Mainnet · Live
The Dusk Network
Learning Hub
Privacy-first regulated blockchain for real-world assets. A visual, developer-focused reference for the Dusk protocol — architecture, consensus, node operations, and smart contracts.
Privacy by Design
Regulatory Ready
EVM Compatible
ZK-Native
Min 1,000 DUSK Stake
1,000
Min DUSK to Stake
~10s
Block Time
1B
Max DUSK Supply
~2s
DuskEVM Block Time
Section 01
Protocol Architecture
A modular three-layer stack: settlement at the base, EVM and privacy execution on top, connected by a trustless native bridge.
🔵 DuskDS — Foundation
- Canonical chain ordering & finality
- Succinct Attestation consensus (PoS)
- Phoenix + Moonlight transaction models
- Transfer & Stake genesis contracts
- Kadcast P2P networking (UDP 9000)
🟣 DuskVM — Privacy Execution
- Piecrust WASM VM (10× faster than predecessor)
- ZK-friendly host functions: PLONK, Groth16, BLS
- Rust contracts with
#[contract]macro - Delta-based state — only changes persisted
🔷 DuskEVM — EVM Execution
- Full EVM equivalence via OP Stack port
- Settles to DuskDS — no 7-day fault window
- Standard tooling: MetaMask, Hardhat, Foundry
- Chain IDs: 744 (mainnet), 745 (testnet)
⟷ Native Bridge
- Trustless, no wrapped assets needed
- Single DUSK token across all three layers
- MIPS pre-verifier eliminates fraud proof delay
- ~15 min withdrawal finalization
Section 02
Succinct Attestation
Dusk's PoS consensus delivers deterministic finality in three clean steps — essential for financial settlement applications.
⚡ Key Properties
- Minimum 1,000 DUSK to stake & participate
- 2-epoch maturity period (4,320 blocks) before earning
- Deterministic Sortition — no randomness oracle needed
- BLS signature aggregation for compact certificates
- Security: honest stake > 2/3 of total
📏 Epoch & Round Parameters
- 1 epoch = 2,160 blocks
- 64 committee credits per round
- Max 50 iterations per round before timeout
- Block reward: ~19.86 DUSK/block (Period 1)
- Split: 70% proposer + up to 10% bonus / 5% validation / 5% ratification / 10% Dusk Dev Fund (unclaimed bonus burned)
Finality States
Accepted — block passed all 3 steps in current round
Confirmed — block has subsequent blocks building on it
Stable — sufficiently buried, probabilistically irreversible
Final — deterministic, cryptographically guaranteed finality — cannot be reversed
Committee Selection Visualized
Section 03
Phoenix & Moonlight
Dusk's dual transaction model — choose privacy or transparency per transaction. Unique in blockchain design.
Conversion: Atomic Swap Between Models
shield — Moonlight balance → Phoenix notes (public to private)
unshield — Phoenix notes → Moonlight balance (private to public)
Handled by the Transfer Contract in a single atomic transaction — no bridges, no wrapped tokens
Both models can interact with the same smart contracts — full composability
Section 04
Kadcast P2P Network
Structured UDP-based broadcast protocol using Kademlia DHT. O(log n) complexity vs gossip's unpredictable fan-out.
🌐 How It Works
- Peer IDs: 128-bit Blake2b hash of IP+port
- XOR distance routing (Kademlia-style)
- k-buckets with LRU eviction + PING/PONG liveness
- β=3 delegates per bucket on broadcast
- Duplicate CHUNK messages are ignored (no storms)
📊 vs Gossip Protocols
- 25–50% bandwidth reduction vs gossip
- Predictable, lower latency
- Handles 12% UDP packet loss gracefully
- Sybil and Eclipse attack resistant by design
- Port: 9000/UDP — must be open inbound
Section 05
DuskEVM
Full EVM equivalence via OP Stack, settling to DuskDS instead of Ethereum. Solidity contracts with no code changes. Integration time drops from months to ~2 weeks.
