Skip to main content

Applications & Use Cases

Ghost Protocol is a general-purpose privacy primitive. That's an abstract statement, so let's make it concrete. Here's what people actually do with it — and what you could build next.

1. Private Value Transfer (Vanish/Summon)

The story: You want to pay for coffee without broadcasting your salary to the world. On a transparent blockchain, every transaction is a public announcement — your balance, your spending habits, your counterparties. Ghost Protocol's Vanish/Summon flow changes that.

How it works: A sender vanishes tokens into the CommitRevealVault, creating a cryptographic commitment. The recipient receives a secret (off-chain), then summons the tokens by proving knowledge of that secret via a zero-knowledge proof. The chain verifies the proof, confirms the nullifier hasn't been used, and releases the funds.

What's private: The link between sender and recipient is broken. An observer sees a deposit and a withdrawal, but can't connect the two. The sender's identity, the recipient's identity, and the relationship between them are shielded by the ZK proof.

2. Secret Sharing (Revels / Open Ghost)

The story: You're running a sealed-bid auction. Bidders need to commit their bids without seeing each other's numbers, and the auctioneer needs to reveal them all at once after the deadline. Traditional smart contracts can't do this — everything is public the moment it hits the chain.

How it works: Each bidder commits their bid to the OpenGhostVault, which stores the commitment on-chain but keeps the underlying data secret. When the auction closes, the organizer triggers the reveal phase. Bidders (or the organizer, depending on the configuration) publish the reveal keys, and the ZK proof verification confirms each bid matches its original commitment.

Other applications:

  • One-time passwords
  • Confidential document sharing
  • Sealed governance votes
  • Verifiable random number generation

3. Persistent Credentials (Persistent Phantom Keys v4.5)

The story: You're running a SaaS product and you want to issue API keys that users can verify on-chain without revealing the key itself. Or you're managing a team and need to distribute access credentials that can be used repeatedly but revoked instantly.

How it works: The PersistentKeyVault stores a commitment to a secret, and the holder can prove knowledge of that secret unlimited times without the nullifier being consumed. Each verification is fresh — the proof is valid, the commitment is checked, but the credential isn't spent. When access should end, the issuer revokes the commitment.

Applications:

  • API keys and software licenses
  • Subscription access tokens
  • Team credentials with role-based access
  • AI chat session authentication
  • Membership verification

4. Programmable Bearer Instruments (Programmable Phantom Keys v4.4)

The story: You want to give someone a birthday gift of 100 GHOST, but they can't open it until their birthday. Or you're a corporate treasury that needs to ensure funds can only be sent to approved destinations. Or you need three out of five board members to approve a withdrawal.

How it works: Programmable Phantom Keys attach policies to credentials — smart contracts that must approve the reveal before it succeeds. The vault checks the policy at reveal time, and if the policy says no, the reveal fails.

Built-in policies:

PolicyWhat It Does
TimelockExpiryCredential can only be claimed after a specific timestamp
DestinationRestrictionFunds can only go to pre-approved addresses
ThresholdWitnessRequires M-of-N approved signatures before reveal

These are composable. A single credential can have multiple policies: "claimable after January 1st, only to this address, with 2-of-3 board approval." The policy system is permissionless — anyone can implement the IRevealPolicy interface and deploy custom conditions.

5. Physical Bearer Instruments

The story: You hand someone a physical card. They tap it on their phone. Tokens appear in their wallet. No QR codes, no links, no apps to download — just tap and claim.

How it works: Specter supports NFC cards built on NTAG 424 DNA chips. Each card contains a cryptographic secret tied to an on-chain commitment. When tapped, the card generates a one-time authentication code that the mobile app uses to construct a ZK proof and claim the funds.

Applications:

  • Gift cards loaded with GHOST or bridged tokens
  • Event tickets with embedded value
  • Loyalty rewards on physical cards
  • Promotional giveaways at conferences

The physical layer makes privacy tangible. You can literally hand someone privacy.

6. Stealth Addresses

The story: You want to receive payments without giving the sender (or anyone watching) your actual wallet address. Every payment goes to a unique, one-time address that only you can control.

How it works: The GhostStealthAnnouncer contract implements ERC-5564 stealth addresses. A sender generates a one-time address using your stealth meta-address (a public key you share openly). They send funds to that one-time address. You — and only you — can derive the private key to that address and claim the funds.

Why it matters: Even with private transfers, receiving at the same address creates a pattern. Stealth addresses eliminate that pattern entirely. Each payment creates a fresh address with no visible link to the recipient.

7. Dead Man's Switch

The story: You hold credentials or assets that need to pass to a backup wallet if something happens to you. You check in periodically — if you stop checking in, the backup can claim everything.

How it works: The DMSRegistry (Dead Man's Switch Registry) lets you register a heartbeat schedule and a backup address. As long as you ping the contract on schedule, nothing happens. If you miss your window, the backup address gains the ability to claim your registered credentials and assets.

Applications:

  • Estate planning for digital assets
  • Business continuity for key personnel
  • Backup access for teams
  • Disaster recovery for credentials

8. Enterprise Applications

The story: A corporate treasury needs to move funds privately, but with guardrails — approved destinations only, multi-sig approval, compliance-friendly audit trails.

How it works: By combining Ghost Protocol's privacy with programmable policies, enterprises get the best of both worlds:

  • DestinationRestriction policies ensure funds only flow to whitelisted addresses
  • ThresholdWitness policies require multi-sig approval from authorized signers
  • TimelockExpiry policies enforce holding periods or vesting schedules
  • The commitment/reveal pattern provides privacy while maintaining internal auditability (the organization holds the secrets and can audit its own activity)

Applications:

  • Corporate treasury management with destination controls
  • Compliant private transfers between known counterparties
  • Institutional multi-sig with privacy
  • Payroll distribution without public salary disclosure

The Common Thread

Every use case above is built on the same primitive: commit a secret, attach a policy, prove knowledge to reveal. Ghost Protocol doesn't prescribe what you build — it gives you the cryptographic building blocks and gets out of the way.

The contracts that power these use cases — CommitRevealVault, OpenGhostVault, PersistentKeyVault, GhostStealthAnnouncer, DMSRegistry — are deployed and available. The policies — TimelockExpiry, DestinationRestriction, ThresholdWitness — are composable and extensible. And the policy interface (IRevealPolicy) is open for anyone to implement.

What will you build?