PhantomAgents
Deploy powerful AI agents with privacy built in
Created on 3rd December 2025
•
PhantomAgents
Deploy powerful AI agents with privacy built in
The problem PhantomAgents solves
The Problem It Solves
🚨 The Core Problem: Trust vs. Privacy in AI Agents
Today's AI agents face a fundamental dilemma:
If you make your AI agent's logic public → competitors copy your strategies, your edge disappears
If you keep your AI agent private → nobody trusts it, nobody uses it, it has no value
PhantomAgents solves this with zero-knowledge proofs: your agent's strategies stay completely private, but its actions are publicly verifiable on Starknet.
💼 Real-World Use Cases
1. Private Trading & Investment Signals 📈
The Problem Today:
- Alpha-generating trading bots must reveal their strategies to prove they work
- Once strategies are public, they stop working (front-running, market inefficiency disappears)
- Users don't trust black-box trading signals from unknown sources
- No way to prove a signal came from a legitimate, rule-following agent
How PhantomAgents Solves It:
Agent generates signal: "Buy BTC at $42,000" ↓ ZK Proof proves: "This signal came from an agent with verified track record" ↓ Signal published on-chain with proof ↓ Users can verify authenticity WITHOUT seeing the strategy
Benefits:
- ✅ Traders keep their alpha private
- ✅ Subscribers trust signals are from legitimate agents
- ✅ On-chain proof of historical performance
- ✅ Marketplace for profitable strategies without revealing them
2. Governance Delegation Without Exposure 🗳️
The Problem Today:
- DAO delegates reveal their voting strategies, making them targets for lobbying/bribes
- Voters can't verify delegates actually follow their stated principles
- No accountability without transparency, but transparency creates vulnerability
How PhantomAgents Solves It:
Create a governance agent that votes according to your principles:
Agent config (PRIVATE): - "Vote NO on any proposal spending >$1M without audit" - "Vote YES on proposals with >80% community support" - "Abstain on proposals from addresses in my blacklist" Action (PUBLIC): - Agent votes NO on Proposal #42 - ZK proof confirms: "Vote followed configured rules" - Nobody knows WHICH rules, just that rules were followed
Benefits:
- ✅ Delegates can't be pressured or bribed (strategy unknown)
- ✅ Voters verify agents vote as promised
- ✅ Accountability with privacy
- ✅ Rent trusted delegates without revealing your portfolio
3. Private Prediction Markets 🎯
The Problem Today:
- Prediction market participants reveal their information sources
- Large bets signal insider knowledge, moving markets
- Forecasters can't build reputation without exposing edge
- No way to prove forecasts aren't retroactively changed
How PhantomAgents Solves It:
Agent makes prediction (PRIVATE submission): - "Team X will win championship" (80% confidence) - Prediction committed on-chain as hash After event resolves (PUBLIC verification): - ZK proof reveals prediction was made before event - Proof shows agent followed consistent methodology - Track record updates automatically - Methodology remains secret
Benefits:
- ✅ Build provable forecasting reputation
- ✅ Keep information edge private
- ✅ Predictions can't be altered after the fact
- ✅ Marketplace for skilled forecasters
🌟 Why This Matters: The Bigger Picture
Creates New Markets
PhantomAgents enables marketplaces for intelligence:
- Buy access to winning strategies without seeing them
- Rent governance delegates with proven principles
- Subscribe to research agents with verified track records
- All while keeping the "secret sauce" private
Solves the AI Trust Problem
As AI agents become more powerful:
- How do you trust them? → ZK proofs verify compliance
- How do you prove they're legitimate? → On-chain verification
- How do you monetize without exposing IP? → Private agent marketplace
Enables Privacy-First Automation
For the first time, you can:
- Deploy AI that acts on your behalf
- Verify it follows your rules
- Keep your strategies/data completely private
- Build reputation without exposure
Unlocks Competitive Advantages
Traditional AI agents force you to choose:
- Public & trustworthy BUT easily copied
- Private & valuable BUT untrusted
PhantomAgents gives you both: private AND trustworthy
Challenges we ran into
Challenges I Ran Into
🔥 Challenge 1: Starknet Account Setup & Testnet Funding
The Problem:
Getting a Starknet Sepolia testnet account funded proved to be one of the biggest blockers. Multiple faucets were either down, rate-limited, or required social verification that didn't work reliably. The Starkli CLI tooling also had breaking changes between versions, making account creation confusing.
