ZeroEyes+: Private Money Market: Vault of Confidential Capital

Problem Statement
Decentralized lending protocols today expose sensitive borrower data (collateral amounts, credit metrics) on-chain, creating privacy risks and disincentivizing participation. At the same time, real-time risk assessment and dynamic interest-rate adjustments are hindered by oracle latency and lack of verifiable proofs, leading to delayed liquidations or inaccurate collateralization. These issues primarily affect borrowers, lenders, and protocol designers seeking efficient, private, and trustless borrowing/lending experiences.


Solution Overview
ZeroEyes+ Private Money Market delivers a privacy-first, AI-driven lending framework on Layer 2 that combines zkSNARK-based risk scoring, Pyth Network’s sub-second price feeds, and Alith’s MPC co-agent automation—all accessed via gasless EIP-7702 meta-transactions. By encrypting borrower data client-side, running quantized AI models off-chain, generating succinct zero-knowledge proofs, and verifying them on Hyperion L2 in under one second, the protocol enables instantaneous collateral updates, dynamic interest rates, and secure liquidations without ever revealing raw borrower information.

This approach is uniquely innovative because it merges advanced zkML techniques, high-frequency oracles, and autonomous MPC execution—creating a next-generation money market that is both private and provably correct.


Project Description
ZeroEyes+ Private Money Market is architected as a modular Layer 2 protocol built on Hyperion (Metis L2). Users begin by encrypting their collateral and off-chain credit metrics (e.g., on-chain holdings and encrypted third-party credit scores) via AES-256 and submitting them through an EIP-7702 meta-transaction, which sponsors gas costs for a seamless UX.

The protocol’s AI Guard network, comprised of permissioned nodes, retrieves Pyth’s real-time price and volatility feeds (updated every ~400 ms) and decrypts submitted data to run quantized risk models—such as Ridge Regression for creditworthiness and a Q-Learning agent for dynamic rate recommendations. Each inference generates a succinct Halo2 zkSNARK proof (< 12 KB) attesting to the correct execution of the model against committed weights and real-time oracle inputs.

The Hyperion L2 verifier smart contract checks these proofs in under one second, immediately updating each user’s collateral factor (LTV ratio) and interest rate in the protocol’s on-chain state. If a borrower’s risk score crosses a predefined threshold, ZeroEyes+ emits a “liquidation” event that Alith’s MPC co-agent network automatically co-signs and executes a decentralized liquidation transaction—ensuring immediate, trustless action without centralized intervention. Borrowers benefit from privacy by default, lenders enjoy real-time collateral security, and protocol designers gain a fully upgradable framework: model hashes and verifying keys can be replaced via on-chain governance without redeploying core contracts.

This synergetic combination of zkML, high-frequency oracles, and MPC automation excites us because it demonstrates a viable path to truly private, low-latency, and provably secure DeFi money markets—paving the way for broader financial on-chain innovations.

Before vs. ZeroEyes+ Private Money Market

Metric Traditional DeFi Lend/Borrow ZeroEyes+ Private Money Market
Privacy Collateral and credit data fully public on-chain AES-encrypted until zkSNARK proof verifies correctness
Oracle Latency 1–3 second batched price updates Sub-second Pyth real-time feeds (~400 ms per update)
Risk Proofs None (off-chain risk engines) zkSNARK-attested on-chain proofs (<12 KB, <1 s verify)
Collateral Safety Manual or delayed liquidations Automated via MPC co-agent in <1 s on threshold breach
Gas Costs High L1 fees + on-chain oracle fees L2 gas (~0.00024 ETH) + batched batch-verified proofs

Community Engagement Features

Task Points Description
Encrypted Borrow Request 20 pts Submit a private borrowing transaction (AES-encrypted collateral + meta-tx)
Latency Benchmark 30 pts Measure end-to-end time (meta-tx → proof verify → state update) and submit results
Model Tuning Proposal 40 pts Suggest improvements to quantized risk model parameters or offer new feature-engineering ideas
zk Circuit Security Audit 50 pts Identify potential edge-cases or inefficiencies in the zk circuit constraints
Alith Automation Demo 60 pts Build and share a sample front-end or script demonstrating a liquidity trigger via Alith
  • Points System & Rewards:
    • Each task earns “XP” points redeemable for gas credits, early access to private testnets, and “ZeroEyes Guardian” badges (soulbound NFTs) that confer governance weight.
    • Weekly leaderboard rankings foster friendly competition.
  • Gamification & On-Boarding:
    • Completed tasks unlock incremental badges (e.g., “Latency Learner,” “Model Master”), encouraging deeper engagement and knowledge sharing.
    • Clear, step-by-step tutorials (e.g., “Encrypt → Borrow → Verify”) guide newcomers, rewarding them with points at each milestone to flatten the learning curve.
  • Community-Driven Improvement:
    • Top contributors are invited to quarterly “zkRisk Sprints,” working directly with the core team on circuit optimizations or new model integrations, further aligning the protocol’s evolution with user feedback.

