A private AI firewall for DeFi agents on Midnight.

Kaelix lets AI trading agents prove they followed a user's private DeFi risk rules without revealing wallet balances, transaction history, portfolio allocation, or proprietary strategy.

AI agents are beginning to control real capital in DeFi. Users need guardrails, but proving those guardrails were followed should not require publishing balances, thresholds, trade history, or alpha.

Kaelix puts a private verification layer between an AI DeFi agent and a proposed trade. The user keeps a private risk policy locally. The agent proposes a trade. The guard checks the action privately. If it fails, the action is blocked before anything is published. If it passes, the app submits a public Midnight attestation containing only a commitment, policy ID, decision, attester, and revocation status.

Private rules. Public proof.

Midnight is the core of the project, not decoration. Kaelix uses the parts of the current Midnight stack that matter for a privacy-preserving DeFi agent guard:

• Compact smart contract source and compiler output for a public attestation ledger.
• Explicit disclosure in Compact so public map keys and public attestation state are intentional.
• Midnight.js contract deployment and call interfaces.
• Midnight DApp Connector API for Lace wallet connection.
• Proof server, indexer, wallet SDK, and preprod/undeployed network configuration.

References used:

• Midnight documentation
• Midnight DApp connector API
• Midnight JS API
• deployContract API
• Compact language
• Compact compiler usage
• Ledger data types
• Install the Midnight toolchain
• Next.js wallet connector guide
• Proof server guide

Kaelix is deployed on the Midnight local undeployed network for the hackathon demo.

• Contract address: 374ab07d51e691553ad0102a63cefd5ac2a94f64bb3bff100f45f78fa1576cf1
• Node: http://127.0.0.1:9944
• Indexer: http://127.0.0.1:8088/api/v3/graphql
• Proof server: http://127.0.0.1:6300
• Local deployer wallet: funded with NIGHT and DUST

The app tries the configured Midnight contract path first. If the Next.js runtime cannot load the Midnight SDK native LevelDB module, API routes fall back to the in-memory Midnight-compatible attestation store instead of breaking the demo. The Compact contract source, compiled artifacts, local deployment, and public contract address remain included.

• AI agents can take DeFi actions faster than humans can review them.
• Existing transparency models often require exposing sensitive strategy data.
• Funds, DAO treasuries, lenders, and copy-trading platforms need verifiable controls without leaking alpha.

Kaelix verifies the agent's action against hidden risk limits, then publishes a privacy-preserving attestation that the action complied with the policy.

Demo policy:

• Max high-risk token exposure: 10%
• Max leverage: 2x
• Minimum stablecoin reserve: 25%
• Max single trade size: 15%
• Max drawdown allowed: 12%

Demo flow:

1. Agent proposes: Swap 3,000 USDC into TOKEN-X.
2. Guard blocks it because high-risk exposure would become 14%.
3. Agent revises: Swap 1,500 USDC into TOKEN-X.
4. Guard approves it because all private checks pass.
5. App generates a fresh salted commitment.
6. App submits a Midnight attestation in real mode or local fallback mode.
7. Public verifier confirms compliance without seeing policy internals.

flowchart LR
  User[User private policy] --> Guard[Private guard engine]
  Agent[AI agent proposal] --> Guard
  Guard -->|Blocked| PrivateBlock[No public state]
  Guard -->|Approved| Commit[Hash policy + action + decision + salt]
  Commit --> Midnight[KaelixGuard Compact contract]
  Midnight --> Verifier[Public verifier]

• Next.js App Router
• TypeScript
• Tailwind CSS
• shadcn-style UI primitives
• lucide-react icons
• Framer Motion
• Vitest and Testing Library
• Compact 0.23.0 contract source compiled with Compact compiler 0.31.0
• Midnight.js 4.0.x contract, proof, indexer, network, and provider packages
• Midnight DApp Connector API 4.0.1
• Wallet SDK packages for preprod deployment scripts

Contract: contracts/KaelixGuard.compact

Core circuits:

• submitAttestation(commitment, policyId, decision)
• verifyAttestation(commitment)
• revokeAttestation(commitment)

Rules:

• Existing commitments cannot be overwritten.
• Decision must be BLOCKED or APPROVED.
• Only the original attester can revoke.
• Public state never stores wallet balances, thresholds, trade history, AI reasoning, or salt.

npm install
npm run dev:node22 -- --hostname 127.0.0.1 --port 3002

Open http://127.0.0.1:3002.

Useful commands:

npm run compile:midnight
npm test
npm run typecheck
npm run lint
npm run build

Copy .env.example to .env.local.

