_raw(vpk_bytes.to_vec().into_boxed_slice()) as *const u8;
+
+    unsafe {
+        (*out_keys).nullifier_public_key.data = npk_bytes;
+        (*out_keys).viewing_public_key = vpk_ptr;
+        (*out_keys).viewing_public_key_len = vpk_len;
+    }
+
+    WalletFfiError::Success
+}
+
 /// List all accounts in the wallet.
 ///
 /// Returns both public and private accounts managed by this wallet.
diff --git a/wallet-ffi/src/keys.rs b/wallet-ffi/src/keys.rs
index 4eeadd8f..0471f255 100644
--- a/wallet-ffi/src/keys.rs
+++ b/wallet-ffi/src/keys.rs
@@ -116,7 +116,8 @@ pub unsafe extern "C" fn wallet_ffi_get_private_account_keys(
 
     let account_id = AccountId::new(unsafe { (*account_id).data });
 
-    let Some((key_chain, _account)) = wallet.storage().user_data.get_private_account(account_id)
+    let Some((key_chain, _account, _identifier)) =
+        wallet.storage().user_data.get_private_account(account_id)
     else {
         print_error("Private account not found in wallet");
         return WalletFfiError::AccountNotFound;
diff --git a/wallet-ffi/src/transfer.rs b/wallet-ffi/src/transfer.rs
index 739832ae..f2cadacc 100644
--- a/wallet-ffi/src/transfer.rs
+++ b/wallet-ffi/src/transfer.rs
@@ -9,7 +9,7 @@ use crate::{
     block_on,
     error::{print_error, WalletFfiError},
     map_execution_error,
-    types::{FfiBytes32, FfiTransferResult, WalletHandle},
+    types::{FfiBytes32, FfiTransferResult, FfiU128, WalletHandle},
     wallet::get_wallet,
     FfiPrivateAccountKeys,
 };
@@ -102,6 +102,7 @@ pub unsafe extern "C" fn wallet_ffi_transfer_public(
 /// - `handle`: Valid wallet handle
 /// - `from`: Source account ID (must be owned by this wallet)
 /// - `to_keys`: Destination account keys
+/// - `to_identifier`: Identifier for the recipient's private account
 /// - `amount`: Amount to transfer as little-endian [u8; 16]
 /// - `out_result`: Output pointer for transfer result
 ///
@@ -125,6 +126,7 @@ pub unsafe extern "C" fn wallet_ffi_transfer_shielded(
     handle: *mut WalletHandle,
     from: *const FfiBytes32,
     to_keys: *const FfiPrivateAccountKeys,
+    to_identifier: *const FfiU128,
     amount: *const [u8; 16],
     out_result: *mut FfiTransferResult,
 ) -> WalletFfiError {
@@ -133,7 +135,12 @@ pub unsafe extern "C" fn wallet_ffi_transfer_shielded(
         Err(e) => return e,
     };
 
-    if from.is_null() || to_keys.is_null() || amount.is_null() || out_result.is_null() {
+    if from.is_null()
+        || to_keys.is_null()
+        || to_identifier.is_null()
+        || amount.is_null()
+        || out_result.is_null()
+    {
         print_error("Null pointer argument");
         return WalletFfiError::NullPointer;
     }
@@ -155,13 +162,18 @@ pub unsafe extern "C" fn wallet_ffi_transfer_shielded(
             return e;
         }
     };
+    let to_identifier = u128::from_le_bytes(unsafe { (*to_identifier).data });
     let amount = u128::from_le_bytes(unsafe { *amount });
 
     let transfer = NativeTokenTransfer(&wallet);
 
-    match block_on(
-        transfer.send_shielded_transfer_to_outer_account(from_id, to_npk, to_vpk, amount),
-    ) {
+    match block_on(transfer.send_shielded_transfer_to_outer_account(
+        from_id,
+        to_npk,
+        to_vpk,
+        to_identifier,
+        amount,
+    )) {
         Ok((tx_hash, _shared_key)) => {
             let tx_hash = CString::new(tx_hash.to_string())
                 .map_or(ptr::null_mut(), std::ffi::CString::into_raw);
@@ -271,6 +283,7 @@ pub unsafe extern "C" fn wallet_ffi_transfer_deshielded(
 /// - `handle`: Valid wallet handle
 /// - `from`: Source account ID (must be owned by this wallet)
 /// - `to_keys`: Destination account keys
+/// - `to_identifier`: Identifier for the recipient's private account
 /// - `amount`: Amount to transfer as little-endian [u8; 16]
 /// - `out_result`: Output pointer for transfer result
 ///
@@ -294,6 +307,7 @@ pub unsafe extern "C" fn wallet_ffi_transfer_private(
     handle: *mut WalletHandle,
     from: *const FfiBytes32,
     to_keys: *const FfiPrivateAccountKeys,
+    to_identifier: *const FfiU128,
     amount: *const [u8; 16],
     out_result: *mut FfiTransferResult,
 ) -> WalletFfiError {
@@ -302,7 +316,12 @@ pub unsafe extern "C" fn wallet_ffi_transfer_private(
         Err(e) => return e,
     };
 
-    if from.is_null() || to_keys.is_null() || amount.is_null() || out_result.is_null() {
+    if from.is_null()
+        || to_keys.is_null()
+        || to_identifier.is_null()
+        || amount.is_null()
+        || out_result.is_null()
+    {
         print_error("Null pointer argument");
         return WalletFfiError::NullPointer;
     }
@@ -324,12 +343,18 @@ pub unsafe extern "C" fn wallet_ffi_transfer_private(
             return e;
         }
     };
+    let to_identifier = u128::from_le_bytes(unsafe { (*to_identifier).data });
     let amount = u128::from_le_bytes(unsafe { *amount });
 
     let transfer = NativeTokenTransfer(&wallet);
 
-    match block_on(transfer.send_private_transfer_to_outer_account(from_id, to_npk, to_vpk, amount))
-    {
+    match block_on(transfer.send_private_transfer_to_outer_account(
+        from_id,
+        to_npk,
+        to_vpk,
+        to_identifier,
+        amount,
+    )) {
         Ok((tx_hash, _shared_key)) => {
             let tx_hash = CString::new(tx_hash.to_string())
                 .map_or(ptr::null_mut(), std::ffi::CString::into_raw);
diff --git a/wallet-ffi/wallet_ffi.h b/wallet-ffi/wallet_ffi.h
index 2665cd40..89026950 100644
--- a/wallet-ffi/wallet_ffi.h
+++ b/wallet-ffi/wallet_ffi.h
@@ -126,6 +126,24 @@ typedef struct FfiBytes32 {
   uint8_t data[32];
 } FfiBytes32;
 
+/**
+ * Public keys for a private account (safe to expose).
+ */
+typedef struct FfiPrivateAccountKeys {
+  /**
+   * Nullifier public key (32 bytes).
+   */
+  struct FfiBytes32 nullifier_public_key;
+  /**
+   * viewing public key (compressed secp256k1 point).
+   */
+  const uint8_t *viewing_public_key;
+  /**
+   * Length of viewing public key (typically 33 bytes).
+   */
+  uintptr_t viewing_public_key_len;
+} FfiPrivateAccountKeys;
+
 /**
  * Single entry in the account list.
  */
@@ -189,24 +207,6 @@ typedef struct FfiPublicAccountKey {
   struct FfiBytes32 public_key;
 } FfiPublicAccountKey;
 
-/**
- * Public keys for a private account (safe to expose).
- */
-typedef struct FfiPrivateAccountKeys {
-  /**
-   * Nullifier public key (32 bytes).
-   */
-  struct FfiBytes32 nullifier_public_key;
-  /**
-   * viewing public key (compressed secp256k1 point).
-   */
-  const uint8_t *viewing_public_key;
-  /**
-   * Length of viewing public key (typically 33 bytes).
-   */
-  uintptr_t viewing_public_key_len;
-} FfiPrivateAccountKeys;
-
 /**
  * Result of a transfer operation.
  */
@@ -243,10 +243,18 @@ enum WalletFfiError wallet_ffi_create_account_public(struct WalletHandle *handle
                                                      struct FfiBytes32 *out_account_id);
 
 /**
- * Create a new private account.
+ * Create a new private account, storing a default account entry in local storage.
  *
- * Private accounts use privacy-preserving transactions with nullifiers
- * and commitments.
+ * This is the private-account equivalent of `wallet_ffi_create_account_public`.
+ * It generates a key node, assigns a random identifier, and inserts a default
+ * account record so the account can immediately be used with
+ * `wallet_ffi_register_private_account`.
+ *
+ * The identifier is chosen at random and is not encoded in the mnemonic seed.
+ * Once the account is initialized, the identifier is embedded in the encrypted
+ * transaction payload and can be recovered by running `sync-private` from the
+ * same mnemonic. An account that was created locally but has never been initialized
+ * cannot be recovered from the seed alone.
  *
  * # Parameters
  * - `handle`: Valid wallet handle
@@ -263,6 +271,31 @@ enum WalletFfiError wallet_ffi_create_account_public(struct WalletHandle *handle
 enum WalletFfiError wallet_ffi_create_account_private(struct WalletHandle *handle,
                                                       struct FfiBytes32 *out_account_id);
 
