Cloak's privacy model is based on a deposit and withdrawal pattern, where deposits include only a cryptographic commitment and withdrawals include only a zero-knowledge (ZK) proof, therefore there is no onchain link between them. A note holds the secrets needed to withdraw funds, it is treated as a private key. Commitments are Poseidon hashes of amount + randomness + spending key stored in an onchain Merkle tree. To withdraw, a ZK proof shows membership, secret ownership, nullifier validity, and correct values, without revealing which note was spent. Nullifiers prevents double spending by marking notes as spent. This design allows for private verification and spending, with proofs generated by the SDK directly from the on-chain state.