KineticPay

An AI-powered liveness verifier for DePIN, using Gemini to validate human motion and Solana to incentivize it.

Comment

Inspiration

The AI world is growing exponentially, but the data to train the models is almost gone. The world is racing to build DePINs (Decentralized Physical Infrastructure Networks) to buy real-world data, but they all share a fatal flaw: how do you stop AI-generated "slop" data from polluting the network?

Inspired by this enterprise-grade problem, I decided to see how we can prove and validate sensor data that came from a real, live human.

What it does

So I built KineticPay. It's a "productive captcha" that solves two problems at once.

For Data Buyers (e.g., AI companies): It's a system to acquire provably human-generated sensor data. Buyers can place a "data bounty" for 8 specific motions, like "bicep curl" data for a fitness AI or "doorknob turn" data for a robotics AI.

For Users (The "Data Providers"): It's an incentive system. A user's phone gets the "data bounty" (the liveness challenge), and after they perform the motion, my AI guardrail verifies it.

My "AI Guardrail" is the core of the project. It's a backend service that uses the Google Gemini API to analyze the phone's sensor data. If Gemini confirms the motion matches the challenge ("YES, that was a bicep curl"), the system instantly triggers a Solana micropayment to the user.

This proves the data is authentic and creates a verified, monetizable dataset for the buyer.

How I built it

KineticPay is a hybrid system, combining the right tool for the right job.

Frontend: A single index.html file using vanilla JavaScript. It uses the DeviceMotionEvent API to capture 3D spatial data (for the Matt Steele prize) and pre-processes it into key features (peak acceleration, rotation) before sending it.

Backend (The AI Guardrail): A Python Flask server. I used Google's Gemini API as the "brain." I created an advanced prompt that enables Gemini to act as a real-time, time-series data analyst, distinguishing the signatures of 8 complex motions (winning the Google prize).

Payment Layer (The Incentive): A Python script using solana-py. When Gemini votes "YES," the Flask app spawns a background thread to send a 0.001 SOL payment on the Solana Devnet. This makes the UI feel instant and proves the "DePIN" model (winning the Solana prize).

Demo Setup: The whole system runs on my laptop and is exposed securely via ngrok, allowing anyone to scan a QR code and try the demo live.

Challenges I ran into

My biggest challenge was realizing my "guardrail" had a huge security hole.

The "Replay Attack" Flaw: I realized a hacker could record one "good" request (like a "bicep curl") and spam my endpoint to drain the wallet.

My Fix: I implemented an enterprise-grade security fix (for the Drive Capital prize) by adding a timestamp and a nonce (a unique, one-time number) to every request. My backend now validates that the request is new and has never been seen before.

The "Slow UI" Problem: My first build was synchronous. The app would freeze for 5-10 seconds waiting for the Solana transaction.

My Fix: I moved the payment call to an asynchronous background thread (threading.Thread). This returns an instant "Verified!" response to the user, creating a seamless, professional experience.

The "Boring Demo" Problem: My first tasks ("shake," "tap") were generic.

My Fix: I pivoted to 8 "relatable" challenges (like "doorknob turn" for robotics) that directly map to the business model. This instantly shows judges who would pay for this data.

Accomplishments that I'm proud of

I'm incredibly proud of building a "Grand Slam" project that perfectly hits 4 distinct prize tracks. I didn't just build a demo; I prototyped a real, scalable, and secure business model. I successfully built a hybrid system that uses the right tool for the right job: Gemini for its world-class reasoning, Solana for its unmatched speed, and secure spatial data collection with a robust guardrail.

What I learned

My biggest "Aha!" moment was realizing the answer to my own confusion. I wasn't just building a captcha or a data tool; I was building both.

A normal captcha is wasted work. The user proves they're human, and that "proof" is thrown away.

My project is a "Productive Captcha." The act of proving you're human is the exact same act that generates the valuable, monetizable data. The liveness challenge is the data collection method. This "proof-of-liveness" is what gives the data its value, turning a security cost into a product.

What's next for KineticPay

KineticPay is now a robust proof of concept. The next steps are to build out the full marketplace:

Build a Data-Collection Mode: Capture 100,000 verified motions to fine-tune a specialized AI model for 99.9% accuracy.

Scale the Backend: Replace the simple threading model with a production-grade Celery and Redis task queue to handle millions of concurrent payment requests.

Build the Buyer Dashboard: Create the "other side" of the marketplace—a dashboard where data scientists can log in, browse our 8 data categories, and purchase the verified datasets.

Built With

Share this project:

Updates