+/**
+ * Create a new private key node.
+ *
+ * Returns the nullifier public key (npk) and viewing public key (vpk) to share with
+ * senders. Account IDs are discovered later via sync when senders initialize accounts
+ * under this key.
+ *
+ * # Parameters
+ * - `handle`: Valid wallet handle
+ * - `out_keys`: Output pointer for the key data (npk + vpk)
+ *
+ * # Returns
+ * - `Success` on successful creation
+ * - Error code on failure
+ *
+ * # Memory
+ * The keys structure must be freed with `wallet_ffi_free_private_account_keys()`.
+ *
+ * # Safety
+ * - `handle` must be a valid wallet handle from `wallet_ffi_create_new` or `wallet_ffi_open`
+ * - `out_keys` must be a valid pointer to a `FfiPrivateAccountKeys` struct
+ */
+enum WalletFfiError wallet_ffi_create_private_accounts_key(struct WalletHandle *handle,
+                                                           struct FfiPrivateAccountKeys *out_keys);
+
 /**
  * List all accounts in the wallet.
  *
@@ -685,6 +718,7 @@ enum WalletFfiError wallet_ffi_transfer_public(struct WalletHandle *handle,
  * - `handle`: Valid wallet handle
  * - `from`: Source account ID (must be owned by this wallet)
  * - `to_keys`: Destination account keys
+ * - `to_identifier`: Identifier for the recipient's private account
  * - `amount`: Amount to transfer as little-endian [u8; 16]
  * - `out_result`: Output pointer for transfer result
  *
@@ -707,6 +741,7 @@ enum WalletFfiError wallet_ffi_transfer_public(struct WalletHandle *handle,
 enum WalletFfiError wallet_ffi_transfer_shielded(struct WalletHandle *handle,
                                                  const struct FfiBytes32 *from,
                                                  const struct FfiPrivateAccountKeys *to_keys,
+                                                 const struct FfiU128 *to_identifier,
                                                  const uint8_t (*amount)[16],
                                                  struct FfiTransferResult *out_result);
 
@@ -753,6 +788,7 @@ enum WalletFfiError wallet_ffi_transfer_deshielded(struct WalletHandle *handle,
  * - `handle`: Valid wallet handle
  * - `from`: Source account ID (must be owned by this wallet)
  * - `to_keys`: Destination account keys
+ * - `to_identifier`: Identifier for the recipient's private account
  * - `amount`: Amount to transfer as little-endian [u8; 16]
  * - `out_result`: Output pointer for transfer result
  *
@@ -775,6 +811,7 @@ enum WalletFfiError wallet_ffi_transfer_deshielded(struct WalletHandle *handle,
 enum WalletFfiError wallet_ffi_transfer_private(struct WalletHandle *handle,
                                                 const struct FfiBytes32 *from,
                                                 const struct FfiPrivateAccountKeys *to_keys,
+                                                const struct FfiU128 *to_identifier,
                                                 const uint8_t (*amount)[16],
                                                 struct FfiTransferResult *out_result);
 
diff --git a/wallet/configs/debug/wallet_config.json b/wallet/configs/debug/wallet_config.json
index 6604f65b..94e13ebd 100644
--- a/wallet/configs/debug/wallet_config.json
+++ b/wallet/configs/debug/wallet_config.json
@@ -19,7 +19,8 @@
         },
         {
             "Private": {
-                "account_id": "9DGDXnrNo4QhUUb2F8WDuDrPESja3eYDkZG5HkzvAvMC",
+                "account_id": "GoKB6RuE6pT2KxCqDXQqiCuuuYZaGdJNfctzyqRdGBCy",
+                "identifier": 0,
                 "account": {
                     "program_owner": [
                         0,
@@ -214,7 +215,8 @@
         },
         {
             "Private": {
-                "account_id": "A6AT9UvsgitUi8w4BH43n6DyX1bK37DtSCfjEWXQQUrQ",
+                "account_id": "BCdMnPkdH2DrVhe7cGdawkPU9iapsSboRvJpWX8pWnLq",
+                "identifier": 0,
                 "account": {
                     "program_owner": [
                         0,
diff --git a/wallet/src/chain_storage.rs b/wallet/src/chain_storage.rs
index 3699609b..8d168d8e 100644
--- a/wallet/src/chain_storage.rs
+++ b/wallet/src/chain_storage.rs
@@ -7,7 +7,7 @@ use key_protocol::{
         key_tree::{KeyTreePrivate, KeyTreePublic, chain_index::ChainIndex},
         secret_holders::SeedHolder,
     },
-    key_protocol_core::NSSAUserData,
+    key_protocol_core::{NSSAUserData, UserPrivateAccountData},
 };
 use log::debug;
 use nssa::program::Program;
@@ -70,15 +70,28 @@ impl WalletChainStore {
                     public_tree.insert(data.account_id, data.chain_index, data.data);
                 }
                 PersistentAccountData::Private(data) => {
-                    private_tree.insert(data.account_id, data.chain_index, data.data);
+                    let npk = data.data.value.0.nullifier_public_key;
+                    let chain_index = data.chain_index;
+                    for identifier in &data.identifiers {
+                        let account_id = nssa::AccountId::from((&npk, *identifier));
+                        private_tree
+                            .account_id_map
+                            .insert(account_id, chain_index.clone());
+                    }
+                    private_tree.key_map.insert(chain_index, data.data);
                 }
                 PersistentAccountData::Preconfigured(acc_data) => match acc_data {
                     InitialAccountData::Public(data) => {
                         public_init_acc_map.insert(data.account_id, data.pub_sign_key);
                     }
                     InitialAccountData::Private(data) => {
-                        private_init_acc_map
-                            .insert(data.account_id, (data.key_chain, data.account));
+                        private_init_acc_map.insert(
+                            data.account_id(),
+                            UserPrivateAccountData {
+                                key_chain: data.key_chain,
+                                accounts: vec![(data.identifier, data.account)],
+                            },
+                        );
                     }
                 },
             }
@@ -111,13 +124,20 @@ impl WalletChainStore {
                     public_init_acc_map.insert(data.account_id, data.pub_sign_key);
                 }
                 InitialAccountData::Private(data) => {
+                    let account_id = data.account_id();
                     let mut account = data.account;
                     // TODO: Program owner is only known after code is compiled and can't be set
                     // in the config. Therefore we overwrite it here on
                     // startup. Fix this when program id can be fetched
                     // from the node and queried from the wallet.
                     account.program_owner = Program::authenticated_transfer_program().id();
-                    private_init_acc_map.insert(data.account_id, (data.key_chain, account));
+                    private_init_acc_map.insert(
+                        account_id,
+                        UserPrivateAccountData {
+                            key_chain: data.key_chain,
+                            accounts: vec![(data.identifier, account)],
+                        },
+                    );
                 }
             }
         }
@@ -170,28 +190,71 @@ impl WalletChainStore {
     pub fn insert_private_account_data(
         &mut self,
         account_id: nssa::AccountId,
+        identifier: nssa_core::Identifier,
         account: nssa_core::account::Account,
     ) {
         debug!("inserting at address {account_id}, this account {account:?}");
 
-        let entry = self
+        // Update default accounts if present
+        if let Entry::Occupied(mut entry) = self
             .user_data
             .default_user_private_accounts
             .entry(account_id)
-            .and_modify(|data| data.1 = account.clone());
+        {
+            let entry = entry.get_mut();
+            if let Some((_, acc)) = entry.accounts.iter_mut().find(|(id, _)| *id == identifier) {
+                *acc = account;
+            } else {
+                entry.accounts.push((identifier, account));
+            }
+            return;
+        }
 
-        if matches!(entry, Entry::Vacant(_)) {
-            self.user_data
+        // Otherwise update the private key tree
+
+        // Find the node by iterating all tree nodes for this account_id
+        let chain_index = self
+            .user_data
+            .private_key_tree
+            .account_id_map
+            .get(&account_id)
+            .cloned();
+
+        if let Some(chain_index) = chain_index {
+            // Node already in account_id_map — update its entry
+            if let Some(node) = self
+                .user_data
                 .private_key_tree
-                .account_id_map
-                .get(&account_id)
-                .map(|chain_index| {
+                .key_map
+                .get_mut(&chain_index)
+            {
+                if let Some((_, acc)) = node.value.1.iter_mut().find(|(id, _)| *id == identifier) {
+                    *acc = account;
+                } else {
+                    node.value.1.push((identifier, account));
+                }
+            }
+        } else {
+            // Node not yet in account_id_map — find it by checking all nodes
+            for (ci, node) in &mut self.user_data.private_key_tree.key_map {
+                let expected_id =
+                    nssa::AccountId::from((&node.value.0.nullifier_public_key, identifier));
+                if expected_id == account_id {
+                    if let Some((_, acc)) =
+                        node.value.1.iter_mut().find(|(id, _)| *id == identifier)
+                    {
+                        *acc = account;
+                    } else {
+                        node.value.1.push((identifier, account));
+                    }
+                    // Register in account_id_map
                     self.user_data
                         .private_key_tree
-                        .key_map
-                        .entry(chain_index.clone())
-                        .and_modify(|data| data.value.1 = account)
-                });
+                        .account_id_map
+                        .insert(account_id, ci.clone());
+                    break;
+                }
+            }
         }
     }
 }
@@ -199,7 +262,7 @@ impl WalletChainStore {
 #[cfg(test)]
 mod tests {
     use key_protocol::key_management::key_tree::{
-        keys_private::ChildKeysPrivate, keys_public::ChildKeysPublic, traits::KeyNode as _,
+        keys_private::ChildKeysPrivate, keys_public::ChildKeysPublic,
     };
 