🌐 Network Config
| Network | Chain ID |
|---|---|
| Mainnet | 744 |
| Testnet | 745 |
RPC: https://rpc.evm.dusk.network
⚠ EVM Behavioral Differences
- COINBASE → sequencer fee wallet (not miner)
- PREVRANDAO → DuskDS beacon (not ETH beacon)
- tx.origin → aliased for cross-layer calls
- All other opcodes identical to standard EVM
javascript — hardhat.config.js
module.exports = {
solidity: "0.8.24",
networks: {
duskEVM: {
url: "https://rpc.evm.dusk.network",
chainId: 744,
accounts: [process.env.PRIVATE_KEY],
},
},
};Section 06
Economic Protocol
How DUSK flows through the system — staking rewards, gas fees, autocontracts, and the transfer contract as financial middleware.
🤖 Autocontracts
- Execute autonomously when triggered by on-chain events
- Useful for: trading strategies, automated transfers, rebalancing
- Contracts can pay gas on behalf of users (sponsor model)
- Enables subscription fee models vs traditional tx taxes
💰 Token Supply
- Max supply: 1,000,000,000 DUSK
- 500M initial + 500M emitted over 36 years
- Halving every 4 years (Bitcoin-style)
- Period 1 ends ~2029 — highest emission now
Emission Schedule — 500M DUSK over 36 Years
| Period | Years | Emission | DUSK/Block |
|---|---|---|---|
| 1 | 0–4 | 250.48M | ~19.86 |
| 2 | 4–8 | 125.24M | ~9.93 |
| 3 | 8–12 | 62.62M | ~4.96 |
| 4 | 12–16 | 31.31M | ~2.48 |
| 5 | 16–20 | 15.65M | ~1.24 |
| 6 | 20–24 | 7.83M | ~0.62 |
| 7 | 24–28 | 3.91M | ~0.31 |
| 8 | 28–32 | 1.95M | ~0.16 |
| 9 | 32–36 | 0.98M | ~0.08 |
Section 07 · Key Differentiator
Dusk vs Ethereum
Ethereum is a general-purpose platform. Dusk is purpose-built for regulated finance. Not a fork — a ground-up redesign for the institutions that actually need compliance.
| Feature | Ethereum | Dusk |
|---|---|---|
| Consensus | Gasper (Casper FFG + LMD GHOST) | Succinct Attestation |
| Min Stake | 32 ETH | 1,000 DUSK |
| Block Time | 12s (targeting 2s by 2029) | ~10s DuskDS / ~2s DuskEVM |
| Finality | ~16 min (targeting 6-16s by 2029) | Deterministic via SA |
| Privacy | Public by default, privacy is multi-phase roadmap | Native — Phoenix (ZK UTXO) + Moonlight (transparent) |
| Transaction Model | Account-based only | Dual: Phoenix (UTXO/private) + Moonlight (account/public) |
| Smart Contracts | Solidity on EVM | Solidity on DuskEVM + Rust/WASM on DuskVM |
| ZK Proofs | L2 rollups only — L1 has none | Native PLONK at protocol level |
| MEV Protection | Transparent mempool → MEV extraction | Private execution — no surface to front-run |
| Compliance | No native compliance tooling | Citadel ZK-ID, NPEX licensed (MTF, ECSP, Broker) |
| Hardware | 32 ETH + execution + consensus clients | 2 cores, 4 GB RAM, 1,000 DUSK |
| P2P Network | Gossip (libp2p) | Kadcast — O(log n) structured broadcast |
Privacy by Design
Ethereum's privacy spans 5 roadmap phases over years. Dusk has ZK privacy at the protocol level today.
Regulatory Ready
Licensed under NPEX (MTF, ECSP, Broker, DLT-TSS pending). Citadel ZK identity. Ethereum has no native compliance.
Accessible Staking
1,000 DUSK vs 32 ETH. A dramatically lower barrier means more validators, better decentralization.
Dual Execution
Solidity (DuskEVM) + privacy Rust/WASM (DuskVM) under one roof with a trustless native bridge.
No MEV by Design
Private state execution means nothing to front-run. The transparent mempool problem doesn't exist.
RWA Native
Securities tokenization and compliant DeFi from day one. T-REX (ERC-3643), EMT contracts, OnchainID deployed.
