EclipseProof

EclipseProof: Privacy-preserving income verification using zero-knowledge proofs on Midnight Network. Prove you meet income requirements without revealing salary details. Built for MLH 2025.

Comment

EclipseProof: Our Hackathon Journey to Financial Privacy

The Spark of an Idea: Inspiration

In our digital lives, we're constantly asked to prove who we are and what we earn. Renting an apartment, financing a new phone, or even acting as a guarantor for a friend—all these common life events require us to hand over incredibly sensitive documents like payslips. We were inspired by the fundamental flaw in this process: we're forced to overshare. To prove we earn at least £2,500, we reveal our exact salary, our employer's details, our tax information, and more. This felt outdated, inefficient, and dangerously insecure.

This led us to a simple question: Can we prove a financial fact without revealing the underlying data? This question brought us to the world of Zero-Knowledge Proofs (ZKPs) and the Midnight blockchain, a platform designed from the ground up for privacy. Our vision for EclipseProof was born from this inspiration—to build a tool that empowers individuals to reclaim their financial privacy.

How We Built It: The Architecture of Trust

Our goal was to build a dApp that was not only powerful but also intuitive. We knew the user experience had to be seamless for both the person generating a proof and the person verifying it. We structured our project into three core components, following a modern monorepo structure.

1. The Frontend: frontend-vite-react

The user's first impression. We used React with Tailwind CSS to build a clean, responsive, and dark-themed interface that aligns with the "Midnight" aesthetic. The UI is split into two distinct paths: one for the user ("Alice") to upload her payslip and generate a proof, and another for the verifier (the landlord) to check that proof. All of this is handled in a single-page application for speed and simplicity.

2. The Backend Server: Node.js & Express

This was a critical architectural decision. The sensitive payslip data should never touch the user's browser or be stored on-chain. Our Express backend acts as a secure, temporary processing engine. It receives the payslip, parses the income (in a real-world scenario), and communicates with the Midnight network to generate the ZKP. It's the only part of the system that handles the raw data, and it's designed to be ephemeral.

3. The Smart Contract: Midnight Network

This is the heart of the trust layer. Written for the Midnight blockchain, our smart contract has two simple but powerful functions:

  • storeProof(): Takes the generated ZKP from our backend and stores it securely on-chain.
  • verifyProof(): Takes a proof key and a required income threshold. It performs the verification logic on-chain and returns a simple, trustworthy boolean: true or false.

The beauty of this model is that the smart contract—the public source of truth—never sees any private information.

Finally, we integrated Lace Wallet to provide a seamless and familiar web3 login experience for users, connecting them to the Midnight ecosystem right from our landing page.

Challenges We Faced

  1. The Web3 Learning Curve: Coming from a CS50x background, the shift from traditional web2 frameworks like Flask to a decentralized mindset was significant. Understanding gas, state, and the immutable nature of smart contracts was our first major hurdle.

  2. Grasping Zero-Knowledge Proofs: ZKPs are conceptually complex. Moving beyond the buzzword to understand the relationship between a Prover and a Verifier was a challenge. The core idea can be represented as the interaction where a Prover convinces a Verifier of a statement's truth without revealing anything else: $$ P(\text{private witness } w \text{ for statement } x) \longleftrightarrow V(\text{statement } x) \rightarrow {\text{true}, \text{false}} $$ Applying this powerful mathematical concept to our real-world use case required a lot of reading and experimentation with the Midnight SDK.

  3. Designing for Privacy: Our biggest challenge was ensuring our architecture lived up to our project's promise. We had long discussions about where the payslip data should be processed, leading to our decision to add a dedicated backend. This added complexity but was the only way to guarantee user privacy.

What We Learned

This hackathon was an incredible learning experience. Our key takeaways are:

  • The Power of Privacy Tech: We learned that ZKPs aren't just a theoretical concept; they are a practical tool that can solve real-world privacy issues today.
  • Hybrid Architectures are Key: We discovered that the most effective dApps often use a hybrid model, combining the trustless security of a blockchain with the secure, private processing of an off-chain backend.
  • Rapid Prototyping: Working within the hackathon's time constraints forced us to be pragmatic. We learned to build an MVP by focusing on the core user journey and using dummy logic to stand in for complex components until they could be built out.

EclipseProof is our first step towards a future where digital interactions don't require us to sacrifice our privacy. We're proud of what we built and are excited about the potential of privacy-preserving technology on Midnight.

Built With

Share this project:

Updates