     use super::*;
@@ -228,7 +291,7 @@ mod tests {
                 data: public_data,
             }),
             PersistentAccountData::Private(Box::new(PersistentAccountDataPrivate {
-                account_id: private_data.account_id(),
+                identifiers: vec![],
                 chain_index: ChainIndex::root(),
                 data: private_data,
             })),
diff --git a/wallet/src/cli/account.rs b/wallet/src/cli/account.rs
index 86ae7e35..b5e80854 100644
--- a/wallet/src/cli/account.rs
+++ b/wallet/src/cli/account.rs
@@ -82,7 +82,8 @@ pub enum NewSubcommand {
         /// Label to assign to the new account.
         label: Option<String>,
     },
-    /// Register new private account.
+    /// Single-account convenience: creates a key node and auto-registers one account with a random
+    /// identifier.
     Private {
         #[arg(long)]
         /// Chain index of a parent node.
@@ -91,6 +92,13 @@ pub enum NewSubcommand {
         /// Label to assign to the new account.
         label: Option<String>,
     },
+    /// Recommended for receiving from multiple senders: creates a key node (npk + vpk) without
+    /// registering any account.
+    PrivateAccountsKey {
+        #[arg(long)]
+        /// Chain index of a parent node.
+        cci: Option<ChainIndex>,
+    },
 }
 
 impl WalletSubcommand for NewSubcommand {
@@ -149,6 +157,15 @@ impl WalletSubcommand for NewSubcommand {
 
                 let (account_id, chain_index) = wallet_core.create_new_account_private(cci);
 
+                let node = wallet_core
+                    .storage
+                    .user_data
+                    .private_key_tree
+                    .key_map
+                    .get(&chain_index)
+                    .expect("Node was just inserted");
+                let key = &node.value.0;
+
                 if let Some(label) = label {
                     wallet_core
                         .storage
@@ -156,14 +173,8 @@ impl WalletSubcommand for NewSubcommand {
                         .insert(account_id.to_string(), Label::new(label));
                 }
 
-                let (key, _) = wallet_core
-                    .storage
-                    .user_data
-                    .get_private_account(account_id)
-                    .unwrap();
-
                 println!(
-                    "Generated new account with account_id Private/{account_id} at path {chain_index}",
+                    "Generated new account with account_id Private/{account_id} at path {chain_index}"
                 );
                 println!("With npk {}", hex::encode(key.nullifier_public_key.0));
                 println!(
@@ -175,6 +186,29 @@ impl WalletSubcommand for NewSubcommand {
 
