Aegis

AEGIS: Shop everywhere, share nothing. Privacy-preserving commerce intelligence on Midnight.

Comment

Inspiration

Every time you buy something online or in a physical store, you hand over your data. Your name, your email, your purchase history, replicated across dozens of databases you no longer control, secured with varying degrees of care, and monetized without your consent. The frustrating part isn't just the privacy loss. It's that the tradeoff doesn't even work well: each store only sees a fragment of your behavior, so their recommendations are mediocre, their campaigns are poorly targeted, and their understanding of the market is limited to their own slice of it.

What it does

Aegis is a privacy-preserving commerce intelligence network built on Midnight's zero-knowledge infrastructure. For consumers: When you make a purchase, the receipt arrives directly on your device via QR code at the point of sale. Your purchase history is built locally and never leaves your device in plaintext. You contribute anonymous ZK signals to the network, provably real, mathematically unidentifiable. For stores: Aegis gives merchants something they've never had before: collective market intelligence without pooling customer data. Stores learn category trends, purchase patterns, and seasonal signals derived from the entire network, verified on-chain, with no individual user ever exposed. They can also run targeted campaigns that reach relevant users without knowing who those users are. For the ecosystem: Midnight acts as a trust layer. Every signal contributed by a user device is a zero-knowledge proof, the network knows it's real without knowing who generated it. Every campaign delivered to a user is matched locally on the device. No central actor ever sees the full picture. The result: powerful AI-driven personalization that doesn't require sacrificing privacy.

How we built it

Aegis is built on three layers: Smart contract (Compact / Midnight): The on-chain layer manages two things, aggregated category signals contributed anonymously by user devices, and campaign registrations from stores. The contract accumulates a verifiable, tamper-proof view of market activity with no individual data ever touching the ledger. Backend (TypeScript): A neutral server operates the AI agent. It reads the aggregated state from Midnight and uses the Anthropic API to generate market intelligence and campaign recommendations for stores. Crucially, the agent never receives raw user data, it operates entirely on verified, aggregated on-chain state. Frontend (React): Two interfaces, a store dashboard for creating campaigns and reading market intelligence, and a user wallet view for managing the local profile and seeing incoming offers. The consumer side would be their own phone, with an application where receipts and consumer profiles are stored.

The proof server runs locally via Docker, and we deployed the contract to Midnight's testnet.

Challenges we ran into

The hardest challenge was architectural, not technical: designing a system where the AI agent is genuinely powerful without ever seeing private data. Most AI personalization systems treat privacy as a constraint that limits capability. We had to prove the opposite, that ZK proofs could make the agent more reliable, not less, because it operates on mathematically verified facts rather than self-reported data. On the technical side, the Compact toolchain is young. We hit syntax gotchas that weren't obvious from the documentation, the midnight_agent_skills community package was invaluable for avoiding common mistakes. Getting the proof server, indexer, and contract deployment working in the right sequence took iteration. The other challenge was incentive design: why would stores join a network that shares signals with competitors? The answer is the same reason banks joined Visa, the network effect makes every participant better off than they would be alone. Framing that clearly took time.

Our real focus is on small businesses, giving them the tools to unite and compete against the big players in the market.

Accomplishments that we're proud of

The core architectural insight: the AI agent operates on ZK-verified aggregates, not on user data. This isn't a privacy wrapper bolted onto an existing system, it's a fundamentally different model where privacy is load-bearing infrastructure. We also built a genuinely usable demo end-to-end: a Compact contract (on undeployable network for greater control over the new Midnight environment), a TypeScript backend with a live AI agent, and a React frontend that shows the full flow from store campaign creation to anonymous user matching.

What we learned

We were aware of zero-knowledge proofs and Midnight, but we hadn't yet dared to tackle building something real! This has been a great experience. Zero-knowledge proofs and AI agents are a more natural combination than they first appear. ZK solves exactly the problem that makes AI agents untrustworthy with sensitive data: you don't have to trust what the input claims to be, because the proof guarantees it mathematically. We also learned that Midnight's dual-state model, private local state vs. public ledger state, maps almost perfectly onto the architecture you want for privacy-preserving applications. The hard part isn't the cryptography, it's designing the right boundary between what goes on-chain and what stays on the device.

What's next for Aegis

The hackathon version demonstrates the core concept with a simplified signal model. The full vision has several layers: Richer ZK signal taxonomy: Beyond category signals, devices could contribute verified claims about purchase frequency, price sensitivity, and cross-category behavior, all without revealing the underlying transactions. Store analytics dashboard: Real-time market intelligence derived from the network, category trends, share of wallet estimates, churn signals, presented to merchants as actionable insights. Protocol decentralization: Aegis currently runs on a neutral server. The next step is moving the agent coordination on-chain so no single operator controls the network, using Midnight's programmable privacy to enforce the rules cryptographically. Point-of-sale integration: A lightweight SDK for existing POS systems to generate the QR receipt flow, making adoption seamless for physical retailers. Aegis started as a question, can AI be powerful without being invasive?, and Midnight gave us the tools to answer yes. But something much bigger could come from all this...

Built With

Share this project:

Updates