Section 08
Node Setup Guides
Three tracks: standard setup, separated key for security, or USB cold storage with LUKS encryption for maximum protection.
bash — Standard Setup
# Install Rusk (mainnet)
curl --proto '=https' --tlsv1.2 -sSfL \
https://github.com/dusk-network/node-installer/releases/latest/download/node-installer.sh \
| sudo bash
# Create wallet (save mnemonic securely!)
rusk-wallet create
# Export consensus key to correct location
rusk-wallet export -d /opt/dusk/conf -n consensus.keys
# Set consensus key password
sh /opt/dusk/bin/setup_consensus_pwd.sh
# Fast sync state, then start node
service rusk stop && download_state && service rusk start
# Monitor sync progress
tail -F /var/log/rusk.log | grep "block accepted"
# Check block height (compare with explorer)
ruskquery block-height
# Stake once synced (min 1000 DUSK)
rusk-wallet stake --amt 1000
# Verify stake
rusk-wallet stake-infoRequirements
Ubuntu 24.04 LTS x64 — officially supported OS only
2 CPU cores, 4 GB RAM, 50 GB SSD, 10 Mbps stable connection
Open port 9000/UDP (Kadcast) — required for consensus
2-epoch maturity period (~4,320 blocks) before earning rewards
How does --owner make this secure?
When you run
When you run
rusk-wallet stake --amt 1000 --owner <owner-address> from the node wallet, you're writing an on-chain record: "this node's consensus key earns rewards, but only the owner address can unstake or withdraw." The node wallet can only sign consensus messages — if the server is compromised, the attacker cannot move funds. The owner address (your cold/hardware wallet) is the sole key that can call unstake or withdraw. Think of it as: the node is a worker, the owner holds the paycheck.
bash — Step 1: Owner Machine (cold/secure)
# Create the OWNER wallet on a secure machine (offline preferred)
rusk-wallet create
# Note your owner address — you'll need it for the staking step
rusk-wallet addresses
# Example output: owner address = 27xyK9gR...a1Bkbash — Step 2: Node Machine (server/VPS)
# Install Rusk node
curl --proto '=https' --tlsv1.2 -sSfL \
https://github.com/dusk-network/node-installer/releases/latest/download/node-installer.sh \
| sudo bash
# Create a SEPARATE wallet on the node (different mnemonic!)
rusk-wallet create
# Export consensus key for the node to use
rusk-wallet export -d /opt/dusk/conf -n consensus.keys
sh /opt/dusk/bin/setup_consensus_pwd.sh
# Fast sync state, then start node
service rusk stop && download_state && service rusk start
# Wait for sync — check block height matches explorer
ruskquery block-heightbash — Step 3: Stake with --owner (from node wallet)
# From the NODE machine, stake with the --owner flag
# Replace <owner-address> with the address from Step 1
rusk-wallet stake --amt 1000 --owner <owner-address>
# Verify stake and owner assignment
rusk-wallet stake-info
# You should see: owner = <owner-address> (NOT the node address)
# What this means:
# Node wallet → signs blocks, earns rewards
# Owner wallet → sole key that can unstake or withdraw
# Server hacked? → attacker CANNOT touch staked DUSKSecurity Model
Node compromised? Attacker can only sign consensus — cannot unstake, withdraw, or move funds
Owner key stays on a hardware wallet, airgapped machine, or secure cold storage
Two separate mnemonics — do not use the same mnemonic on both machines
To unstake later: run rusk-wallet unstake from the owner wallet only
Recommended by Dusk docs for validators with significant stake
Why USB + LUKS?
This is the most secure owner key setup. The wallet is generated directly onto a LUKS-encrypted USB drive — the owner key never exists on any hard drive. Even if the USB is lost or stolen, the data is encrypted and unreadable without your passphrase. You only plug it in when you need to unstake or withdraw rewards.