                 Ok(SubcommandReturnValue::RegisterAccount { account_id })
             }
+            Self::PrivateAccountsKey { cci } => {
+                let chain_index = wallet_core.create_private_accounts_key(cci);
+
+                let node = wallet_core
+                    .storage
+                    .user_data
+                    .private_key_tree
+                    .key_map
+                    .get(&chain_index)
+                    .expect("Node was just inserted");
+                let key = &node.value.0;
+
+                println!("Generated new private key node at path {chain_index}");
+                println!("With npk {}", hex::encode(key.nullifier_public_key.0));
+                println!(
+                    "With vpk {}",
+                    hex::encode(key.viewing_public_key.to_bytes())
+                );
+
+                wallet_core.store_persistent_data().await?;
+
+                Ok(SubcommandReturnValue::Empty)
+            }
         }
     }
 }
@@ -229,7 +263,7 @@ impl WalletSubcommand for AccountSubcommand {
                             println!("pk {}", hex::encode(public_key.value()));
                         }
                         AccountPrivacyKind::Private => {
-                            let (key, _) = wallet_core
+                            let (key, _, _) = wallet_core
                                 .storage
                                 .user_data
                                 .get_private_account(account_id)
@@ -272,21 +306,7 @@ impl WalletSubcommand for AccountSubcommand {
             Self::New(new_subcommand) => new_subcommand.handle_subcommand(wallet_core).await,
             Self::SyncPrivate => {
                 let curr_last_block = wallet_core.sequencer_client.get_last_block_id().await?;
-
-                if wallet_core
-                    .storage
-                    .user_data
-                    .private_key_tree
-                    .account_id_map
-                    .is_empty()
-                {
-                    wallet_core.last_synced_block = curr_last_block;
-
-                    wallet_core.store_persistent_data().await?;
-                } else {
-                    wallet_core.sync_to_block(curr_last_block).await?;
-                }
-
+                wallet_core.sync_to_block(curr_last_block).await?;
                 Ok(SubcommandReturnValue::SyncedToBlock(curr_last_block))
             }
             Self::List { long } => {
diff --git a/wallet/src/cli/group.rs b/wallet/src/cli/group.rs
new file mode 100644
index 00000000..5cdcc0af
--- /dev/null
+++ b/wallet/src/cli/group.rs
@@ -0,0 +1,295 @@
+use anyhow::{Context as _, Result};
+use clap::Subcommand;
+use key_protocol::key_management::group_key_holder::GroupKeyHolder;
+use nssa::AccountId;
+use nssa_core::program::PdaSeed;
+
+use crate::{
+    WalletCore,
+    cli::{SubcommandReturnValue, WalletSubcommand},
+};
+
+/// Group PDA management commands.
+#[derive(Subcommand, Debug, Clone)]
+pub enum GroupSubcommand {
+    /// Create a new group with a fresh random GMS.
+    New {
+        /// Human-readable name for the group.
+        name: String,
+    },
+    /// Import a group from raw GMS bytes.
+    Import {
+        /// Human-readable name for the group.
+        name: String,
+        /// Raw GMS as 64-character hex string.
+        #[arg(long)]
+        gms: String,
+        /// Epoch (defaults to 0).
+        #[arg(long, default_value = "0")]
+        epoch: u32,
+    },
+    /// Export the raw GMS hex for backup or manual distribution.
+    Export {
+        /// Group name.
+        name: String,
+    },
+    /// List all groups with their epochs.
+    #[command(visible_alias = "ls")]
+    List,
+    /// Derive keys for a PDA seed and show the resulting AccountId.
+    Derive {
+        /// Group name.
+        name: String,
+        /// PDA seed as 64-character hex string.
+        #[arg(long)]
+        seed: String,
+        /// Program ID as hex string (u32x8 little-endian).
+        #[arg(long)]
+        program_id: String,
+    },
+    /// Remove a group from the wallet.
+    Remove {
+        /// Group name.
+        name: String,
+    },
+    /// Seal the group's GMS for a recipient (invite).
+    Invite {
+        /// Group name.
+        name: String,
+        /// Recipient's viewing public key as hex string.
+        #[arg(long)]
+        vpk: String,
+    },
+    /// Unseal a received GMS and store it (join a group).
+    Join {
+        /// Human-readable name to store the group under.
+        name: String,
+        /// Sealed GMS as hex string (from the inviter).
+        #[arg(long)]
+        sealed: String,
+        /// Account label or Private/<id> whose VSK to use for decryption.
+        #[arg(long)]
+        account: String,
+    },
+    /// Ratchet the GMS to exclude removed members.
+    Ratchet {
+        /// Group name.
+        name: String,
+    },
+}
+
+impl WalletSubcommand for GroupSubcommand {
+    async fn handle_subcommand(
+        self,
+        wallet_core: &mut WalletCore,
+    ) -> Result<SubcommandReturnValue> {
+        match self {
+            Self::New { name } => {
+                if wallet_core
+                    .storage()
+                    .user_data
+                    .get_group_key_holder(&name)
+                    .is_some()
+                {
+                    anyhow::bail!("Group '{name}' already exists");
+                }
+
+                let holder = GroupKeyHolder::new();
+                wallet_core
+                    .storage_mut()
+                    .user_data
+                    .insert_group_key_holder(name.clone(), holder);
+                wallet_core.store_persistent_data().await?;
+
+                println!("Created group '{name}' at epoch 0");
+                Ok(SubcommandReturnValue::Empty)
+            }
+
+            Self::Import { name, gms, epoch } => {
+                if wallet_core
+                    .storage()
+                    .user_data
+                    .get_group_key_holder(&name)
+                    .is_some()
+                {
+                    anyhow::bail!("Group '{name}' already exists");
+                }
+
+                let gms_bytes: [u8; 32] = hex::decode(&gms)
+                    .context("Invalid GMS hex")?
+                    .try_into()
+                    .map_err(|_| anyhow::anyhow!("GMS must be exactly 32 bytes"))?;
+
+                let holder = GroupKeyHolder::from_gms_and_epoch(gms_bytes, epoch);
+                wallet_core
+                    .storage_mut()
+                    .user_data
+                    .insert_group_key_holder(name.clone(), holder);
+                wallet_core.store_persistent_data().await?;
+
+                println!("Imported group '{name}' at epoch {epoch}");
+                Ok(SubcommandReturnValue::Empty)
+            }
+
+            Self::Export { name } => {
+                let holder = wallet_core
+                    .storage()
+                    .user_data
+                    .get_group_key_holder(&name)
+                    .context(format!("Group '{name}' not found"))?;
+
+                let gms_hex = hex::encode(holder.dangerous_raw_gms());
+                let epoch = holder.epoch();
+
+                println!("Group: {name}");
+                println!("Epoch: {epoch}");
+                println!("GMS: {gms_hex}");
+                Ok(SubcommandReturnValue::Empty)
+            }
+
+            Self::List => {
+                let holders = &wallet_core.storage().user_data.group_key_holders;
+                if holders.is_empty() {
+                    println!("No groups found");
+                } else {
+                    for (name, holder) in holders {
+                        println!("{name} (epoch {})", holder.epoch());
+                    }
+                }
+                Ok(SubcommandReturnValue::Empty)
+            }
+
+            Self::Derive {
+                name,
+                seed,
+                program_id,
+            } => {
+                let holder = wallet_core
+                    .storage()
+                    .user_data
+                    .get_group_key_holder(&name)
+                    .context(format!("Group '{name}' not found"))?;
+
+                let seed_bytes: [u8; 32] = hex::decode(&seed)
+                    .context("Invalid seed hex")?
+                    .try_into()
+                    .map_err(|_| anyhow::anyhow!("Seed must be exactly 32 bytes"))?;
+                let pda_seed = PdaSeed::new(seed_bytes);
+
+                let pid_bytes =
+                    hex::decode(&program_id).context("Invalid program ID hex")?;
+                if pid_bytes.len() != 32 {
+                    anyhow::bail!("Program ID must be exactly 32 bytes");
+                }
+                let mut pid: nssa_core::program::ProgramId = [0; 8];
+                for (i, chunk) in pid_bytes.chunks_exact(4).enumerate() {
+                    pid[i] = u32::from_le_bytes(chunk.try_into().unwrap());
+                }
+
+                let keys = holder.derive_keys_for_pda(&pda_seed);
+                let npk = keys.generate_nullifier_public_key();
+                let vpk = keys.generate_viewing_public_key();
+                let account_id = AccountId::for_private_pda(&pid, &pda_seed, &npk);
+
+                println!("Group: {name}");
+                println!("NPK: {}", hex::encode(npk.0));
+                println!("VPK: {}", hex::encode(&vpk.0));
+                println!("AccountId: {account_id}");
+                Ok(SubcommandReturnValue::Empty)
+            }
+
+            Self::Remove { name } => {
+                if wallet_core
+                    .storage_mut()
+                    .user_data
+                    .group_key_holders
+                    .remove(&name)
+                    .is_none()
+                {
+                    anyhow::bail!("Group '{name}' not found");
+                }
+
+                wallet_core.store_persistent_data().await?;
+                println!("Removed group '{name}'");
+                Ok(SubcommandReturnValue::Empty)
+            }
+
+            Self::Invite { name, vpk } => {
+                let holder = wallet_core
+                    .storage()
+                    .user_data
+                    .get_group_key_holder(&name)
+                    .context(format!("Group '{name}' not found"))?;
+
+                let vpk_bytes = hex::decode(&vpk).context("Invalid VPK hex")?;
+                let recipient_vpk =
+                    nssa_core::encryption::shared_key_derivation::Secp256k1Point(vpk_bytes);
+
+                let sealed = holder.seal_for(&recipient_vpk);
+                println!("{}", hex::encode(&sealed));
+                Ok(SubcommandReturnValue::Empty)
+            }
+
+            Self::Join {
+                name,
+                sealed,
+                account,
+            } => {
+                if wallet_core
+                    .storage()
+                    .user_data
+                    .get_group_key_holder(&name)
+                    .is_some()
+                {
+                    anyhow::bail!("Group '{name}' already exists");
+                }
+
+                let sealed_bytes = hex::decode(&sealed).context("Invalid sealed hex")?;
+
+                // Resolve the account to get the VSK
+                let account_id: nssa::AccountId = account
+                    .parse()
+                    .context("Invalid account ID (use Private/<base58>)")?;
+                let (keychain, _) = wallet_core
+                    .storage()
+                    .user_data
+                    .get_private_account(account_id)
+                    .context("Private account not found")?;
+                let vsk = keychain.private_key_holder.viewing_secret_key;
+
+                let holder = GroupKeyHolder::unseal(&sealed_bytes, &vsk)
+                    .map_err(|e| anyhow::anyhow!("Failed to unseal: {e:?}"))?;
+
+                let epoch = holder.epoch();
+                wallet_core
+                    .storage_mut()
+                    .user_data
+                    .insert_group_key_holder(name.clone(), holder);
+                wallet_core.store_persistent_data().await?;
+
+                println!("Joined group '{name}' at epoch {epoch}");
+                Ok(SubcommandReturnValue::Empty)
+            }
+
+            Self::Ratchet { name } => {
+                let holder = wallet_core
+                    .storage_mut()
+                    .user_data
+                    .group_key_holders
+                    .get_mut(&name)
+                    .context(format!("Group '{name}' not found"))?;
+
+                let mut salt = [0_u8; 32];
+                rand::RngCore::fill_bytes(&mut rand::rngs::OsRng, &mut salt);
+                holder.ratchet(salt);
+
+                let epoch = holder.epoch();
+                wallet_core.store_persistent_data().await?;
+
+                println!("Ratcheted group '{name}' to epoch {epoch}");
+                println!("Re-invite remaining members with 'group invite'");
+                Ok(SubcommandReturnValue::Empty)
+            }
+        }
+    }
+}
diff --git a/wallet/src/cli/programs/native_token_transfer.rs b/wallet/src/cli/programs/native_token_transfer.rs
index 41008eac..f02ff99c 100644
--- a/wallet/src/cli/programs/native_token_transfer.rs
+++ b/wallet/src/cli/programs/native_token_transfer.rs
@@ -59,6 +59,10 @@ pub enum AuthTransferSubcommand {
         /// `to_vpk` - valid 33 byte hex string.
         #[arg(long)]
         to_vpk: Option<String>,
+        /// Identifier for the recipient's private account (only used when sending to a foreign
+        /// private account via `--to-npk`/`--to-vpk`).
+        #[arg(long)]
+        to_identifier: Option<u128>,
         /// amount - amount of balance to move.
         #[arg(long)]
         amount: u128,
@@ -132,6 +136,7 @@ impl WalletSubcommand for AuthTransferSubcommand {
                 to_label,
                 to_npk,
                 to_vpk,
+                to_identifier,
                 amount,
             } => {
                 let from = resolve_id_or_label(
@@ -210,6 +215,7 @@ impl WalletSubcommand for AuthTransferSubcommand {
                                         from,
                                         to_npk,
                                         to_vpk,
+                                        to_identifier,
                                         amount,
                                     },
                                 )
@@ -220,6 +226,7 @@ impl WalletSubcommand for AuthTransferSubcommand {
                                         from,
                                         to_npk,
                                         to_vpk,
+                                        to_identifier,
                                         amount,
                                     },
                                 )
@@ -304,6 +311,9 @@ pub enum NativeTokenTransferProgramSubcommandShielded {
         /// `to_vpk` - valid 33 byte hex string.
         #[arg(long)]
         to_vpk: String,
+        /// Identifier for the recipient's private account.
+        #[arg(long)]
+        to_identifier: Option<u128>,
         /// amount - amount of balance to move.
         #[arg(long)]
         amount: u128,
@@ -341,6 +351,9 @@ pub enum NativeTokenTransferProgramSubcommandPrivate {
         /// `to_vpk` - valid 33 byte hex string.
         #[arg(long)]
         to_vpk: String,
+        /// Identifier for the recipient's private account.
+        #[arg(long)]
+        to_identifier: Option<u128>,
         /// amount - amount of balance to move.
         #[arg(long)]
         amount: u128,
@@ -382,6 +395,7 @@ impl WalletSubcommand for NativeTokenTransferProgramSubcommandPrivate {
                 from,
                 to_npk,
                 to_vpk,
+                to_identifier,
                 amount,
             } => {
                 let from: AccountId = from.parse().unwrap();
@@ -397,7 +411,13 @@ impl WalletSubcommand for NativeTokenTransferProgramSubcommandPrivate {
                     nssa_core::encryption::shared_key_derivation::Secp256k1Point(to_vpk.to_vec());
 
                 let (tx_hash, [secret_from, _]) = NativeTokenTransfer(wallet_core)
-                    .send_private_transfer_to_outer_account(from, to_npk, to_vpk, amount)
+                    .send_private_transfer_to_outer_account(
+                        from,
+                        to_npk,
+                        to_vpk,
+                        to_identifier.unwrap_or_else(rand::random),
+                        amount,
+                    )
                     .await?;
 
                 println!("Transaction hash is {tx_hash}");
@@ -456,6 +476,7 @@ impl WalletSubcommand for NativeTokenTransferProgramSubcommandShielded {
                 from,
                 to_npk,
                 to_vpk,
+                to_identifier,
                 amount,
             } => {
                 let from: AccountId = from.parse().unwrap();
@@ -472,7 +493,13 @@ impl WalletSubcommand for NativeTokenTransferProgramSubcommandShielded {
                     nssa_core::encryption::shared_key_derivation::Secp256k1Point(to_vpk.to_vec());
 
