ZeroPrompt V2

• 

  Live Anonymization: PII is instantly detected and replaced with opaque tokens before leaving your device. Privacy Shield scores the threat.

• 

  Blind AI Processing: See exactly what the AI sees. Raw sensitive text (red) is held locally while only tokens (green) are sent to ai.

• 

  Cryptographic Proof: Every prompt generates a SHA-256 commitment hash simulating a Midnight blockchain record for verifiable receipts.

• 

  Threat Analytics: Track your Protection Streak, calculate the dark web value of your secured data, and map all redacted entity categories.

Inspiration

In the era of LLMs, businesses and individuals face a critical dilemma: they want to leverage the power of advanced AI models like Claude, but they cannot risk sending sensitive Personally Identifiable Information (PII) or confidential corporate data to third-party cloud providers. We were inspired to bridge this gap. We wanted to create a "Blind AI" system where the AI can reason about a prompt without ever seeing the raw sensitive data, and crucially, we wanted to use the Midnight blockchain to cryptographically prove to users that their data never left their device.

What it does

ZeroPrompt V2 is a client-side Verifiable Blind AI chat application. When a user types a prompt containing sensitive data (SSNs, medical conditions, financials, names, or custom enterprise terms), ZeroPrompt intercepts it entirely within the browser.

1. Client-Side Anonymization: It uses NLP and regex dictionaries to redact sensitive data into opaque tokens (e.g., [NAME_1], [MEDICAL_1]).
2. Blind AI Processing: Only the tokenized text is sent to the Cloud AI. The AI reasons using the tokens and responds with them.
3. Cryptographic Proof: A SHA-256 commitment hash of the exact anonymized payload is generated and logged to the Midnight blockchain. This provides an immutable, verifiable receipt that only scrubbed data was transmitted.
4. Local De-tokenization: When the AI responds, the browser securely swaps the tokens back to the original plaintext for the user to read.
5. Emergency Local Fallback: If the privacy threat score exceeds a critical threshold, the app automatically blocks the cloud API and reroutes the prompt to a simulated local, on-device AI.

How we built it

• Frontend Core: Built with React and Vite, utilizing a custom "White and Pink" glassmorphism design system in pure CSS.
• Anonymizer Engine: We combined compromise.js for client-side Named Entity Recognition (NER) with custom RegEx dictionaries to catch edge cases, financials, and medical terms.
• Blockchain Integration: We implemented a midnight.js simulator that generates ZK-compatible commitment hashes (SHA-256) of the session nonce, timestamp, and anonymized prompt.
• AI Integration: We integrated the Anthropic API (Claude 3.5 Sonnet) with a strict system prompt forcing the AI to respect and utilize the bracketed tokens without attempting to de-anonymize them.

Challenges we ran into

The biggest challenge was the Natural Language Processing (NLP). Standard NLP libraries struggle to identify names and entities once a string is already partially tokenized with brackets. We had to heavily engineer the anonymizer.js pipeline to run NLP on the raw text first, extract the entities, apply regex tokenization, and then re-map the NLP entities back into the tokenized string using lookbehind assertions.

Accomplishments that we're proud of

We are incredibly proud of the seamless user experience. Privacy tools are often clunky and slow. ZeroPrompt V2 feels exactly like using a premium AI chat app, but with enterprise-grade privacy happening instantly in the background. The "Privacy Shield" panel that visualizes the live anonymization and calculates a "Dark Web Value" for the protected data creates a massive "wow" factor.

What we learned

We learned that client-side NLP is surprisingly capable if heavily optimized. We also learned how to effectively prompt state-of-the-art LLMs to treat tokenized identifiers as opaque concepts, allowing them to provide highly accurate reasoning without needing the raw underlying data.

What's next for ZeroPrompt V2

1. Full Midnight Testnet Integration: Moving from our simulated commitments to deploying the actual Compact smart contract on the Midnight testnet via the Lace wallet extension.
2. Local LLM Integration: Replacing the simulated emergency fallback with a real WebGPU-based local LLM (like Llama 3 8B) running entirely in the browser for ultra-sensitive prompts.
3. Browser Extension: Packaging the anonymizer engine into a Chrome extension that can blindly tokenize text fields on any website.

Built With

• anthropic
• claude
• javascript
• midnight-blockchain
• natural-language-processing
• react
• tailwind-css
• vite