This is the most secure owner key setup. The wallet is generated directly onto a LUKS-encrypted USB drive — the owner key never exists on any hard drive. Even if the USB is lost or stolen, the data is encrypted and unreadable without your passphrase. You only plug it in when you need to unstake or withdraw rewards.
bash — Step 1: Prepare the LUKS-encrypted USB
# Insert USB drive and identify it (usually /dev/sdb or /dev/sdc)
lsblk
# IMPORTANT: Replace /dev/sdX with YOUR device — this ERASES the drive
# Install cryptsetup if not present
sudo apt update && sudo apt install -y cryptsetup
# Wipe and create a LUKS-encrypted partition
# You will be asked to set a strong passphrase — DO NOT FORGET IT
sudo cryptsetup luksFormat /dev/sdX1
# Open the encrypted partition (you'll enter the passphrase)
sudo cryptsetup open /dev/sdX1 dusk-cold
# Format the decrypted volume with ext4
sudo mkfs.ext4 /dev/mapper/dusk-cold
# Create a mount point and mount
sudo mkdir -p /mnt/dusk-cold
sudo mount /dev/mapper/dusk-cold /mnt/dusk-cold
# Set permissions so your user can write
sudo chown $(whoami):$(whoami) /mnt/dusk-coldbash — Step 2: Generate owner wallet onto USB
# Create the owner wallet DIRECTLY on the encrypted USB
# The -w flag tells rusk-wallet to use a custom directory
rusk-wallet create -w /mnt/dusk-cold/wallet
# Save your mnemonic phrase on paper (NOT digitally)
# This mnemonic + the USB are your only recovery paths
# Get the owner address — write this down, you need it for staking
rusk-wallet -w /mnt/dusk-cold/wallet addresses
# Example output: owner address = 27xyK9gR...a1Bk
# Verify the wallet files exist only on the USB
ls -la /mnt/dusk-cold/wallet/
# Should show .dat wallet filesbash — Step 3: Safely unmount and eject
# Unmount the drive
sudo umount /mnt/dusk-cold
# Close the LUKS encryption layer
sudo cryptsetup close dusk-cold
# Physically remove the USB drive
# Store it in a safe place (fireproof safe, safety deposit box, etc.)bash — Step 4: Set up node + stake with --owner
# === ON NODE MACHINE (server/VPS) ===
# Install Rusk node
curl --proto '=https' --tlsv1.2 -sSfL \
https://github.com/dusk-network/node-installer/releases/latest/download/node-installer.sh \
| sudo bash
# Create a SEPARATE node wallet (different mnemonic from USB!)
rusk-wallet create
# Export consensus key
rusk-wallet export -d /opt/dusk/conf -n consensus.keys
sh /opt/dusk/bin/setup_consensus_pwd.sh
# Sync and start
service rusk stop && download_state && service rusk start
ruskquery block-height # Wait for sync
# Stake using the owner address from your USB wallet
# Replace <owner-address> with the address from Step 2
rusk-wallet stake --amt 1000 --owner <owner-address>
# Verify: owner should show the USB wallet address
rusk-wallet stake-infobash — Later: Accessing USB wallet to unstake/withdraw
# When you need to unstake or withdraw rewards:
# Insert the USB drive
sudo cryptsetup open /dev/sdX1 dusk-cold
sudo mount /dev/mapper/dusk-cold /mnt/dusk-cold
# Unstake or withdraw using the USB wallet
rusk-wallet -w /mnt/dusk-cold/wallet unstake
rusk-wallet -w /mnt/dusk-cold/wallet withdraw
# Close up when done
sudo umount /mnt/dusk-cold
sudo cryptsetup close dusk-cold
# Remove USB and store safelySecurity Model
Three-layer protection: LUKS drive encryption + rusk-wallet password + --owner key separation
USB lost or stolen? Data is LUKS-encrypted — unreadable without your passphrase
Node compromised? Attacker has no access to the USB wallet — cannot unstake or withdraw
Key never on disk: owner wallet exists only on the USB — no trace left on any machine
Backup your mnemonic on paper — if the USB dies, the mnemonic is your recovery path
Use /dev/sdX1 carefully —
lsblk confirms the correct device before formattingSection 09
Smart Contract Development
Two parallel paths: Solidity on DuskEVM for EVM-standard contracts, or Rust/WASM on DuskVM for privacy-native contracts.