                 let (tx_hash, _) = NativeTokenTransfer(wallet_core)
-                    .send_shielded_transfer_to_outer_account(from, to_npk, to_vpk, amount)
+                    .send_shielded_transfer_to_outer_account(
+                        from,
+                        to_npk,
+                        to_vpk,
+                        to_identifier.unwrap_or_else(rand::random),
+                        amount,
+                    )
                     .await?;
 
                 println!("Transaction hash is {tx_hash}");
diff --git a/wallet/src/cli/programs/token.rs b/wallet/src/cli/programs/token.rs
index 0575da09..73bb6c2c 100644
--- a/wallet/src/cli/programs/token.rs
+++ b/wallet/src/cli/programs/token.rs
@@ -73,6 +73,10 @@ pub enum TokenProgramAgnosticSubcommand {
         /// `to_vpk` - valid 33 byte hex string.
         #[arg(long)]
         to_vpk: Option<String>,
+        /// Identifier for the recipient's private account (only used when sending to a foreign
+        /// private account via `--to-npk`/`--to-vpk`).
+        #[arg(long)]
+        to_identifier: Option<u128>,
         /// amount - amount of balance to move.
         #[arg(long)]
         amount: u128,
@@ -139,6 +143,10 @@ pub enum TokenProgramAgnosticSubcommand {
         /// `to_vpk` - valid 33 byte hex string.
         #[arg(long)]
         holder_vpk: Option<String>,
+        /// Identifier for the holder's private account (only used when minting to a foreign
+        /// private account via `--holder-npk`/`--holder-vpk`).
+        #[arg(long)]
+        holder_identifier: Option<u128>,
         /// amount - amount of balance to mint.
         #[arg(long)]
         amount: u128,
@@ -228,6 +236,7 @@ impl WalletSubcommand for TokenProgramAgnosticSubcommand {
                 to_label,
                 to_npk,
                 to_vpk,
+                to_identifier,
                 amount,
             } => {
                 let from = resolve_id_or_label(
@@ -313,6 +322,7 @@ impl WalletSubcommand for TokenProgramAgnosticSubcommand {
                                     sender_account_id: from,
                                     recipient_npk: to_npk,
                                     recipient_vpk: to_vpk,
+                                    recipient_identifier: to_identifier,
                                     balance_to_move: amount,
                                 },
                             ),
@@ -321,6 +331,7 @@ impl WalletSubcommand for TokenProgramAgnosticSubcommand {
                                     sender_account_id: from,
                                     recipient_npk: to_npk,
                                     recipient_vpk: to_vpk,
+                                    recipient_identifier: to_identifier,
                                     balance_to_move: amount,
                                 },
                             ),
@@ -403,6 +414,7 @@ impl WalletSubcommand for TokenProgramAgnosticSubcommand {
                 holder_label,
                 holder_npk,
                 holder_vpk,
+                holder_identifier,
                 amount,
             } => {
                 let definition = resolve_id_or_label(
@@ -490,6 +502,7 @@ impl WalletSubcommand for TokenProgramAgnosticSubcommand {
                                     definition_account_id: definition,
                                     holder_npk,
                                     holder_vpk,
+                                    holder_identifier,
                                     amount,
                                 },
                             ),
@@ -498,6 +511,7 @@ impl WalletSubcommand for TokenProgramAgnosticSubcommand {
                                     definition_account_id: definition,
                                     holder_npk,
                                     holder_vpk,
+                                    holder_identifier,
                                     amount,
                                 },
                             ),
@@ -585,6 +599,9 @@ pub enum TokenProgramSubcommandPrivate {
         /// `recipient_vpk` - valid 33 byte hex string.
         #[arg(long)]
         recipient_vpk: String,
+        /// Identifier for the recipient's private account.
+        #[arg(long)]
+        recipient_identifier: Option<u128>,
         #[arg(short, long)]
         balance_to_move: u128,
     },
@@ -614,6 +631,9 @@ pub enum TokenProgramSubcommandPrivate {
         holder_npk: String,
         #[arg(short, long)]
         holder_vpk: String,
+        /// Identifier for the holder's private account.
+        #[arg(long)]
+        holder_identifier: Option<u128>,
         #[arg(short, long)]
         amount: u128,
     },
@@ -673,6 +693,9 @@ pub enum TokenProgramSubcommandShielded {
         /// `recipient_vpk` - valid 33 byte hex string.
         #[arg(long)]
         recipient_vpk: String,
+        /// Identifier for the recipient's private account.
+        #[arg(long)]
+        recipient_identifier: Option<u128>,
         #[arg(short, long)]
         balance_to_move: u128,
     },
@@ -702,6 +725,9 @@ pub enum TokenProgramSubcommandShielded {
         holder_npk: String,
         #[arg(short, long)]
         holder_vpk: String,
+        /// Identifier for the holder's private account.
+        #[arg(long)]
+        holder_identifier: Option<u128>,
         #[arg(short, long)]
         amount: u128,
     },
@@ -862,6 +888,7 @@ impl WalletSubcommand for TokenProgramSubcommandPrivate {
                 sender_account_id,
                 recipient_npk,
                 recipient_vpk,
+                recipient_identifier,
                 balance_to_move,
             } => {
                 let sender_account_id: AccountId = sender_account_id.parse().unwrap();
@@ -882,6 +909,7 @@ impl WalletSubcommand for TokenProgramSubcommandPrivate {
                         sender_account_id,
                         recipient_npk,
                         recipient_vpk,
+                        recipient_identifier.unwrap_or_else(rand::random),
                         balance_to_move,
                     )
                     .await?;
@@ -979,6 +1007,7 @@ impl WalletSubcommand for TokenProgramSubcommandPrivate {
                 definition_account_id,
                 holder_npk,
                 holder_vpk,
+                holder_identifier,
                 amount,
             } => {
                 let definition_account_id: AccountId = definition_account_id.parse().unwrap();
@@ -1000,6 +1029,7 @@ impl WalletSubcommand for TokenProgramSubcommandPrivate {
                         definition_account_id,
                         holder_npk,
                         holder_vpk,
+                        holder_identifier.unwrap_or_else(rand::random),
                         amount,
                     )
                     .await?;
@@ -1144,6 +1174,7 @@ impl WalletSubcommand for TokenProgramSubcommandShielded {
                 sender_account_id,
                 recipient_npk,
                 recipient_vpk,
+                recipient_identifier,
                 balance_to_move,
             } => {
                 let sender_account_id: AccountId = sender_account_id.parse().unwrap();
@@ -1164,6 +1195,7 @@ impl WalletSubcommand for TokenProgramSubcommandShielded {
                         sender_account_id,
                         recipient_npk,
                         recipient_vpk,
+                        recipient_identifier.unwrap_or_else(rand::random),
                         balance_to_move,
                     )
                     .await?;
@@ -1283,6 +1315,7 @@ impl WalletSubcommand for TokenProgramSubcommandShielded {
                 definition_account_id,
                 holder_npk,
                 holder_vpk,
+                holder_identifier,
                 amount,
             } => {
                 let definition_account_id: AccountId = definition_account_id.parse().unwrap();
@@ -1304,6 +1337,7 @@ impl WalletSubcommand for TokenProgramSubcommandShielded {
                         definition_account_id,
                         holder_npk,
                         holder_vpk,
+                        holder_identifier.unwrap_or_else(rand::random),
                         amount,
                     )
                     .await?;
diff --git a/wallet/src/config.rs b/wallet/src/config.rs
index 33527009..bbd98ac7 100644
--- a/wallet/src/config.rs
+++ b/wallet/src/config.rs
@@ -28,7 +28,7 @@ pub struct PersistentAccountDataPublic {
 
 #[derive(Debug, Clone, Serialize, Deserialize)]
 pub struct PersistentAccountDataPrivate {
-    pub account_id: nssa::AccountId,
+    pub identifiers: Vec<nssa_core::Identifier>,
     pub chain_index: ChainIndex,
     pub data: ChildKeysPrivate,
 }
@@ -44,10 +44,10 @@ pub enum InitialAccountData {
 
 impl InitialAccountData {
     #[must_use]
-    pub const fn account_id(&self) -> nssa::AccountId {
+    pub fn account_id(&self) -> nssa::AccountId {
         match &self {
             Self::Public(acc) => acc.account_id,
-            Self::Private(acc) => acc.account_id,
+            Self::Private(acc) => acc.account_id(),
         }
     }
 
@@ -123,17 +123,6 @@ impl PersistentStorage {
     }
 }
 
-impl PersistentAccountData {
-    #[must_use]
-    pub fn account_id(&self) -> nssa::AccountId {
-        match &self {
-            Self::Public(acc) => acc.account_id,
-            Self::Private(acc) => acc.account_id,
-            Self::Preconfigured(acc) => acc.account_id(),
-        }
-    }
-}
-
 impl From<PublicAccountPrivateInitialData> for InitialAccountData {
     fn from(value: PublicAccountPrivateInitialData) -> Self {
         Self::Public(value)
diff --git a/wallet/src/helperfunctions.rs b/wallet/src/helperfunctions.rs
index 37a27409..94755f6e 100644
--- a/wallet/src/helperfunctions.rs
+++ b/wallet/src/helperfunctions.rs
@@ -165,17 +165,16 @@ pub fn produce_data_for_storage(
         }
     }
 