What I Tried:
- Attempted 4+ different faucets (Vercel, BlastAPI, Alchemy, official Starknet)
- Tried creating accounts via Starkli CLI with
starkli signer fetch
(deprecated command) - Explored using Argent X wallet browser extension
- Joined Discord communities to request testnet ETH manually
The Solution:
Rather than letting deployment issues block the entire hackathon, I pivoted to a hybrid architecture:
- Built a complete mock mode for the backend that simulates all blockchain interactions
- Created realistic transaction hashes, block numbers, and explorer URLs
- Kept all the production-ready Cairo contracts and Noir circuits intact
- Made the system toggleable via a single environment variable (
MOCK_BLOCKCHAIN=true/false
)
This allowed me to focus on the core innovation (private AI agents with ZK proofs) while maintaining a path to production deployment post-hackathon.
⚡ Challenge 2: Zero-Knowledge Circuit Design with Noir
The Problem:
Designing a ZK circuit that could prove agent ownership and action validity without revealing the agent's personality, strategies, or internal logic was conceptually challenging. I needed to balance:
- Privacy (keeping agent config hidden)
- Verifiability (proving actions followed rules)
- Starknet compatibility (using Poseidon hashing)
- Circuit efficiency (minimizing constraints)
The Solution:
After researching Noir's constraint system and studying similar privacy-preserving architectures, I designed a circuit that:
- Takes the agent config as private witness (never revealed)
- Computes a commitment hash (Poseidon-compatible)
- Proves the action output matches allowed capabilities
The key insight was using hash commitments instead of revealing actual data. The circuit proves "this action came from an agent with these capabilities" without showing what those capabilities are.
For the hackathon demo, I implemented deterministic proof generation as a placeholder, with the full Noir + Garaga integration ready for production.
🔐 Challenge 3: Secure API Key Management (BYOK Model)
The Problem:
PhantomAgents uses a "Bring Your Own API Key" model for LLM providers (GroqCloud, Gemini). This meant I needed to:
- Store users' API keys securely (encrypted at rest)
- Never log or expose keys in responses
- Decrypt only when making LLM calls
- Ensure keys aren't leaked in error messages
Initial Mistake:
Early versions stored keys in plaintext in the in-memory database. I realized this was a massive security flaw during testing.
The Solution:
Implemented Fernet symmetric encryption from Python's cryptography library.
This ensures:
- Keys are encrypted immediately when stored
- Only decrypted in-memory right before LLM API calls
- The encryption key itself is stored in environment variables (never in code)
- Even if the database is compromised, keys remain secure
🎯 Challenge 6: Balancing Feature Scope for Hackathon Timeline
The Problem:
PhantomAgents has an ambitious vision:
- AI agent builder with personality customization
- Zero-knowledge proof generation
- Starknet smart contract deployment
- Marketplace with subscriptions
- LLM integration with multiple providers
- Private memory and RAG search
With limited hackathon time, I risked building nothing complete by trying to build everything.
The Solution:
Adopted an MVP-first approach:
- Core Loop First: Agent creation → LLM execution → Proof generation → Blockchain verification
- Mock Where Needed: Use simulated blockchain for demo, real code for production
- Defer Advanced Features: RAG search, private memory, and multi-agent coordination moved to post-hackathon roadmap
- Polish the Demo: Focus on making the core experience flawless rather than having many half-working features
This prioritization meant I could deliver a working end-to-end demo that showcases the key innovation (private AI agents with verifiable actions) while keeping the door open for future expansion.
💡 Key Takeaways
- Testnet infrastructure is unreliable - Always have a local/mock fallback for demos
- Privacy requires careful design - ZK circuits need deep thought about what to reveal vs. hide
- Security can't be an afterthought - Encryption must be baked in from the start
Despite these challenges, PhantomAgents successfully demonstrates a novel approach to private, verifiable AI agents on Starknet with zero-knowledge proofs - exactly what the hackathon's wildcard category was looking for! 🚀
Tracks Applied (8)
Cross-Chain Privacy Solutions
Starknet
Privacy Infrastructure & Developer Tools
Starknet
Privacy Infrastructure & Developer Tools
Electric Coin Company
Cross-Chain Privacy Solutions
Osmosis
Creative Privacy Applications
Fhenix
Cross-Chain Privacy Solutions
Pump Fun
Cross-Chain Privacy Solutions
Helius
Privacy Infrastructure & Developer Tools
Raybot
Cheer Project
Cheering for a project means supporting a project you like with as little as 0.0025 ETH. Right now, you can Cheer using ETH on Arbitrum, Optimism and Base.