IMPORTANT - Protecting Tokens
Making sure you don't lose tokens in different instances
Never use these addresses to receive tokens
This is Hinkal’s smart contract address: 0x25e5e82f5702a27c3466fe68f14abdbbadfca826
This is Hinkal’s relayer address: 0xc2212d2033F3bf0FDb9F11fA13fe6a260aA76D5d
It’s a contract that holds everyone’s private funds.
If tokens are sent there with a regular on-chain transfer, the relayer (which handles all transactions going in and out of the smart contract) will not be able to identify the recipient, resulting in lost funds.
Hinkal cannot reverse these transactions and is not liable for lost funds.
Anything you copy from a Blockchain scanner, a 3rd party dApp console, or elsewhere places you at risk of losing tokens.
ONLY receive assets through Receive → Payment link or Public address inside the wallet.

Scenario 1 — On-ramp with wallet connection
(e.g. Uniswap’s “Buy” → Connect Wallet → choose Private account)
The on-ramp sees the Private account (which is the contract), so it pays the contract itself. Funds have no owner and will never appear in your Private balance.
Connect your Public account instead. The Public account can accept regular onchain transfers simillar to any Ethereum address. Copy the address from the "Receive" screen.

Scenario 2 — On-ramp that asks for an address
(no wallet connection step, paste address)
Hinkal contract address (copied from Etherscan or a dApp)
Tokens stranded inside the contract, lost.
Public address from Receive → Copy Public address

Scenario 3 — Someone sends to the contract address
If you share the contract’s 0x… string with a friend, their standard ERC-20 transfer will drop tokens into the contract with no recipient. Funds lost.
Tell senders to use:
Payment link for public transfers to your Private account
Public address for public transfers to your Public account
Private address for shielded transfers between Hinkal users. (coming soon)
Scenario 4 — KYC or identity checks on dApps
Completing KYC with the Private account links your real-world info to the privacy contract. Always switch to a Public account before submitting personal details.
Steps to stay safe
Open extension → click account switcher → choose Public.
Confirm the top-right badge shows Connected next to Public.
Proceed with the dApp’s KYC flow.
Quick Checklist before receiving or on-ramping
Receiving? Copy the address from Receive inside Hinkal—never from a block explorer.
On-ramp? Use the Public address or connect with the Public account.
KYC? Public account only.
Friend paying you? Send them your Payment link, or Public address.
Never paste or share addresses from a blockchain scanner or dApp
Last updated