-    for (account_id, key) in &user_data.private_key_tree.account_id_map {
-        if let Some(data) = user_data.private_key_tree.key_map.get(key) {
-            vec_for_storage.push(
-                PersistentAccountDataPrivate {
-                    account_id: *account_id,
-                    chain_index: key.clone(),
-                    data: data.clone(),
-                }
-                .into(),
-            );
-        }
+    for (chain_index, node) in &user_data.private_key_tree.key_map {
+        let identifiers = node.value.1.iter().map(|(id, _)| *id).collect();
+        vec_for_storage.push(
+            PersistentAccountDataPrivate {
+                identifiers,
+                chain_index: chain_index.clone(),
+                data: node.clone(),
+            }
+            .into(),
+        );
     }
 
     for (account_id, key) in &user_data.default_pub_account_signing_keys {
@@ -188,15 +187,17 @@ pub fn produce_data_for_storage(
         );
     }
 
-    for (account_id, (key_chain, account)) in &user_data.default_user_private_accounts {
-        vec_for_storage.push(
-            InitialAccountData::Private(Box::new(PrivateAccountPrivateInitialData {
-                account_id: *account_id,
-                account: account.clone(),
-                key_chain: key_chain.clone(),
-            }))
-            .into(),
-        );
+    for entry in user_data.default_user_private_accounts.values() {
+        for (identifier, account) in &entry.accounts {
+            vec_for_storage.push(
+                InitialAccountData::Private(Box::new(PrivateAccountPrivateInitialData {
+                    account: account.clone(),
+                    key_chain: entry.key_chain.clone(),
+                    identifier: *identifier,
+                }))
+                .into(),
+            );
+        }
     }
 
     PersistentStorage {
diff --git a/wallet/src/lib.rs b/wallet/src/lib.rs
index 460cfcfd..c8244ef9 100644
--- a/wallet/src/lib.rs
+++ b/wallet/src/lib.rs
@@ -15,7 +15,7 @@ use bip39::Mnemonic;
 use chain_storage::WalletChainStore;
 use common::{HashType, transaction::NSSATransaction};
 use config::WalletConfig;
-use key_protocol::key_management::key_tree::{chain_index::ChainIndex, traits::KeyNode as _};
+use key_protocol::key_management::key_tree::chain_index::ChainIndex;
 use log::info;
 use nssa::{
     Account, AccountId, PrivacyPreservingTransaction,
@@ -256,13 +256,35 @@ impl WalletCore {
             .generate_new_public_transaction_private_key(chain_index)
     }
 
+    pub fn create_private_accounts_key(&mut self, chain_index: Option<ChainIndex>) -> ChainIndex {
+        self.storage
+            .user_data
+            .create_private_accounts_key(chain_index)
+    }
+
     pub fn create_new_account_private(
         &mut self,
         chain_index: Option<ChainIndex>,
     ) -> (AccountId, ChainIndex) {
-        self.storage
+        let cci = self
+            .storage
             .user_data
-            .generate_new_privacy_preserving_transaction_key_chain(chain_index)
+            .create_private_accounts_key(chain_index);
+        let identifier: nssa_core::Identifier = rand::random();
+        let npk = self
+            .storage
+            .user_data
+            .private_key_tree
+            .key_map
+            .get(&cci)
+            .expect("Node was just inserted")
+            .value
+            .0
+            .nullifier_public_key;
+        let account_id = AccountId::from((&npk, identifier));
+        self.storage
+            .insert_private_account_data(account_id, identifier, Account::default());
+        (account_id, cci)
     }
 
     /// Get account balance.
@@ -295,13 +317,14 @@ impl WalletCore {
         self.storage
             .user_data
             .get_private_account(account_id)
-            .map(|value| value.1.clone())
+            .map(|(_keys, account, _identifier)| account)
     }
 
     #[must_use]
     pub fn get_private_account_commitment(&self, account_id: AccountId) -> Option<Commitment> {
-        let (keys, account) = self.storage.user_data.get_private_account(account_id)?;
-        Some(Commitment::new(&keys.nullifier_public_key, account))
+        let (_keys, account, _identifier) =
+            self.storage.user_data.get_private_account(account_id)?;
+        Some(Commitment::new(&account_id, &account))
     }
 
     /// Poll transactions.
@@ -334,7 +357,7 @@ impl WalletCore {
                     let acc_ead = tx.message.encrypted_private_post_states[output_index].clone();
                     let acc_comm = tx.message.new_commitments[output_index].clone();
 
-                    let res_acc = nssa_core::EncryptionScheme::decrypt(
+                    let (identifier, res_acc) = nssa_core::EncryptionScheme::decrypt(
                         &acc_ead.ciphertext,
                         secret,
                         &acc_comm,
@@ -347,7 +370,7 @@ impl WalletCore {
                     println!("Received new acc {res_acc:#?}");
 
                     self.storage
-                        .insert_private_account_data(*acc_account_id, res_acc);
+                        .insert_private_account_data(*acc_account_id, identifier, res_acc);
                 }
                 AccDecodeData::Skip => {}
             }
@@ -390,13 +413,7 @@ impl WalletCore {
         let (output, proof) = nssa::privacy_preserving_transaction::circuit::execute_and_prove(
             pre_states,
             instruction_data,
-            acc_manager.visibility_mask().to_vec(),
-            private_account_keys
-                .iter()
-                .map(|keys| (keys.npk, keys.ssk))
-                .collect::<Vec<_>>(),
-            acc_manager.private_account_auth(),
-            acc_manager.private_account_membership_proofs(),
+            acc_manager.account_identities(),
             &program.to_owned(),
         )
         .unwrap();
@@ -483,33 +500,33 @@ impl WalletCore {
             .storage
             .user_data
             .default_user_private_accounts
-            .iter()
-            .map(|(acc_account_id, (key_chain, _))| (*acc_account_id, key_chain, None))
-            .chain(self.storage.user_data.private_key_tree.key_map.iter().map(
-                |(chain_index, keys_node)| {
-                    (
-                        keys_node.account_id(),
-                        &keys_node.value.0,
-                        chain_index.index(),
-                    )
-                },
-            ));
+            .values()
+            .map(|entry| (&entry.key_chain, None))
+            .chain(
+                self.storage
+                    .user_data
+                    .private_key_tree
+                    .key_map
+                    .iter()
+                    .map(|(chain_index, keys_node)| (&keys_node.value.0, chain_index.index())),
+            );
 
         let affected_accounts = private_account_key_chains
-            .flat_map(|(acc_account_id, key_chain, index)| {
+            .flat_map(|(key_chain, index)| {
                 let view_tag = EncryptedAccountData::compute_view_tag(
                     &key_chain.nullifier_public_key,
                     &key_chain.viewing_public_key,
                 );
+                let new_commitments = &tx.message.new_commitments;
 
                 tx.message()
                     .encrypted_private_post_states
                     .iter()
                     .enumerate()
                     .filter(move |(_, encrypted_data)| encrypted_data.view_tag == view_tag)
-                    .filter_map(|(ciph_id, encrypted_data)| {
+                    .filter_map(move |(ciph_id, encrypted_data)| {
                         let ciphertext = &encrypted_data.ciphertext;
-                        let commitment = &tx.message.new_commitments[ciph_id];
+                        let commitment = &new_commitments[ciph_id];
                         let shared_secret =
                             key_chain.calculate_shared_secret_receiver(&encrypted_data.epk, index);
 
@@ -521,18 +538,24 @@ impl WalletCore {
                                 .try_into()
                                 .expect("Ciphertext ID is expected to fit in u32"),
                         )
+                        .map(|(identifier, res_acc)| {
+                            let account_id = nssa::AccountId::from((
+                                &key_chain.nullifier_public_key,
+                                identifier,
+                            ));
+                            (account_id, identifier, res_acc)
+                        })
                     })
-                    .map(move |res_acc| (acc_account_id, res_acc))
                     .collect::<Vec<_>>()
             })
             .collect::<Vec<_>>();
 
-        for (affected_account_id, new_acc) in affected_accounts {
+        for (affected_account_id, identifier, new_acc) in affected_accounts {
             info!(
                 "Received new account for account_id {affected_account_id:#?} with account object {new_acc:#?}"
             );
             self.storage
-                .insert_private_account_data(affected_account_id, new_acc);
+                .insert_private_account_data(affected_account_id, identifier, new_acc);
         }
     }
 
diff --git a/wallet/src/privacy_preserving_tx.rs b/wallet/src/privacy_preserving_tx.rs
index 14a805c7..35419534 100644
--- a/wallet/src/privacy_preserving_tx.rs
+++ b/wallet/src/privacy_preserving_tx.rs
@@ -2,9 +2,11 @@ use anyhow::Result;
 use key_protocol::key_management::ephemeral_key_holder::EphemeralKeyHolder;
 use nssa::{AccountId, PrivateKey};
 use nssa_core::{
-    MembershipProof, NullifierPublicKey, NullifierSecretKey, SharedSecretKey,
+    Identifier, InputAccountIdentity, MembershipProof, NullifierPublicKey, NullifierSecretKey,
+    SharedSecretKey,
     account::{AccountWithMetadata, Nonce},
     encryption::{EphemeralPublicKey, ViewingPublicKey},
+    program::{PdaSeed, ProgramId},
 };
 
 use crate::{ExecutionFailureKind, WalletCore};
@@ -16,6 +18,17 @@ pub enum PrivacyPreservingAccount {
     PrivateForeign {
         npk: NullifierPublicKey,
         vpk: ViewingPublicKey,
+        identifier: Identifier,
+    },
+    /// A private PDA with externally-provided keys. The caller resolves the keys
+    /// (e.g. via `GroupKeyHolder::derive_keys_for_pda`) before constructing this variant.
+    /// The wallet computes the `AccountId` via `AccountId::for_private_pda(program_id, seed, npk)`.
+    PrivatePda {
+        nsk: NullifierSecretKey,
+        npk: NullifierPublicKey,
+        vpk: ViewingPublicKey,
+        program_id: ProgramId,
+        seed: PdaSeed,
     },
 }
 
