0G APAC Hackathon Proof Packet

Pre-wallet protection for AI agents.

0guard checks agent intent, calldata, policy, and source-linked exploit intelligence before any signer can act. The demo is read-only, evidence-backed, and anchored with a public 0G mainnet receipt proof.

0guard social banner preview Project banner asset for X and launch posts
0guard proof architecture diagram
  • Mainnet contract and anchor tx are public on 0G Chain Scan.
  • Proof JSON includes deploy tx, anchor tx, receipt hash, and RPC readback.
  • Generated media is archived; canonical evidence is proof, API readback, and code-generated diagrams.
0G mainnet proof first No signing. No broadcasts.

Current Proof State

28/28 April 2026 incidents source-linked
28/28 incident-derived patterns matched by detectors
0 open detector gaps after Quant EIP-7702 promotion
1.0 signature and detection coverage ratio
Chain Live mainnet receipt anchor is linked below with a public transaction readback.
Storage Storage-ready packet is deterministic: receipt hash, evidence root, source ids, and dataset fingerprint.
DA Evidence bundle is shaped for verifier availability without claiming a live DA write.
Compute Inference and scoring adapters stay preview-only until live compute credentials are reviewed.
Alignment Policy receipts are verifier-ready, but no AI Alignment Node is claimed as operated.

Live proof API

Production now exposes /api/0g/proof-ladder as the machine-readable Chain, Storage, DA, Compute, and Alignment proof packet. It reports 0G mainnet when requested, but keeps uploads, inference, signing, broadcasts, and node operation disabled.

Open-source-first intelligence

The source registry now tracks 36 rights-aware lanes, and the connector manifest exposes no-network activation candidates plus reviewed CISA KEV, NVD CVE, OFAC SLS, and MITRE ATT&CK context for Web2/Web3 threat awareness. Disabled vendor lanes include ThreatFox, Chainalysis sanctions API/Oracle, TRM Wallet Screening/BLOCKINT, and Google Web Risk. No raw upstream feed is mirrored from public routes.

Production readiness

The service exposes /api/readyz as the promotion gate. It verifies the mainnet receipt contract, proof file, detector coverage, reputation backfill, Pi mesh, storage-node soak, and safety locks, then reports hard gates for live Telegram identity, 0G Storage readback, paid 0G Private Computer smoke, x402 settlement, and storage-node peer depth before any production claim.

Production gap matrix

/api/production/gaps, /api/model/training-roadmap, /api/model/incident-eval-set, /api/reputation/backfill/status, /api/0g/storage-upload/manifest, /api/x402/dry-run/wallet-preflight, and /api/0g/private-computer/smoke-preview classify what is real, local-only, source-ready, or fixture-only, then expose the first deterministic eval/backfill cases, Storage bundle manifest, x402 dry-run, and 0G Private Computer prompt-scrub contract. This keeps Storage uploads, x402 settlement, paid inference, Telegram sends, and node funding claims separated until proof exists.

Reputation shadow cache

/api/reputation/shadow-cache composes reviewed PhishDestroy, CryptoScamDB, and Forta-shaped evidence into a reusable derived snapshot with a 0G-ready cache receipt. It returns hashes, confidence, and verdicts, not raw source payloads.

Professional repo posture

The repository now uses Apache-2.0, includes NOTICE, documents source and generated-media boundaries, and keeps public media inventory explicit through docs/hackathon-0g/assets/README.md.

Media archive

Submitted media stays available for continuity, but the front-door proof is now the 0G mainnet transaction, the proof JSON, and the API/readiness readbacks.

Submission Links

0G Mainnet Anchor

Live proof ready

  • Contract: 0xBaC59b1571b7c7195915c5B36D8A719Ed7182abc
  • Anchored receipt: 0x9739dbd4afb6ab21f15ccb634b49dabc9144550ef06d346cb4e7cd363e74afd1
  • Anchor transaction: chainscan.0g.ai transaction
  • RPC readback: status=0x1, to=0xbac59...2abc, event topic matches the anchored receipt.

What is intentionally not claimed

The browser workbench does not hold keys, sign, broadcast, bridge, swap, settle x402 payments, launch Virtuals agents, place Lighter orders, take exchange account actions, or send Telegram/X messages.

Current product map

The live API now exposes /api/product/brief for a plain-English system map, /api/readyz for production readiness, /api/production/gaps for real-vs-local-vs-mock claims, /api/model/training-roadmap and /api/model/incident-eval-set for the eval-first model plan, /api/threat-case-file for a composed proof dossier, /api/reputation/shadow-cache for derived reputation snapshots, and /api/experiments/frontier for safe next-integration previews. These routes preserve the same no-sign, no-send, no-upload, no-money-movement, no-raw-payload boundary.

Safety Boundary

0guard is useful because it is honest: the app performs live read-only 0G checks, prepares deterministic receipt and Storage-ready proof payloads, and blocks risky pre-wallet flows. External sends and money movement remain outside the workbench and require separate operator confirmation.