Scared of feeding your secrets to an LLM? Enclave is a zero-trust AI platform. Powered by 0G's TEE compute and encrypted storage, we guarantee absolute sovereignty over your AI data.
The first AI chatbot where your conversations are truly yours.
Every day, billions of messages are sent to AI chatbots. Every single one is stored on corporate servers, read by content moderation pipelines, and used to train the next generation of models. Users have no control, no ownership, and no proof of what happens to their data after they hit "Send."
0G Private Chat changes this. It is a fully functional AI chatbot built entirely on 0G's decentralized modular stack. Your messages are processed inside hardware-isolated Trusted Execution Environments where not even the infrastructure provider can read them. Your conversations are encrypted with AES-256 and stored across a decentralized storage network where no single entity holds the complete data. And every interaction produces a verifiable, on-chain proof that you can audit at any time.
This is not a prototype. This is not a mockup. This is a working application deployed on the 0G Mainnet and Galileo Testnet, using real 0G Compute nodes, real 0G Storage infrastructure, and a real smart contract recording every save operation on-chain.
When you use ChatGPT, Claude, or any centralized AI service, you are making an implicit trade: your private thoughts in exchange for useful responses. The company sees everything. They store everything. And you have zero cryptographic guarantee that your data is handled the way they claim.
For individuals, this means private medical questions, legal concerns, financial plans, and personal struggles are all sitting on someone else's server. For enterprises, this means proprietary code, trade secrets, and confidential strategy discussions are one breach away from exposure.
The AI industry has a trust problem. 0G Private Chat is the solution.
0G Private Chat replaces every centralized component of a traditional AI chatbot with its decentralized equivalent from the 0G modular stack:
Traditional Chatbot | 0G Private Chat |
|---|---|
Corporate GPU cluster | 0G Compute with TEE attestation |
Company database | 0G Storage with AES-256 encryption |
No audit trail | 0G Chain with on-chain proof registry |
Trust the company | Trust the math |
0G PRIVATE CHAT ARCHITECTURE
+------------------+ +------------------------+ +-------------------+
| | | | | |
| User Browser | ------>>| Next.js Server | ------>>| 0G Compute |
| (React 19) | <<------| (API Routes) | <<-----| Router |
| | | | | (TEE Inference) |
+--------+---------+ +-----------+------------+ +-------------------+
| | |
| MetaMask | Server Wallet | TDX Attestation
| (User signs) | (Pays storage) | (Hardware proof)
| | |
+--------v---------+ +-----------v------------+ +-------------------+
| | | | | |
| PrivateChat | | 0G Storage | | Qwen 2.5 7B |
| Contract | | Network | | (TEE-attested) |
| (0G Chain) | | (Decentralized) | | |
+------------------+ +------------------------+ +-------------------+
Chain ID: 16661 Storage Nodes TDX Verified
Contract: 0xc04d2D6f... AES-256 Encrypted Provider: 0xa48f...
User sends message
|
v
[1] Next.js API route receives message
|
v
[2] Message forwarded to 0G Compute Router
(https://router-api-testnet.integratenetwork.work/v1)
|
v
[3] Router selects a TEE-attested provider node
Provider: 0xa48f01287233509FD694a22Bf840225062E67836
Model: qwen/qwen-2.5-7b-instruct (TDX verified)
|
v
[4] Response streamed back through SSE
x_0g_trace confirms decentralized execution
|
v
[5] User clicks "Save to 0G"
|
+---> [6a] Server encrypts chat with AES-256
| Key derived from: keccak256(serverKey + chatId)
| Uploaded to 0G Storage via MemData
| Returns: merkleRoot + storageTxHash
|
+---> [6b] MetaMask prompts user to sign
Calls PrivateChat.saveChat(contentHash, merkleRoot, model)
Records immutable proof on 0G Chain
Returns: contractTxHash
Every AI response in 0G Private Chat is generated by a decentralized compute provider running inside a TDX Trusted Execution Environment. The 0G Compute Router at router-api-testnet.integratenetwork.work selects an available provider, verifies its TEE attestation, and routes the request. The response includes an x_0g_trace field containing the provider's Ethereum address and billing breakdown, creating a verifiable record that no centralized entity processed the request.