🦀 DuskVM Path (Rust)
- Use Forge framework — #[contract] macro
- Target: wasm32-unknown-unknown
- State as ordinary Rust structs (no key-value store)
- Native ZK host functions: verify_plonk, verify_bls
- Deploy via rusk-wallet contract-deploy
⚡ DuskEVM Path (Solidity)
- Standard Solidity 0.8.x — no modifications needed
- OpenZeppelin, ERC20/ERC721/ERC4626 all work
- T-REX (ERC-3643) security tokens deployed and live
- OnchainID (ERC734/ERC735) for KYC identity
- Verify contracts on Blockscout explorer
rust — DuskVM contract (Forge)
#![no_std]
#![cfg(target_family = "wasm")]
extern crate alloc;
use dusk_forge::contract;
#[contract]
mod counter {
use dusk_core::abi;
pub struct Counter { value: i64 }
impl Counter {
pub const fn new() -> Self { Self { value: 0 } }
pub fn read_value(&self) -> i64 { self.value }
pub fn increment(&mut self) {
self.value += 1;
abi::emit("incremented", self.value);
}
}
}Section 10
Wallet & Key Management
The rusk-wallet CLI manages DUSK, staking, smart contracts, and the Phoenix/Moonlight conversion in one tool.
| Command | What It Does |
|---|---|
| rusk-wallet create | Create a new wallet, generates 12-word mnemonic — back it up immediately |
| rusk-wallet restore | Restore from mnemonic — enter all words in lowercase |
| rusk-wallet balance | Show DUSK balance (all accounts) |
| rusk-wallet stake --amt 1000 | Stake 1,000 DUSK (minimum) |
| rusk-wallet stake-info | View current stake, maturity, rewards |
| rusk-wallet withdraw | Withdraw accumulated staking rewards |
| rusk-wallet unstake | Unstake — no waiting period, no penalty |
| rusk-wallet shield --amt 100 | Convert public (Moonlight) → shielded (Phoenix) |
| rusk-wallet unshield --amt 100 | Convert shielded (Phoenix) → public (Moonlight) |
| rusk-wallet export -d /opt/dusk/conf -n consensus.keys | Export consensus key to node directory |
| rusk-wallet contract-deploy --bytecode ./my.wasm | Deploy a smart contract to DuskVM |
Section 11
Node Maintenance & Security
Keep your node healthy to avoid slashing. Dusk currently uses soft slashing only — stake is moved to claimable rewards, not burned.
⚠ Soft Slashing (Recoverable)
- Triggered: missed block production (offline/slow)
- 1st offense: warning only, no stake loss
- 2nd+: N×10% moved to claimable rewards
- Suspended N epochs per consecutive fault
- Recoverable: withdraw and restake
- Faults reset on next reward earned
💡 Best Practices
- Never run two nodes with the same consensus.keys
- Monitor block height against explorer.dusk.network
- Keep your node updated to the latest Rusk version
- Use sentry node architecture for DoS protection
- Set up log monitoring and alerting
bash — Monitoring Commands
# Service status
service rusk status
# Live block acceptance (healthy node shows frequent output)
tail -F /var/log/rusk.log | grep "block accepted"
# Current block height (compare with explorer.dusk.network)
ruskquery block-height
# Stake status
rusk-wallet stake-info
# Port check — 9000/UDP must be open
ss -ulnp | grep 9000
# Node stuck? Fast resync:
service rusk stop && download_state && service rusk restartSection 12
Ecosystem & Community Projects
Live projects, integrations, and developer tools built on or partnered with Dusk Network.
Regulated Markets
NPEXPartnership
Strategic partnership with Dutch-licensed stock exchange (MTF). Building Europe’s first blockchain-powered securities market on Dusk. Over €200M raised, 17,500+ active investors. Products not yet live.
dusk.network/news/dusk-and-npex-partnership
Dusk TradeBuilding
Dusk’s own trading platform on DuskEVM (formerly STOX). Regulated assets — money-market funds, stocks, bonds — directly to users. Works alongside NPEX broker license for compliance.
dusk.network/news/3-keys-success
21XBuilding
Frankfurt-based DLT Pilot Regime securities market. One of the first to receive EU permission for blockchain-based trading and settlement. Planning Dusk as a supported chain.