@@ -29,7 +42,13 @@ impl PrivacyPreservingAccount {
     pub const fn is_private(&self) -> bool {
         matches!(
             &self,
-            Self::PrivateOwned(_) | Self::PrivateForeign { npk: _, vpk: _ }
+            Self::PrivateOwned(_)
+                | Self::PrivateForeign {
+                    npk: _,
+                    vpk: _,
+                    identifier: _,
+                }
+                | Self::PrivatePda { .. }
         )
     }
 }
@@ -51,7 +70,6 @@ enum State {
 
 pub struct AccountManager {
     states: Vec<State>,
-    visibility_mask: Vec<u8>,
 }
 
 impl AccountManager {
@@ -59,11 +77,10 @@ impl AccountManager {
         wallet: &WalletCore,
         accounts: Vec<PrivacyPreservingAccount>,
     ) -> Result<Self, ExecutionFailureKind> {
-        let mut pre_states = Vec::with_capacity(accounts.len());
-        let mut visibility_mask = Vec::with_capacity(accounts.len());
+        let mut states = Vec::with_capacity(accounts.len());
 
         for account in accounts {
-            let (state, mask) = match account {
+            let state = match account {
                 PrivacyPreservingAccount::Public(account_id) => {
                     let acc = wallet
                         .get_account_public(account_id)
@@ -73,37 +90,54 @@ impl AccountManager {
                     let sk = wallet.get_account_public_signing_key(account_id).cloned();
                     let account = AccountWithMetadata::new(acc.clone(), sk.is_some(), account_id);
 
-                    (State::Public { account, sk }, 0)
+                    State::Public { account, sk }
                 }
                 PrivacyPreservingAccount::PrivateOwned(account_id) => {
                     let pre = private_acc_preparation(wallet, account_id).await?;
-                    let mask = if pre.pre_state.is_authorized { 1 } else { 2 };
 
-                    (State::Private(pre), mask)
+                    State::Private(pre)
                 }
-                PrivacyPreservingAccount::PrivateForeign { npk, vpk } => {
+                PrivacyPreservingAccount::PrivateForeign {
+                    npk,
+                    vpk,
+                    identifier,
+                } => {
                     let acc = nssa_core::account::Account::default();
-                    let auth_acc = AccountWithMetadata::new(acc, false, &npk);
+                    let auth_acc = AccountWithMetadata::new(acc, false, (&npk, identifier));
+                    let eph_holder = EphemeralKeyHolder::new(&npk);
+                    let ssk = eph_holder.calculate_shared_secret_sender(&vpk);
+                    let epk = eph_holder.generate_ephemeral_public_key();
                     let pre = AccountPreparedData {
                         nsk: None,
                         npk,
+                        identifier,
                         vpk,
                         pre_state: auth_acc,
                         proof: None,
+                        ssk,
+                        epk,
                     };
 
-                    (State::Private(pre), 2)
+                    State::Private(pre)
+                }
+                PrivacyPreservingAccount::PrivatePda {
+                    nsk,
+                    npk,
+                    vpk,
+                    program_id,
+                    seed,
+                } => {
+                    let pre =
+                        private_pda_preparation(wallet, nsk, npk, vpk, &program_id, &seed).await?;
+
+                    State::Private(pre)
                 }
             };
 
-            pre_states.push(state);
-            visibility_mask.push(mask);
+            states.push(state);
         }
 
-        Ok(Self {
-            states: pre_states,
-            visibility_mask,
-        })
+        Ok(Self { states })
     }
 
     pub fn pre_states(&self) -> Vec<AccountWithMetadata> {
@@ -116,10 +150,6 @@ impl AccountManager {
             .collect()
     }
 
-    pub fn visibility_mask(&self) -> &[u8] {
-        &self.visibility_mask
-    }
-
     pub fn public_account_nonces(&self) -> Vec<Nonce> {
         self.states
             .iter()
@@ -134,37 +164,62 @@ impl AccountManager {
         self.states
             .iter()
             .filter_map(|state| match state {
-                State::Private(pre) => {
-                    let eph_holder = EphemeralKeyHolder::new(&pre.npk);
+                State::Private(pre) => Some(PrivateAccountKeys {
+                    npk: pre.npk,
+                    ssk: pre.ssk,
+                    vpk: pre.vpk.clone(),
+                    epk: pre.epk.clone(),
+                }),
+                State::Public { .. } => None,
+            })
+            .collect()
+    }
 
-                    Some(PrivateAccountKeys {
-                        npk: pre.npk,
-                        ssk: eph_holder.calculate_shared_secret_sender(&pre.vpk),
-                        vpk: pre.vpk.clone(),
-                        epk: eph_holder.generate_ephemeral_public_key(),
-                    })
+    /// Build the per-account input vec for the privacy-preserving circuit. Each variant carries
+    /// exactly the fields the circuit's code path for that account needs, with the ephemeral
+    /// keys (`ssk`) drawn from the cached values that `private_account_keys` and the message
+    /// construction also use, so all three views agree on the same ephemeral key.
+    pub fn account_identities(&self) -> Vec<InputAccountIdentity> {
+        self.states
+            .iter()
+            .map(|state| match state {
+                State::Public { .. } => InputAccountIdentity::Public,
+                State::Private(pre) if pre.identifier == u128::MAX => {
+                    // Private PDA account
+                    match (pre.nsk, pre.proof.clone()) {
+                        (Some(nsk), Some(membership_proof)) => {
+                            InputAccountIdentity::PrivatePdaUpdate {
+                                ssk: pre.ssk,
+                                nsk,
+                                membership_proof,
+                            }
+                        }
+                        _ => InputAccountIdentity::PrivatePdaInit {
+                            npk: pre.npk,
+                            ssk: pre.ssk,
+                        },
+                    }
                 }
-                State::Public { .. } => None,
-            })
-            .collect()
-    }
-
-    pub fn private_account_auth(&self) -> Vec<NullifierSecretKey> {
-        self.states
-            .iter()
-            .filter_map(|state| match state {
-                State::Private(pre) => pre.nsk,
-                State::Public { .. } => None,
-            })
-            .collect()
-    }
-
-    pub fn private_account_membership_proofs(&self) -> Vec<Option<MembershipProof>> {
-        self.states
-            .iter()
-            .filter_map(|state| match state {
-                State::Private(pre) => Some(pre.proof.clone()),
-                State::Public { .. } => None,
+                State::Private(pre) => match (pre.nsk, pre.proof.clone()) {
+                    (Some(nsk), Some(membership_proof)) => {
+                        InputAccountIdentity::PrivateAuthorizedUpdate {
+                            ssk: pre.ssk,
+                            nsk,
+                            membership_proof,
+                            identifier: pre.identifier,
+                        }
+                    }
+                    (Some(nsk), None) => InputAccountIdentity::PrivateAuthorizedInit {
+                        ssk: pre.ssk,
+                        nsk,
+                        identifier: pre.identifier,
+                    },
+                    (None, _) => InputAccountIdentity::PrivateUnauthorized {
+                        npk: pre.npk,
+                        ssk: pre.ssk,
+                        identifier: pre.identifier,
+                    },
+                },
             })
             .collect()
     }
@@ -193,20 +248,25 @@ impl AccountManager {
 struct AccountPreparedData {
     nsk: Option<NullifierSecretKey>,
     npk: NullifierPublicKey,
+    identifier: Identifier,
     vpk: ViewingPublicKey,
     pre_state: AccountWithMetadata,
     proof: Option<MembershipProof>,
+    /// Cached shared-secret key derived once at `AccountManager::new`. Reused for both the
+    /// circuit input variant (`account_identities()`) and the message ephemeral-key tuples
+    /// (`private_account_keys()`), so all consumers see the same key. The corresponding
+    /// `EphemeralKeyHolder` uses `OsRng` and would produce a different value on a second call.
+    ssk: SharedSecretKey,
+    /// Cached ephemeral public key, paired with `ssk`.
+    epk: EphemeralPublicKey,
 }
 
 async fn private_acc_preparation(
     wallet: &WalletCore,
     account_id: AccountId,
 ) -> Result<AccountPreparedData, ExecutionFailureKind> {
-    let Some((from_keys, from_acc)) = wallet
-        .storage
-        .user_data
-        .get_private_account(account_id)
-        .cloned()
+    let Some((from_keys, from_acc, from_identifier)) =
+        wallet.storage.user_data.get_private_account(account_id)
     else {
         return Err(ExecutionFailureKind::KeyNotFoundError);
     };
@@ -224,13 +284,73 @@ async fn private_acc_preparation(
 
