Pre-wallet protection for AI agents.
0guard checks agent intent, calldata, policy, and source-linked exploit intelligence before any signer can act. The demo is read-only, evidence-backed, and anchored with a public 0G mainnet receipt proof.
Project banner asset for X and launch posts
- Mainnet contract and anchor tx are public on 0G Chain Scan.
- Proof JSON includes deploy tx, anchor tx, receipt hash, and RPC readback.
- Generated media is archived; canonical evidence is proof, API readback, and code-generated diagrams.
Current Proof State
Live proof API
Production now exposes /api/0g/proof-ladder as the machine-readable Chain, Storage, DA, Compute, and Alignment proof packet. It reports 0G mainnet when requested, but keeps uploads, inference, signing, broadcasts, and node operation disabled.
Open-source-first intelligence
The source registry now tracks 36 rights-aware lanes, and the connector manifest exposes no-network activation candidates plus reviewed CISA KEV, NVD CVE, OFAC SLS, and MITRE ATT&CK context for Web2/Web3 threat awareness. Disabled vendor lanes include ThreatFox, Chainalysis sanctions API/Oracle, TRM Wallet Screening/BLOCKINT, and Google Web Risk. No raw upstream feed is mirrored from public routes.
Production readiness
The service exposes /api/readyz as the promotion gate. It verifies the mainnet receipt contract, proof file, detector coverage, reputation backfill, Pi mesh, storage-node soak, and safety locks, then reports hard gates for live Telegram identity, 0G Storage readback, paid 0G Private Computer smoke, x402 settlement, and storage-node peer depth before any production claim.
Production gap matrix
/api/production/gaps, /api/model/training-roadmap, /api/model/incident-eval-set, /api/reputation/backfill/status, /api/0g/storage-upload/manifest, /api/x402/dry-run/wallet-preflight, and /api/0g/private-computer/smoke-preview classify what is real, local-only, source-ready, or fixture-only, then expose the first deterministic eval/backfill cases, Storage bundle manifest, x402 dry-run, and 0G Private Computer prompt-scrub contract. This keeps Storage uploads, x402 settlement, paid inference, Telegram sends, and node funding claims separated until proof exists.
Reputation shadow cache
/api/reputation/shadow-cache composes reviewed PhishDestroy, CryptoScamDB, and Forta-shaped evidence into a reusable derived snapshot with a 0G-ready cache receipt. It returns hashes, confidence, and verdicts, not raw source payloads.
Professional repo posture
The repository now uses Apache-2.0, includes NOTICE, documents source and generated-media boundaries, and keeps public media inventory explicit through docs/hackathon-0g/assets/README.md.
Media archive
Submitted media stays available for continuity, but the front-door proof is now the 0G mainnet transaction, the proof JSON, and the API/readiness readbacks.
Submission Links
Repository
Source code, tests, docs, and reproducible demo builder.
Public demo page
Judge-facing project landing page on GitHub Pages.
Form fields
Copy-ready HackQuest fields and proof URLs.
Threat passport
Intent, verdict, receipt hash, provenance, and 0G proof drill.
Readiness checklist
Final audit commands and current submitted state.
Social execution status
Submitted-state readback, prepared post drafts, and X cleanup safety notes.
Asset registry
Public media inventory, archive labels, and rules for any replacement assets.
Required X post
Public post with required 0G/HackQuest tags and media.
0G Mainnet Anchor
Live proof ready
- Contract:
0xBaC59b1571b7c7195915c5B36D8A719Ed7182abc - Anchored receipt:
0x9739dbd4afb6ab21f15ccb634b49dabc9144550ef06d346cb4e7cd363e74afd1 - Anchor transaction: chainscan.0g.ai transaction
- RPC readback:
status=0x1,to=0xbac59...2abc, event topic matches the anchored receipt.
What is intentionally not claimed
The browser workbench does not hold keys, sign, broadcast, bridge, swap, settle x402 payments, launch Virtuals agents, place Lighter orders, take exchange account actions, or send Telegram/X messages.
Current product map
The live API now exposes /api/product/brief for a plain-English system map, /api/readyz for production readiness, /api/production/gaps for real-vs-local-vs-mock claims, /api/model/training-roadmap and /api/model/incident-eval-set for the eval-first model plan, /api/threat-case-file for a composed proof dossier, /api/reputation/shadow-cache for derived reputation snapshots, and /api/experiments/frontier for safe next-integration previews. These routes preserve the same no-sign, no-send, no-upload, no-money-movement, no-raw-payload boundary.
Safety Boundary
0guard is useful because it is honest: the app performs live read-only 0G checks, prepares deterministic receipt and Storage-ready proof payloads, and blocks risky pre-wallet flows. External sends and money movement remain outside the workbench and require separate operator confirmation.