dusk.network/news/multilayer-evolution
Privacy & Compliance
HedgerLive
Privacy engine for DuskEVM. Combines homomorphic encryption (ElGamal) + ZK proofs for confidential EVM transactions. In-browser proving <2s. Successor to Zedger.
dusk.network/news/hedger-confidential-duskevm
Citadel SSISDK Available
Self-Sovereign Identity protocol using ZK proofs. Prove KYC attributes (e.g. “over 18”) without revealing personal data. SDK exists but needs updates for the current Rusk model.
docs.dusk.network/developer/digital-identity/protocol
EURQAnnounced
Quantoz MiCA-compliant euro stablecoin (EMT). 102% overcollateralized. Licensed by Dutch Central Bank. Not yet live on Dusk mainnet.
quantoz.com/products/eurq-usdq
Cross-Chain & Infrastructure
Chainlink IntegrationIn Progress
CCIP for cross-chain tokenized assets (Ethereum, Solana). DataLink for NPEX market data on-chain. Data Streams for real-time pricing feeds. Integration not yet live.
finance.yahoo.com · Chainlink + Dusk + NPEX
Cordial SystemsIn Progress
Institutional-grade custody via Cordial Treasury. Self-custody without third-party custodians — banks and institutions retain direct key control over tokenized assets. Integration not yet live.
Cordial Treasury · Institutional Custody
BSC BridgeLive
Bidirectional bridge between native DUSK and BNB Smart Chain (BEP-20). Enables migration from ERC-20/BEP-20 legacy tokens to mainnet DUSK.
docs.dusk.network · Bridge
Developer Tools & SDKs
w3sper.jsLive
JavaScript/TypeScript SDK for dApp development. Address management, offline tx signing, event subscriptions, contract queries, and proof delegation.
jsr.io/@dusk/w3sper
Moat SDKLive
Citadel integration toolkit — CLI + API for SSI license requests, issuance, and verification. Enables apps to add private identity flows using Dusk’s on-chain Citadel contracts.
docs.dusk.network · Moat Integration
dusk-deploy-cliLive
CLI tool for deploying third-party smart contracts on Dusk. Requires only a seed phrase, contract binary, config file, and owner hex string.
github.com/dusk-network/rusk
Core Apps & Ecosystem Fund
Dusk Web WalletLive
Browser-based wallet with Phoenix (private) & Moonlight (transparent) support. Staking, shield/unshield, and EVM migration built in.
wallet.dusk.network
Block ExplorerLive
DuskDS mainnet explorer — blocks, transactions, validators, and staking info. Separate EVM explorer at explorer.evm.dusk.network.
explorer.dusk.network
Thesan Development FundActive
15 million DUSK allocated for ecosystem grants, developer incentives, and community projects. Funds protocol development and third-party integrations.
dusk.network · Thesan Fund
Section 13
Resources & Links
Official documentation, GitHub repositories, block explorers, and community channels.
Official Documentation
Complete protocol docs — learn, develop, operate
docs.dusk.network
GitHub Organization
All repositories — Rusk, Piecrust, Kadcast, PLONK
github.com/dusk-network
Rusk Node
Full node implementation — consensus, VM, wallet, prover
github.com/dusk-network/rusk
Piecrust VM
ZK-friendly WASM virtual machine for DuskVM contracts
github.com/dusk-network/piecrust
Block Explorer
DuskDS mainnet explorer — blocks, transactions, validators
explorer.dusk.network
EVM Explorer
DuskEVM Blockscout explorer — EVM contracts & transactions
explorer.evm.dusk.network
Multilayer Architecture
Announcement: DuskDS + DuskEVM + DuskVM three-layer design
dusk.network/news/multilayer-evolution
Node Installer
Official one-liner node installer for provisioner setup
github.com/dusk-network/node-installer
Tokenomics
DUSK supply, emission schedule, staking rewards model
docs.dusk.network/learn/tokenomics
Built with data from docs.dusk.network, github.com/dusk-network, and dusk.network. Not an official Dusk Foundation publication. Research date: March 2026.