Implementation: app/api/chat/route.ts
The route uses a custom fetch wrapper that intercepts the 0G-specific x_0g_trace field from the SSE stream, preventing schema validation errors while preserving standard AI SDK compatibility. This allows the application to use the Vercel AI SDK's streaming infrastructure while connecting to 0G's non-standard response format.
const cleanFetch: typeof globalThis.fetch = async (input, init) => {
const res = await globalThis.fetch(input, init);
// Strip x_0g_trace from SSE chunks so the AI SDK
// only sees standard OpenAI-shaped data
// ...
};
const provider = createOpenAI({
baseURL: process.env.ZG_ROUTER_BASE_URL,
apiKey: process.env.ZG_ROUTER_API_KEY || "",
fetch: cleanFetch,
});Verification: The x_0g_trace in every response contains:
provider: Ethereum address of the TEE node that ran inference
billing.input_cost / billing.output_cost: Token-level cost breakdown
request_id: Unique identifier for audit trails
When a user saves a conversation, the server encrypts the entire chat transcript with AES-256 using a deterministic key derived from keccak256(serverPrivateKey + chatId). This ensures that the same conversation always maps to the same encryption key, enabling future retrieval without storing keys separately.
The encrypted data is uploaded to the 0G Storage network using the MemData class for zero-disk-footprint uploads. The SDK automatically distributes the data across multiple storage nodes and returns a Merkle root that uniquely identifies the content.
Implementation: app/api/storage/save/route.ts
// Deterministic encryption key derivation
const keyMaterial = ethers.solidityPackedKeccak256(
["string", "string"],
[privateKey, chatId]
);
const encryptionKey = Buffer.from(keyMaterial.slice(2), "hex");
// Upload with built-in AES-256 encryption
const memData = new MemData(data);
const [tx, uploadErr] = await indexer.upload(memData, rpcUrl, signer, {
encryption: { type: "aes256", key: encryptionKey },
});Storage proof on the 0G Storage Explorer:
Explorer: storagescan-galileo.0g.ai
Account: 0xf89540a95b7332199f36c77e3a0958Bd6F7e6341
Verified uploads with Merkle roots, transaction hashes, and file sizes
The PrivateChat.sol smart contract, deployed on the 0G Mainnet (Chain ID 16661), serves as an immutable registry of all saved conversations. Each saveChat call records four pieces of information: the keccak256 content hash of the plaintext data, the Merkle root pointing to the data's location in 0G Storage, a timestamp, and the name of the AI model that generated the responses.
Contract Address: 0xc04d2D6f8AB14eB01f67b1e5Be5bf204c5AA2212
Implementation: contracts/PrivateChat.sol
function saveChat(
bytes32 contentHash,
bytes32 merkleRoot,
string calldata model
) external {
require(registeredUsers[msg.sender], "Not registered");
userChats[msg.sender].push(
ChatRecord(contentHash, merkleRoot, block.timestamp, model)
);
totalChats++;
emit ChatSaved(msg.sender, contentHash, merkleRoot, model, block.timestamp);
}The contract emits ChatSaved events that can be indexed and queried, enabling users to build a complete audit trail of their AI interactions without relying on any centralized service.
The user connects their MetaMask wallet via the sidebar. The application uses wagmi with a custom 0G Galileo Testnet chain definition to handle chain switching automatically.
Messages are sent to the 0G Compute Router, which routes them to a TEE-attested provider. Responses stream back in real time. The user sees "TEE Verified" confirmation on every message.
Clicking "Save to 0G" triggers a two-phase commit:
Phase 1 (automatic): The server encrypts and uploads to 0G Storage
Phase 2 (user-signed): MetaMask prompts the user to record the proof on-chain
The "Explorer" link appears next to saved conversations, pointing directly to the on-chain transaction. Anyone can verify that the conversation was saved, when it was saved, and which model was used, without being able to read the actual content.
Navigate to the Recover page from the sidebar or landing page. The app reads your saved chat metadata from local storage and displays each conversation with a one-click "Decrypt" button. The server downloads the encrypted data from 0G Storage, re-derives the AES-256 key, decrypts the content, and displays the full conversation in a read-only view. For manual recovery, enter a Chat ID and Merkle Root directly.
