Human-friendly identifiers such as email addresses and phone numbers are convenient payment targets, but direct mappings from identifiers to blockchain addresses make balances and transaction histories enumerable by anyone who knows the identifier. We present HFI-Pay, a relay-assisted protocol for privacy-preserving identifier-routed cryptocurrency payments. The relay resolves the identifier off-chain and registers only a random intent identifier, a per-intent blinded binding rho_i, and the quoted payment tuple on-chain; no identifier or reusable recipient tag is published before claim. In a verified-quote deployment, the sender verifies an attested quote proving that rho_i was derived from the same hidden binding handle as the recipient's attested binding-key commitment, preventing relay-side recipient substitution before funding. Claims are authorized by a zero-knowledge proof, instantiated through ZK-ACE, that the claimant controls the deterministic identity whose epoch-scoped handle opens the blinded binding and authorizes release of the quoted asset and amount to a chosen destination. We define observer-model games for enumeration resistance and pre-claim unlinkability, state the composition needed for post-quote claim correctness, and characterize relay compromise and post-claim linkability. Keywords: identifier-based payment, privacy-preserving, verifiable quote, blinded claim binding, zero-knowledge authorization

翻译：暂无翻译