Ghost: ZK Notary Agent

Ghost: Zero-Knowledge Proofs as a Service with AI Enhancement - Grant Completed!

Introduction

Ghost is a Zero-Knowledge Proof system for the Internet Computer that enables private attestations while leveraging AI to make complex cryptography understandable to everyone.

Our platform allows users to generate cryptographic proofs that verify their token ownership without revealing sensitive information like balances. These proofs can be shared via links that contain all necessary verification data, making the verification process seamless for recipients.

Completed Milestones

We’re excited to announce that we’ve successfully completed both Milestone 1 and Milestone 2 of our DFINITY grant:

  • Milestone 1: Core ZK proof system for private attestations with shareable proof links
  • Milestone 2: AI-Enhanced proofs with natural language explanation and improved verification interface

Beyond the Grant: V2 Release

Going beyond our grant commitments, we’ve also launched V2 which introduces Token Range Proofs - allowing users to prove their balance falls within a specific range without revealing the exact amount. This is particularly valuable for eligibility verification while preserving privacy.

Key Features

  • Private Token Attestations: Prove ownership of tokens without revealing balances
  • Token Range Proofs (V2): Verify balance within ranges without revealing exact amounts
  • AI-Enhanced Explanations: Natural language summaries of what each proof verifies
  • Shareable Verification Links: Self-contained, one-click verification for recipients
  • Anonymous Verification: No wallet connection required to verify proofs
  • Complete Privacy Preservation: No sensitive data is ever exposed or stored centrally

Live Project & Resources

Technical Details

Ghost consists of:

  1. ZK Proof Canisters: Two separate canisters for standard proofs and range proofs
  2. Frontend Application: React-based UI with Tailwind CSS for a seamless user experience
  3. AI Integration: OpenAI-powered explanations of proof significance in natural language
  4. Internet Computer Authentication: Supports both Internet Identity and Plug wallet

Why We Built Ghost

In today’s blockchain ecosystem, verification typically means complete exposure of information - you can prove you own tokens, but only by revealing your exact balance. This creates privacy issues and security risks that prevent adoption by privacy-conscious users and enterprises.

Ghost solves this by leveraging Zero-Knowledge Proofs, allowing selective disclosure where users prove statements about their data without revealing the data itself.

Why We Built on the Internet Computer

We chose the Internet Computer for three main reasons:

  1. On-chain Verification: The canister architecture allows complex cryptographic operations directly on-chain
  2. Cost Efficiency: Low transaction costs make frequent verification practical
  3. Security Model: IC’s governance and security align with our privacy-first approach

Roadmap: Building Zero-Knowledge as a Service

What we’ve built is just the beginning. Our vision for Ghost is to become a comprehensive “Zero-Knowledge as a Service” platform:

  1. Phase 1 & 2 (Completed): Core proof system with AI enhancement
  2. Phase 3 (Completed Beyond Grant Scope): Token range proofs
  3. Phase 4 (Upcoming): Developer SDK and APIs for integration
  4. Phase 5 (Future): Educational resources for ZKP adoption and AI-automated proof generation

The Team

Community Engagement

We’re eager to hear from the ICP community! We want to know:

  1. What use cases do you see for Zero-Knowledge Proofs in your projects?
  2. What types of attestations would be most valuable to you?
  3. Would you prefer an SDK, API, or direct canister integration?

Support

This project was made possible with support from the DFINITY Foundation’s Developer Grant Program. We’d like to thank the Foundation for their support in bringing privacy-preserving technology to the Internet Computer ecosystem.

5 Likes

Hey just curious isn’t there sort of a flaw here where you can generate the proof? Then sell your tokens and the proof would still show you own the tokens? So I guess this is only valid for soul bound tokens? @gabrielrondon

I think you can at least prove that at some point in time you owned the tokens. Maybe even that your funds have a time-delay to spend.

There may be potential for payment channels if you (“payer”) can prove (to a “payee”) that you have a minimum balance of tokens in a canister and that:

  1. You cannot withdraw your tokens (or send them to another address) until after a particular timestamp (“expiration”).
  2. Funds are immediately and exclusively releasable to the payee’s wallet address if they call the canister to provide a “receipt” with a valid signature (the public key that verifies receipt signatures is part of the proof’s output).

To make transfers over the payment channel, you (the “payer”) just keep sending signed receipts to the payee. You can gradually increase the amount you are (provably) promising to pay - with each receipt you send, use the same nonce but a higher amount.

Eventually the payee can submit a receipt to the canister, receive payment and close the payment channel (freeing up the remaining balance to you). It would be in their best interest to not wait until after the time delay.

One caveat is that if the canister doesn’t get much use, by looking at transactions on the blockchain it may be easy to guess which wallet address you used to add funds to the canister.