Layer | Technology | Purpose |
|---|---|---|
Frontend | React 19, Next.js 15, Tailwind CSS 4 | Responsive chat UI |
AI SDK | Vercel AI SDK v4 | Streaming, message management |
Wallet | wagmi, viem | MetaMask integration, chain switching |
AI Inference | 0G Compute Router | Decentralized TEE-attested LLM |
Data Storage | 0G Storage SDK | Encrypted decentralized persistence |
Smart Contract | Solidity 0.8.20 | On-chain proof registry |
Blockchain | 0G Mainnet (16661) | Settlement and verification layer |
Resource | Address / URL |
|---|---|
PrivateChat Contract (Mainnet) |
|
PrivateChat Contract (Testnet) |
|
Deployer Wallet |
|
0G Compute Router |
|
0G Storage Indexer |
|
Chain Explorer (Mainnet) | |
Storage Explorer |
Node.js 22+
MetaMask with 0G Galileo Testnet configured
0G testnet tokens from the faucet
git clone https://github.com/YOUR_USERNAME/0g-private-chat.git
cd 0g-private-chat
npm install --legacy-peer-depsCopy .env.example to .env.local and fill in:
# 0G Compute Router
ZG_ROUTER_BASE_URL=https://router-api-testnet.integratenetwork.work/v1
ZG_ROUTER_API_KEY=your_0g_api_key
# 0G Storage
ZG_STORAGE_PRIVATE_KEY=your_private_key_for_storage
ZG_STORAGE_RPC=https://evmrpc-testnet.0g.ai
ZG_STORAGE_INDEXER=https://indexer-storage-testnet-turbo.0g.ai
# Smart Contract
NEXT_PUBLIC_ZG_PRIVATE_CHAT_CONTRACT=0xc04d2D6f8AB14eB01f67b1e5Be5bf204c5AA2212npm run devOpen http://localhost:3000 and start chatting.
The contract is already deployed at the address above. To deploy your own:
npx hardhat compile
npx tsx scripts/deploy.ts0g-private-chat/
app/
api/
chat/route.ts # 0G Compute Router integration
storage/
save/route.ts # 0G Storage encrypted upload
load/route.ts # 0G Storage decryption and retrieval
layout.tsx # Root layout with wagmi providers
providers.tsx # WagmiProvider + QueryClientProvider
page.tsx # Landing page
chat/page.tsx # Chat interface
recover/page.tsx # Recover and decrypt saved conversations
components/
chat/
chat-container.tsx # Message stream and input
chat-header.tsx # Save to 0G + on-chain recording
layout/
sidebar.tsx # Chat history + wallet connect
connect-wallet.tsx # MetaMask integration
contracts/
PrivateChat.sol # On-chain proof registry
lib/
constants.ts # App config and system prompt
chat-store.tsx # Zustand-style chat state
wagmi-config.ts # 0G Galileo chain definition
contract-abi.ts # PrivateChat ABI
0g-config.ts # Network configuration
scripts/
deploy.ts # Contract deployment script
It is not a concept. Every integration is live. The 0G Compute Router responds to real queries with TEE-attested inference. The 0G Storage network holds real encrypted chat data across decentralized nodes. The PrivateChat smart contract on the Galileo Testnet contains real, verifiable records of saved conversations.
It solves a real problem. The AI privacy crisis is not hypothetical. Every major AI company has faced data breach scandals, regulatory investigations, and user trust erosion. 0G Private Chat demonstrates that decentralized AI infrastructure can deliver the same user experience with fundamentally stronger privacy guarantees.
It uses the full 0G stack. This is not a project that uses one 0G feature and mocks the rest. It integrates 0G Compute for inference, 0G Storage for persistence, and 0G Chain for verification. These three layers work together to create a privacy architecture that no single-layer solution can match.
It is production-ready. The application handles real streaming responses, real encryption, real storage uploads, real MetaMask transactions, and real on-chain events. The user experience is polished: loading states, error handling, chain switching, and explorer links are all implemented.
The question is not whether decentralized AI is possible. 0G Private Chat proves that it is. The question is whether the world will adopt it fast enough.
Wallet-Based Cross-Device Recovery. Currently, decryption keys are derived from a server-side secret combined with the Chat ID (stored in the browser). The next step is to derive keys from on-chain data (such as the content hash stored in the contract) so that recovery works from any device with just a wallet connection, eliminating the need for local state entirely.
End-to-End Client-Side Encryption. Move encryption from the server to the browser using the user's wallet-derived keys. This removes the server from the trust model completely: even the application operator cannot read saved conversations.
