Ghost Protocol

The cryptographic system that enables assets and data to leave the blockchain entirely.

Ghost Protocol is a one-way cryptographic system built around commit-once, reveal-once primitives. It allows data or value to be committed on-chain, removed from live state, and later revealed exactly once or never.

The Commit–Reveal Lifecycle

Commit

A cryptographic commitment is recorded on-chain. The commitment hides all underlying data and cannot be reversed or altered.

Off-Chain State

The secrets required to reveal the commitment exist entirely off-chain as a Phantom Key. The blockchain cannot observe, query, or recover this state.

Reveal

A zero-knowledge proof demonstrates valid ownership of the commitment and triggers a one-time reveal. The proof reveals no secrets beyond what is strictly required.

Terminal State

After reveal, the commitment is permanently invalidated. It cannot be reused, replayed, or revealed again.

On-Chain vs Off-Chain

On-Chain

  • Commitments and nullifiers exist permanently
  • Protocol uses these records to enforce correctness

Off-Chain

  • Secrets never exist on-chain and cannot be recovered
  • After reveal, secrets are useless and can be deleted
  • If lost before reveal, commitments are dead forever

Protocol Guarantees

Commit-Once Finality

Commitments are immutable. Once recorded, they cannot be modified or replaced.

Reveal-Once Enforcement

Each commitment can be revealed exactly once. Double-spends and replay are cryptographically impossible.

Non-Existence Privacy

Privacy is achieved by removing live on-chain state. There are no balances, accounts, or histories to analyze.

Zero-Knowledge Unlinkability

Zero-knowledge proofs prevent linking committers to reveal recipients at the protocol level.

Intentional Design Decisions

Abandoned Commitments Are Permanent

If the Phantom Key is lost, the commitment cannot be recovered. There are no admin keys or recovery paths.

Reveal Is Final

Once revealed, a commitment enters a terminal state. This prevents replay and double-use by design.

Off-Chain Responsibility

Security shifts to the bearer. Users are responsible for key storage, backup, and access control.

Built for Correctness

Commitments use SNARK-friendly hash functions such as Poseidon. Validity is enforced via zero-knowledge proofs. The protocol is deterministic and auditable.

Correctness matters more than convenience.

Ghost Protocol is not an obfuscation layer.
It is not a mixer.
It does not rely on hiding activity in large sets.

It enables crypto and data to exist off-chain, and to return only under strict, one-time conditions.