Getting Involved

  • **GitHub & Documentation (https://github.com/ZeroEyesPlus not yet!) for smart contracts, zkSNARK circuits, AI Guard code, and SDK examples.
  • Community Link: Join the ZeroEyes+ Telegram community at https://t.me/+e1iLoIURqK84NzRl for real-time discussion, issue reporting, and collaboration.
  • Discord: Participate in the #zeroeyes-plus channel on the HyperHack Discord server to ask questions, coordinate bounties, or share demos.
  • Bounties & Grants: Contribute new quantized risk models, optimize zk proof size, build Alith MPC workflows, or develop front-end integrations to earn token grants and governance tokens.

Co-Founder Team : @Alice_Waldolf

18 Likes

hello @dokajuno , I have few questions to ask :-

  1. How does ZeroEyes+ prevent inference-time data leakage when the AI Guard network decrypts borrower data off-chain? Is there any secure enclave or TEEs involved alongside zkML?
  2. Can borrowers preview their estimated LTV or interest rate before submitting their encrypted data? Or is scoring strictly post-submission?
6 Likes

Thank you for the detailed overview of the ZeroEyes+ Private Money Market. It’s a very innovative approach to tackling privacy and efficiency in DeFi lending. I’ve gone through the proposal and have a couple of questions to better understand some specific mechanics:

  • Regarding the AI Guard Network: The proposal states the permissioned “AI Guard network
 decrypts submitted data to run quantized risk models.” Could you elaborate on the trust assumptions for these permissioned nodes? Specifically, how is borrower privacy protected from these AI Guard nodes themselves once they decrypt the data, and what mechanisms prevent potential collusion or data misuse by these nodes?

  • Concerning AI Model Governance and Evolution: While on-chain governance can update model hashes and verifying keys, how will the community effectively validate and ensure the safety, fairness (e.g., bias mitigation), and improved performance of new or updated quantized AI models, especially given their complexity and the specialized knowledge required for zkML?"

5 Likes
  • How do you ensure the integrity and trustworthiness of the AI Guard network nodes, given their role in decrypting and scoring sensitive borrower data?
  • Could the modular design allow ZeroEyes+ to support cross-chain collateral or risk assessments in the future, expanding beyond Hyperion?
2 Likes
  • Contribute new quantized risk models, optimize zk proof size, build Alith MPC workflows, or develop front-end integrations to earn token grants and governance tokens??
3 Likes

Hey Priyankg3, thank you for your questions,

1. Inference-Time Data Leakage Protection
ZeroEyes+ ensures that borrower data is decrypted only inside a locked-down, ephemeral environment—either a secure VM or an optional TEE (e.g., Intel SGX). As soon as the AES-256 ciphertext is decrypted in RAM, the quantized model runs and immediately wipes any plaintext. A Halo2 zkSNARK proof is then generated to attest that the model executed correctly on the exact inputs, without ever revealing raw data. In practice, this combination of in-memory decryption, optional enclave isolation, and zero-knowledge proof means no human or external system ever sees borrower information in cleartext.

2. Previewing LTV/Interest Before Submission
Borrowers can get a reliable estimate without exposing private data in two ways:

  • Local SDK Simulation: The same quantized risk model runs in the browser or a trusted client, fetching live Pyth feeds to display an instant LTV/interest preview—100 % off-chain.
  • On-Chain “Blind Preview”: Users submit a one-time encrypted dummy payload; AI Guards generate a zkSNARK proof of the resulting score, which the contract verifies without changing state. That proof-backed preview matches exactly what a live submission would produce, so borrowers see their final numbers before committing real data.
2 Likes

Hello Han, Good questions bro,

1. Ensuring AI Guard Integrity
We’ve built several layers of trust around AI Guard nodes so you can be confident your data stays safe and scores stay honest:

  • Stake & Slash: Every node must lock up METIS collateral. If a node submits an invalid zkSNARK proof or tries to peek at borrower data outside the approved enclave/MPC flow, it automatically loses part (or all) of its stake.
  • Open & Attested Code: The inference software—including decryption routines, model weights, and zk circuit logic—is fully open source. Nodes run this code inside a hardware enclave (like Intel SGX or AWS Nitro) or via MPC splits. Anyone can verify the enclave attestation report or check the on-chain hash to confirm they’re running the genuine, unmodified binary.
  • Reputation & Governance: Proof submission times, uptime, and any slashing events are logged on-chain. If a node consistently underperforms or behaves suspiciously, the DAO can vote to remove it from the network. This keeps the guard pool lean, performant, and trustworthy.

