Protocol vs Application Layer

One of the most important architectural decisions in Ghost Protocol is the clean separation between the protocol layer (infrastructure that anyone can build on) and the application layer (products that people actually use). This is not just good engineering — it is what makes Specter an ecosystem rather than a single product.

The Protocol Layer: Infrastructure

The protocol layer consists of three core vaults and a policy system. These are the building blocks — general-purpose, composable, and designed to be used by any application.

CommitRevealVault

The foundation. Accepts token deposits, stores commitments in the Poseidon Merkle tree, and processes zero-knowledge proof-verified withdrawals. This is the engine behind private token transfers. It handles minting, burning, nullifier tracking, and root history — all the low-level plumbing that makes private tokens work.

Any developer can build on top of CommitRevealVault. It does not care what your application looks like or what your user experience is. It just provides a guarantee: tokens go in privately, and tokens come out privately, with a ZK proof linking the two that reveals nothing about who, what, or when.

OpenGhostVault

The same commit/reveal primitive, but for arbitrary data instead of tokens. Any data that can be represented as a hash can be committed, stored privately, and revealed selectively. The vault uses Poseidon4 commitments (four inputs) to capture the data fields.

OpenGhostVault is what makes Ghost Protocol general-purpose. Without it, Specter would be just another privacy coin. With it, Specter is a privacy platform.

PersistentKeyVault

Manages persistent Phantom Keys — reusable credentials that can be verified repeatedly without being consumed. Handles key creation, access verification (via the Access Proof circuit), and explicit revocation.

This vault turns Ghost Protocol from a transactional privacy system into a credential system. It is the infrastructure layer for subscriptions, licenses, memberships, and any other use case where ongoing access matters.

Policy System

A modular framework for attaching enforceable rules to commitments. Policies are smart contracts that implement a standard interface, and they are cryptographically bound to commitments via Poseidon7 hashing. The system is extensible — anyone can write and deploy new policy contracts.

The Application Layer: Products

Applications are what users interact with. They are built on top of the protocol layer, and they define the user experience, the business logic, and the specific use case. Here are the applications that ship with Specter:

Vanish and Summon

The flagship privacy application. Vanish commits tokens into the CommitRevealVault, burning them from your address and giving you a Phantom Key. Summon uses a ZK proof to mint those tokens to any recipient address. The result: a private transfer with no on-chain link between sender and receiver.

Revels

Private data sharing built on OpenGhostVault. A Revel is a piece of data — a message, a document hash, a secret, anything — committed privately and revealed selectively. Use cases range from encrypted messaging to sealed-bid auctions to private attestations.

Stealth Addresses

A system for receiving tokens at one-time addresses that cannot be linked back to your main identity. The sender generates a unique address for each transfer, and only the recipient can detect and claim the funds. This solves the "public address" problem — you can share a single stealth meta-address, and every payment you receive arrives at a different, unlinkable address.

Dead Man's Switch

A time-based contingency system. You commit tokens or data with a condition: if you do not check in before a deadline, the commitment automatically becomes claimable by a designated beneficiary. Use cases include inheritance planning, emergency access to shared accounts, and fail-safe mechanisms for critical data.

NFC Cards

Physical cards (NTAG 424 DNA) that store Phantom Keys in tamper-resistant hardware. Tap a card to a reader to transmit a credential. This bridges the gap between digital privacy and the physical world — access cards, gift cards, loyalty programs, and collectible items that carry real cryptographic credentials.

Bridge

The Hyperlane-powered bridge that connects Specter to Ethereum, Base, and Arbitrum. Tokens locked on source chains become g-tokens on Specter, and those g-tokens work with every Ghost Protocol application.

Why This Separation Matters

The protocol/application split means that Ghost Protocol is not a closed system. Specter ships with a set of applications, but anyone can build new ones. A developer who wants to create a private voting system, a confidential NFT marketplace, a sealed-bid auction house, or something we have not thought of yet — they can build it on top of the same CommitRevealVault, OpenGhostVault, and PersistentKeyVault infrastructure.

The protocol layer provides the privacy guarantees. The application layer decides what to do with them. This is how ecosystems grow: by making the infrastructure open and letting creativity happen on top.

The Protocol Layer: Infrastructure​

CommitRevealVault​

OpenGhostVault​

PersistentKeyVault​

Policy System​

The Application Layer: Products​

Vanish and Summon​

Revels​

Stealth Addresses​

Dead Man's Switch​

NFC Cards​

Bridge​

Why This Separation Matters​