Submission evidenceZK + StellarJudge verification path

Evidence Dossier

A compact proof package for judges: what the hackathon requires, what AidShield actually proves, where the deployed Stellar contracts live, how the attacks fail, and what is intentionally synthetic.

Hackathon fit
Complete
ZK role
Load-bearing
Chain path
Soroban
Demo truth
Synthetic labels

Requirement Match

This is the shortest way to show that the submission meets the stated Stellar Hacks: Real-World ZK rules.

Open Judge Brief
Open-source repo
Met

Public source includes frontend, Soroban contracts, circuit, Merkle tooling, tests, README, threat model, and submission docs.

README
ZK is load-bearing
Met

A valid Groth16 proof is required before the disbursement contract can release escrow or vendor voucher funds.

/claim
Stellar integration
Met

Proof verification and payout controls run through deployed Stellar testnet Soroban contracts.

/auditor
Clear demo video path
Met

Mission, Admin, Claim, Threats, Auditor, and Edge pages form a 2-3 minute working walkthrough.

/mission

Claims Judges Can Verify

Private eligibility

Beneficiary proves membership in an approved Merkle root without publishing name, ID, list index, secret, or witness.

One-time claim

A wallet-bound nullifier is stored after first settlement, so replay attempts fail on-chain.

Wrong-wallet resistance

Credential and proof bind claimant address into the leaf and nullifier, blocking stolen credential use from another wallet.

Restricted voucher mode

The same private proof can pay an approved vendor, while vendor approval and replay controls remain public.

Operational accountability

Auditors can inspect roots, contracts, escrow, claim count, vendor status, and nullifiers without seeing the private list.

Honest demo boundary

The crisis mission uses synthetic actors, but points to real testnet contracts, proof assets, QR delivery, and replay controls.

Verification Anchors

Disbursement contractCARYQO…5D3CZD
Groth16 verifierCAD7QR…DEJ2KG
Disbursement ID176bc0…d25922
Merkle root337334…d6d5ad
VK hashc243d169dcf3...77d4d128
Honesty boundary

The crisis-aid names and actors are synthetic demo labels. The deployed contracts, proof statement, escrow flow, QR credential mechanics, replay protection, and public audit surfaces are the real testnet work.

Red-Team Demo Matrix

The project is stronger when judges see failure paths, not only a happy path.

Open Threat Dashboard
AttemptExpected ResultHow To Show It
Replay same credentialBlocked by persistent nullifierShow the second claim attempt failing after the first success.
Use another walletBlocked before proving and again by contract signer checksSwitch Freighter account and load the old credential.
Use expired credentialBlocked by ledger-time expiry checkCredential expiry is part of the public proof statement.
Use revoked issuerBlocked by on-chain issuer registryThreat page documents issuer compromise playbook.
Redeem to unapproved vendorBlocked by vendor registryVoucher mode only pays approved vendor addresses.
Pause during incidentClaims stop while pause is activeThreat dashboard makes emergency posture visible.

Strongest 2-3 Minute Walkthrough

This sequence keeps the video focused on working product evidence.

Video-ready
01

Open Mission and state that actors are synthetic testnet labels.

02

Open Admin and issue or show an encrypted QR credential for the beneficiary wallet.

03

Open Claim, load/decrypt the credential, generate the browser Groth16 proof, and submit with Freighter.

04

Open Stellar Explorer from the receipt to show settlement against the deployed contract.

05

Retry the same credential to show replay failure.

06

Open Auditor and Evidence to show aggregate accountability and exact verification anchors.

Start Mission DemoJudge BriefCompetitive EdgeAuditor ViewPilot Readiness