After you click deposit, three independent artifacts come into existence. Any one of them is enough to confirm your funds are in the pool. Together they let you verify the deposit without trusting the SolMask UI at all — which is the right level of paranoia for a privacy protocol.
You should check at least the first and the third. If you're being careful, check all three.
Check one: the transaction signature on-chain
The deposit instruction is a normal Solana transaction. When it confirms, the UI shows you a signature — a base58 string roughly 88 characters long. That signature is the canonical receipt that the deposit happened.
You can verify it with the Solana CLI:
solana confirm <signature>
A Finalized response means the transaction is permanent and irreversible. Anything else (Confirmed, Processed, or no result) means the cluster is still catching up; wait a few more seconds.
You can also plug the signature into any Solana block explorer — Solscan, SolanaFM, or the official explorer.solana.com — and inspect the instruction. You should see a single CPI that transfers your asset from your wallet's token account to the pool's vault — the full amount, since deposits are fee-free (the protocol fee is charged at withdraw time). You should also see a DepositEvent log line that includes your commitment hash, the leaf index, the amount that was actually shielded, and a wallet-encrypted recovery blob (encrypted_note) — the ciphertext that lets the same wallet rediscover this note on any device.
If the transaction is on-chain and finalized, your funds are in the pool. The cryptography doesn't depend on the UI's belief about what happened — it depends on what's actually on-chain.
Check two: the leaf in the relayer's Merkle endpoint
Within a few seconds of confirmation, the SolMask indexer picks up your deposit's DepositEvent and adds the commitment to its mirror of the Merkle tree. You can verify this directly by hitting the relayer's leaves endpoint for your asset's mint:
GET /merkle/<mint>/leaves?from=<your-leaf-index>&limit=1
The leaf index was printed in the deposit event and shown in the UI's "deposit succeeded" toast. The response is a small JSON blob containing your commitment as a hex string and the slot it was indexed at. If the commitment in the JSON matches the commitment the UI showed you at deposit time, the indexer has it and your withdraw will be possible as soon as your unlock slot is reached.
On a healthy mainnet RPC the indexer typically catches up within about five seconds of finalization. Quiet pools and weekend traffic dips can push that up to fifteen or twenty seconds. If your leaf hasn't appeared after a minute, the relayer may be lagging — your deposit is still safe on-chain, but you'll need to wait for the indexer to catch up before you can withdraw.
There's a parallel endpoint that returns just the current tree_size of a pool — useful if you want to confirm your leaf index is within the live tree's bounds, without enumerating leaves.
Check three: wallet recovery
This is the check that proves you can actually spend the deposit later — and unlike older designs, there is no file to keep and no passphrase to remember.
When you deposit, your browser derives the note's four secrets — the spend secret, the nullifier secret, the amount, and the unlock slot — from your wallet. It does this by asking the wallet to sign one fixed message; the signature is deterministic, so the same wallet always reproduces the same secrets, and nothing is written to a file. The deposit also encrypts a small recovery blob — { leaf_index, amount, unlock_slot } — to a key only your wallet can derive, and that ciphertext is published on-chain inside the DepositEvent as encrypted_note.
To verify recovery works, disconnect and reconnect your wallet (or open the app in a fresh browser profile) and let it re-scan. SolMask fetches every recovery blob for the pool, trial-decrypts them, and the ones encrypted to your wallet light up your balance — including the deposit you just made. If your balance appears on a device that never saw the deposit, recovery is confirmed end-to-end.
Because the authority is your wallet, the failure mode is different from a passphrase scheme: there is nothing to lose except access to the wallet itself. Keep the wallet's seed phrase safe the way you always would — that single secret reconstructs every note. SolMask stores nothing that could recover your notes; only your wallet can decrypt them, which is exactly what keeps the protocol non-custodial.
What "verified" looks like
You've verified a deposit when all three of these are true: the transaction signature finalizes on-chain, the relayer's leaves endpoint returns your commitment at your leaf index, and your balance reappears when you reconnect the same wallet — proving the on-chain recovery blob decrypts for you.
At that point you can close the tab. The pool will hold your funds for as long as you like — there is no expiry — and the only thing standing between you and a withdraw is the privacy delay you chose at deposit time, plus reconnecting the same wallet when you're ready to go, which re-derives the note automatically.