     // TODO: Technically we could allow unauthorized owned accounts, but currently we don't have
     // support from that in the wallet.
-    let sender_pre = AccountWithMetadata::new(from_acc.clone(), true, &from_npk);
+    let sender_pre = AccountWithMetadata::new(from_acc.clone(), true, (&from_npk, from_identifier));
+
+    let eph_holder = EphemeralKeyHolder::new(&from_npk);
+    let ssk = eph_holder.calculate_shared_secret_sender(&from_vpk);
+    let epk = eph_holder.generate_ephemeral_public_key();
 
     Ok(AccountPreparedData {
         nsk: Some(nsk),
         npk: from_npk,
+        identifier: from_identifier,
         vpk: from_vpk,
         pre_state: sender_pre,
         proof,
+        ssk,
+        epk,
+    })
+}
+
+async fn private_pda_preparation(
+    wallet: &WalletCore,
+    nsk: NullifierSecretKey,
+    npk: NullifierPublicKey,
+    vpk: ViewingPublicKey,
+    program_id: &ProgramId,
+    seed: &PdaSeed,
+) -> Result<AccountPreparedData, ExecutionFailureKind> {
+    let account_id = nssa::AccountId::for_private_pda(program_id, seed, &npk);
+
+    // Check local cache first (private PDA state is encrypted on-chain, the sequencer
+    // only stores commitments). Fall back to default for new PDAs.
+    let acc = wallet
+        .storage
+        .user_data
+        .pda_accounts
+        .get(&account_id)
+        .cloned()
+        .unwrap_or_default();
+
+    let exists = acc != nssa_core::account::Account::default();
+
+    // is_authorized tracks whether the account existed on-chain before this tx.
+    // NSK is only provided for existing accounts: the circuit consumes NSKs sequentially
+    // from an iterator and asserts none are left over, so supplying an NSK for a new
+    // (unauthorized) account would trigger the over-supply assertion.
+    let pre_state = AccountWithMetadata::new(acc, exists, account_id);
+
+    let proof = if exists {
+        wallet
+            .check_private_account_initialized(account_id)
+            .await
+            .unwrap_or(None)
+    } else {
+        None
+    };
+
+    let eph_holder = EphemeralKeyHolder::new(&npk);
+    let ssk = eph_holder.calculate_shared_secret_sender(&vpk);
+    let epk = eph_holder.generate_ephemeral_public_key();
+
+    Ok(AccountPreparedData {
+        nsk: exists.then_some(nsk),
+        npk,
+        identifier: u128::MAX,
+        vpk,
+        pre_state,
+        proof,
+        ssk,
+        epk,
     })
 }
diff --git a/wallet/src/program_facades/native_token_transfer/private.rs b/wallet/src/program_facades/native_token_transfer/private.rs
index c3a2125b..d317b31c 100644
--- a/wallet/src/program_facades/native_token_transfer/private.rs
+++ b/wallet/src/program_facades/native_token_transfer/private.rs
@@ -2,7 +2,7 @@ use std::vec;
 
 use common::HashType;
 use nssa::{AccountId, program::Program};
-use nssa_core::{NullifierPublicKey, SharedSecretKey, encryption::ViewingPublicKey};
+use nssa_core::{Identifier, NullifierPublicKey, SharedSecretKey, encryption::ViewingPublicKey};
 
 use super::{NativeTokenTransfer, auth_transfer_preparation};
 use crate::{ExecutionFailureKind, PrivacyPreservingAccount};
@@ -33,6 +33,7 @@ impl NativeTokenTransfer<'_> {
         from: AccountId,
         to_npk: NullifierPublicKey,
         to_vpk: ViewingPublicKey,
+        to_identifier: Identifier,
         balance_to_move: u128,
     ) -> Result<(HashType, [SharedSecretKey; 2]), ExecutionFailureKind> {
         let (instruction_data, program, tx_pre_check) = auth_transfer_preparation(balance_to_move);
@@ -44,6 +45,7 @@ impl NativeTokenTransfer<'_> {
                     PrivacyPreservingAccount::PrivateForeign {
                         npk: to_npk,
                         vpk: to_vpk,
+                        identifier: to_identifier,
                     },
                 ],
                 instruction_data,
diff --git a/wallet/src/program_facades/native_token_transfer/shielded.rs b/wallet/src/program_facades/native_token_transfer/shielded.rs
index 625e1a8b..8f7ba2b5 100644
--- a/wallet/src/program_facades/native_token_transfer/shielded.rs
+++ b/wallet/src/program_facades/native_token_transfer/shielded.rs
@@ -1,6 +1,6 @@
 use common::HashType;
 use nssa::AccountId;
-use nssa_core::{NullifierPublicKey, SharedSecretKey, encryption::ViewingPublicKey};
+use nssa_core::{Identifier, NullifierPublicKey, SharedSecretKey, encryption::ViewingPublicKey};
 
 use super::{NativeTokenTransfer, auth_transfer_preparation};
 use crate::{ExecutionFailureKind, PrivacyPreservingAccount};
@@ -39,6 +39,7 @@ impl NativeTokenTransfer<'_> {
         from: AccountId,
         to_npk: NullifierPublicKey,
         to_vpk: ViewingPublicKey,
+        to_identifier: Identifier,
         balance_to_move: u128,
     ) -> Result<(HashType, SharedSecretKey), ExecutionFailureKind> {
         let (instruction_data, program, tx_pre_check) = auth_transfer_preparation(balance_to_move);
@@ -50,6 +51,7 @@ impl NativeTokenTransfer<'_> {
                     PrivacyPreservingAccount::PrivateForeign {
                         npk: to_npk,
                         vpk: to_vpk,
+                        identifier: to_identifier,
                     },
                 ],
                 instruction_data,
diff --git a/wallet/src/program_facades/token.rs b/wallet/src/program_facades/token.rs
index 1f941c8c..d105a4de 100644
--- a/wallet/src/program_facades/token.rs
+++ b/wallet/src/program_facades/token.rs
@@ -1,6 +1,6 @@
 use common::{HashType, transaction::NSSATransaction};
 use nssa::{AccountId, program::Program};
-use nssa_core::{NullifierPublicKey, SharedSecretKey, encryption::ViewingPublicKey};
+use nssa_core::{Identifier, NullifierPublicKey, SharedSecretKey, encryption::ViewingPublicKey};
 use sequencer_service_rpc::RpcClient as _;
 use token_core::Instruction;
 
@@ -247,6 +247,7 @@ impl Token<'_> {
         sender_account_id: AccountId,
         recipient_npk: NullifierPublicKey,
         recipient_vpk: ViewingPublicKey,
+        recipient_identifier: Identifier,
         amount: u128,
     ) -> Result<(HashType, [SharedSecretKey; 2]), ExecutionFailureKind> {
         let instruction = Instruction::Transfer {
@@ -262,6 +263,7 @@ impl Token<'_> {
                     PrivacyPreservingAccount::PrivateForeign {
                         npk: recipient_npk,
                         vpk: recipient_vpk,
+                        identifier: recipient_identifier,
                     },
                 ],
                 instruction_data,
@@ -343,6 +345,7 @@ impl Token<'_> {
         sender_account_id: AccountId,
         recipient_npk: NullifierPublicKey,
         recipient_vpk: ViewingPublicKey,
+        recipient_identifier: Identifier,
         amount: u128,
     ) -> Result<(HashType, SharedSecretKey), ExecutionFailureKind> {
         let instruction = Instruction::Transfer {
@@ -358,6 +361,7 @@ impl Token<'_> {
                     PrivacyPreservingAccount::PrivateForeign {
                         npk: recipient_npk,
                         vpk: recipient_vpk,
+                        identifier: recipient_identifier,
                     },
                 ],
                 instruction_data,
@@ -606,6 +610,7 @@ impl Token<'_> {
         definition_account_id: AccountId,
         holder_npk: NullifierPublicKey,
         holder_vpk: ViewingPublicKey,
+        holder_identifier: Identifier,
         amount: u128,
     ) -> Result<(HashType, [SharedSecretKey; 2]), ExecutionFailureKind> {
         let instruction = Instruction::Mint {
@@ -621,6 +626,7 @@ impl Token<'_> {
                     PrivacyPreservingAccount::PrivateForeign {
                         npk: holder_npk,
                         vpk: holder_vpk,
+                        identifier: holder_identifier,
                     },
                 ],
                 instruction_data,
@@ -702,6 +708,7 @@ impl Token<'_> {
         definition_account_id: AccountId,
         holder_npk: NullifierPublicKey,
         holder_vpk: ViewingPublicKey,
+        holder_identifier: Identifier,
         amount: u128,
     ) -> Result<(HashType, SharedSecretKey), ExecutionFailureKind> {
         let instruction = Instruction::Mint {
@@ -717,6 +724,7 @@ impl Token<'_> {
                     PrivacyPreservingAccount::PrivateForeign {
                         npk: holder_npk,
                         vpk: holder_vpk,
+                        identifier: holder_identifier,
                     },
                 ],
                 instruction_data,