NEXT_PUBLIC_MIDNIGHT_NETWORK=undeployed
NEXT_PUBLIC_MIDNIGHT_CONTRACT_ADDRESS=374ab07d51e691553ad0102a63cefd5ac2a94f64bb3bff100f45f78fa1576cf1
MIDNIGHT_NETWORK=undeployed
MIDNIGHT_WALLET_SEED=
MIDNIGHT_ATTESTER_KEY_HEX=
MIDNIGHT_PRIVATE_STATE_PASSWORD=replace-with-a-strong-local-password
MIDNIGHT_NODE_URL=http://127.0.0.1:9944
MIDNIGHT_INDEXER_URL=http://127.0.0.1:8088/api/v3/graphql
MIDNIGHT_INDEXER_WS_URL=ws://127.0.0.1:8088/api/v3/graphql/ws
MIDNIGHT_PROOF_SERVER_URL=http://127.0.0.1:6300

Kaelix does not need paid LLM API keys for the core demo. The core demo is deterministic so judges can run it without external AI services.

For real Midnight Preprod mode, you need:

1. Midnight Lace wallet extension

   • Install Lace from Chrome Web Store.
   • Open Lace, create or restore a wallet.
   • Enable Midnight/preprod support in the wallet settings.
   • In the app, click Connect Midnight Wallet.

2. Compact toolchain

   • Install:

     curl --proto '=https' --tlsv1.2 -LsSf https://github.com/midnightntwrk/compact/releases/latest/download/compact-installer.sh | sh
     compact update

   • Verify:

     compact --version
     compact compile --version

3. Proof server

   • Start Docker Desktop.
   • Run:

     npm run start-proof-server

   • Set Lace Midnight proof server to Local (http://localhost:6300).

4. Preprod wallet seed

   • For script-based deployment, set MIDNIGHT_WALLET_SEED.
   • You can let npm run deploy:midnight generate a dev seed, then save it in .env.local.
   • Do not commit this value.

5. Preprod tNight funds

   • Run npm run deploy:midnight.
   • Copy the wallet address printed by the script.
   • Use the Midnight Preprod faucet shown by the script if the balance is zero.

6. DUST

   • DUST is required to pay Midnight transaction fees.
   • After funding the wallet, register funded UTXOs for DUST in Lace or wallet tooling.
   • Re-run npm run deploy:midnight.

7. Contract address

   • After deployment, copy contractAddress from deployment.local.json.
   • Put it in .env.local as NEXT_PUBLIC_MIDNIGHT_CONTRACT_ADDRESS.
   • Restart the dev server.

8. Private state password

   • Set MIDNIGHT_PRIVATE_STATE_PASSWORD to a strong local password.
   • This protects local Midnight private state storage.

No OpenAI, Anthropic, Gemini, Pinecone, Supabase, or hosted database API key is required for the core hackathon demo.

Local undeployed deployment:

git clone https://github.com/midnightntwrk/midnight-local-dev.git ../midnight-local-dev
cd ../midnight-local-dev
npm install
docker compose -f standalone.yml up -d
cd ../proofalpha-guard
npm run compile:midnight
npx -y -p node@22 -p tsx node --import tsx scripts/midnight/deploy.ts

Preprod deployment:

npm run compile:midnight
npm run start-proof-server
npm run deploy:midnight

Runtime caveat: the Midnight SDK deployment and server-side transaction path currently require Node 20-22. The demo app is run with Node 22.22.3. Preprod faucet funding was attempted, but the faucet returned backend transaction submission errors during the final submission window, so the shipped contract address is from the official local Midnight network.

• Landing page: Private AI Guardrails for DeFi Agents
• Simulation page: editable policy/proposal and real guard decision
• Verifier page: commitment lookup with zero private fields revealed

• Technology: Uses Compact, Midnight.js, DApp connector, proof server, wallet SDK, typed policy evaluation, and cryptographic commitments.
• Originality: Focuses on private AI DeFi risk controls, not generic voting, KYC, or portfolio tracking.
• Execution: Polished monochrome UI with editable live flow and deterministic fallback.
• Completion: Includes app routes, reusable components, tests, contract source, compile/deploy scripts, README, env example, and demo script.
• Documentation: Explains architecture, privacy model, contract behavior, local setup, Midnight deployment, and keys.
• Business Value: Useful for funds, DAO treasuries, lending protocols, copy-trading products, and agent platforms.

See docs/demo-script.md.

• Live browser-side contract calls using wallet-balanced transactions where the generated call flow supports it.
• Protocol adapters for lending, swaps, leverage, and treasury execution.
• Batch attestations for autonomous agent sessions.
• Revocation indexer and institution-grade audit exports.
• Optional LLM rationale generation with deterministic fallback retained.

amar.kushwaha.dev@gmail.com

MIT