2. Modular Design & Future Cross-Chain Support
ZeroEyes+ was designed from day one to “plug and play” with any EVM-compatible chain or oracle feed:

  • Oracle Abstraction: Today we use Pyth on Hyperion, but our risk circuits accept any chain’s price or volatility feed (Chainlink, Wormhole, etc.)—as long as it can provide an on-chain proof. So adding new markets (e.g., Ethereum L1 or another L2) is as simple as pointing to that chain’s feed contract.
  • Interoperable AI Guards: Since AI Guards only need encrypted collateral snapshots and a verifiable price proof, they can score positions from multiple chains in parallel. All that’s required is a Merkle-proof or similar attestation for each chain’s state.
  • Alith MPC Bridging: Alith’s co-agent network already supports cross-chain MPC signing. That means liquidation or collateral-top-up triggers can fire on Hyperion and automatically execute on Ethereum L1 (or any other L2), giving you a truly seamless, multi-chain risk engine.

If you have more questions, let me know!!

2 Likes

Hey amadeep, appreciated your questions,

1. Trust & Privacy in the AI Guard Network
AI Guard nodes are permissioned and must stake METIS as collateral. They run your AES-encrypted data inside a hardware enclave (e.g., SGX/Nitro) or an MPC-split environment, so plaintext only lives briefly in protected RAM. If a node ever tries to exfiltrate data or submits an invalid zkSNARK proof, its stake is automatically slashed. On-chain logs track proof submissions, latencies, and any slashing. If any node misbehaves—or even just underperforms—the DAO can vote to remove it. In practice, this means borrower data is decrypted only in a locked-down enclave/MPC, used instantly for scoring, and then wiped—so even the node operator never sees it in the clear.

2. AI Model Governance & Evolution
Whenever the community proposes a new quantized model (or tweaks an existing one), we follow a phased validation process. First, model contributors publish their training code, datasets (or synthetic benchmarks), and fairness-audit results off-chain so anyone can reproduce performance metrics and bias tests. A small committee of zkML specialists then runs the proposed weights through a standardized test suite—checking accuracy, latency, and edge-case behavior. Only after passing these checks does the DAO vote to update the on-chain model hash and verifying key. That way, each upgrade is transparently vetted for safety, fairness, and improved performance before it ever touches real borrowers.

2 Likes

Hi Tobey06, let’s give the examples on how community contributions translate into token grants and governance weight:

1. New Quantized Risk Models
Submit a trained, quantized model that outperforms our baseline (e.g., higher accuracy or lower latency). If it passes our accuracy, fairness, and performance checks, you receive a token grant based on improvement (e.g., 10–20 % gain → 1,000 ZYG) plus 500 governance tokens.

2. zkProof Optimizations
Propose circuit improvements that reduce proof size (<10 KB) or verification time (<800 ms). Each verified optimization earns 0.05 ETH worth of ZYG and 300 governance tokens. Major enhancements (e.g., halving gas costs) unlock bonus grants.

3. Alith MPC Workflow Development
Build a working Alith MPC integration (e.g., co-signed liquidations in <2 s). A functional, audited module earns 1,500 ZYG and 1 000 governance tokens; if it also cuts latency or gas by ≄25 %, you get an extra performance bonus.

4. Front-End Integrations
Create a user-friendly UI/UX for encryption, previews, and live submissions using our SDK. A QA-approved front-end earns 800 ZYG and 400 governance tokens; adding standout features (real-time risk charts, seamless wallet onboarding) grants a UX bonus.

Remark: The token amounts of ZYG are just examples for illustration.!!!

2 Likes

Thanks for the detailed explanation! Really appreciate the transparency and security focus. Quick question: How do you handle potential delays in cross-chain data verification to keep things smooth and real-time?

2 Likes

well, for the cross-chain data, we will do as follows:

  • Local Caching & Pre-Fetching: AI Guards maintain a rolling cache of cross-chain proofs (e.g., Pyth or Chainlink), so they rarely wait for fresh data during scoring—new updates stream in as soon as they land.
  • Optimistic Window: We can accept proofs up to one block old (≈10–15 s on Ethereum) for near-real-time risk. If a proof is slightly delayed, we use the previous tick plus a small volatility buffer to avoid pauses.
  • Parallel Listeners: Alith’s MPC relayers subscribe to multiple chains simultaneously. As soon as any chain finalizes an update, we aggregate and push it to Hyperion—limiting delay to the slowest chain finality (≈10–15 s) but often below 5 s.
3 Likes

Thank you for the detailed explanation this hybrid approach to cross-chain data handling is both practical and impressive. Combining local caching, an optimistic timing buffer, and parallel listeners via Alith’s MPC relayers clearly shows deep consideration for both latency and reliability. It’s great to see such a well-engineered solution that balances performance with trust assumptions. Looking forward to seeing it in action!

2 Likes

Thank you for the support !!!

3 Likes