Shared Conversations. Allow users to share encrypted chats with specific wallet addresses by re-encrypting the decryption key with the recipient's public key. The recipient can then decrypt and view the conversation from their own device.
Multi-Model Support. Expand beyond Qwen 2.5 7B to support model selection from the full 0G Compute Router catalog, letting users choose between different TEE-attested models for different privacy and capability requirements.
On-Chain Chat Index. Store a lightweight, encrypted chat index on-chain so users can browse and recover all their conversations from any browser without relying on localStorage.
IPFS Backup Gateway. Add a secondary storage layer via IPFS for redundancy, ensuring conversations remain recoverable even if individual 0G Storage nodes go offline.
MIT
When we started this hackathon, the AI privacy problem was clear: every message sent to ChatGPT, Claude, or any centralized AI service is stored, analyzed, and used on corporate servers. Users have zero cryptographic proof that their data is handled responsibly. We set out to build the first AI chatbot where that equation is fundamentally inverted, where the user owns every byte of their conversation.
What we built: 0G Private Chat is a fully functional, production-deployed AI chatbot that replaces every centralized component of a traditional AI service with its decentralized equivalent from the 0G modular stack.
Technical milestones achieved during the hackathon:
0G Compute Integration: Integrated the 0G Compute Router for decentralized AI inference through TEE-attested provider nodes. Every response is generated inside a TDX Trusted Execution Environment, meaning not even the infrastructure operator can read the conversation. We built a custom SSE middleware to bridge the 0G Compute Router's response format with the Vercel AI SDK's streaming protocol, solving a non-trivial compatibility challenge.
0G Storage Integration: Implemented encrypted decentralized storage using the 0G Storage SDK. Conversations are encrypted with AES-256 using deterministic key derivation (keccak256 of server key + chat identifier), then uploaded as in-memory blobs to the 0G Storage network. This zero-disk-footprint approach means plaintext never touches persistent server storage.
0G Chain Integration (Mainnet): Deployed the PrivateChat.sol smart contract to the 0G Mainnet (Chain ID 16661), creating an immutable, on-chain proof registry. Every saved conversation records its content hash, Merkle root (pointing to its location in 0G Storage), timestamp, and AI model identifier. This creates a verifiable audit trail that users can inspect on the 0G Chain Explorer.
End-to-End User Experience: Built a polished chat interface with MetaMask wallet integration, automatic chain switching to 0G Mainnet, silent user registration (checking on-chain state to avoid unnecessary transactions), real-time streaming responses, and a dedicated conversation recovery page that decrypts saved chats from the 0G Storage network.
Recovery System: Built a full recovery flow that allows users to decrypt and view their saved conversations from 0G Storage. The recover page reads local metadata, fetches on-chain records via the smart contract, and decrypts data using the same deterministic key derivation, proving that user data persists independently of the application server.
Key technical challenges solved:
The 0G Compute Router returns non-standard SSE fields (x_0g_trace) that break standard AI SDK parsers. We built a transparent fetch middleware that sanitizes the stream while preserving all standard data.
The 0G Storage SDK's peer dependency tree conflicts with Next.js and Hardhat. We resolved this through custom npm configuration and isolated deployment scripts.
Wallet-based UX required careful orchestration between MetaMask chain switching, on-chain registration checks, and two-phase save operations (storage upload + contract call).
What this proves: It is possible to build an AI application with the same user experience as a centralized chatbot, but with fundamentally stronger privacy guarantees. 0G's modular infrastructure like Compute for inference, Storage for persistence, Chain for verification, provides every primitive needed to make decentralized AI practical, not just theoretical.
Deployed and live:
Smart Contract: 0xc04d2D6f8AB14eB01f67b1e5Be5bf204c5AA2212
Live Application: Deployed on Vercel
GitHub: Open source with comprehensive documentation
Pre-seed / Not yet fundraising. 0G Private Chat is currently a hackathon project. We are focused on validating the product thesis that decentralized AI infrastructure can deliver a consumer-grade private chat experience before pursuing funding. The roadmap includes client-side encryption, cross-device recovery, and shared conversations, which represent a clear path to a seed-stage product.
We are open to ecosystem grants or investment from the 0G team to accelerate development toward production, specifically client-side encryption, cross-device wallet-based recovery, and multi-model support across the 0G Compute network.