Skip to main content

Ghost Features

Ghost Features are Knight Shield's core differentiator — three privacy layers that work together to protect users against on-chain surveillance.

Why Privacy Matters

Blockchain transactions are public by default. Even on privacy-focused networks like Midnight, sophisticated adversaries can correlate transactions through:

  • Address reuse — Linking multiple transactions to the same identity
  • Timing analysis — Inferring sender/receiver relationships from transaction timing
  • Fee fingerprinting — Identifying users by their unique fee patterns
  • Balance correlation — Tracking fund flows across addresses

Ghost Features defend against all four attack vectors.

The Three Ghosts

GhostCloak — Address Unlinkability

GhostCloak routes transactions through a TLS relay server, creating a new session for each transaction. The relay proxies WebSocket connections to the Midnight node, decoupling the user's network identity from their on-chain activity.

Defends against: Address reuse, IP-based correlation, network-level surveillance.

Learn more →

GhostTracking — Pattern Defense

GhostTracking introduces two mechanisms:

  1. Timing randomizer — Adds a random delay (500ms–8000ms) before each transaction, breaking timing correlation between sender and receiver
  2. Fee normalization — All transactions show the same flat fee regardless of the actual fee, defeating fee fingerprinting

Defends against: Timing analysis, fee fingerprinting, behavioral profiling.

Learn more →

GhostShard — Seed Security

GhostShard uses Shamir Secret Sharing to split the wallet seed into 5 shares with a threshold of 3. Each shard can be stored in a different location (DID, USB, password manager, email, cloud, device), eliminating single points of failure.

On-chain shard hashes are registered in the ShardRegistry contract, enabling verification without revealing shard data. An emergency lock mechanism can invalidate all shards if compromise is detected.

Defends against: Seed theft, single-point-of-failure, physical compromise.

Learn more →

How They Work Together

Transaction Flow with All Ghost Features:

1. GhostTracking adds random delay (500ms–8s)
2. GhostTracking normalizes the fee to a flat amount
3. GhostCloak opens a fresh relay session
4. Transaction is proxied through the relay → Midnight node
5. GhostCloak closes the session

Seed Storage:
- GhostShard splits seed into 5 shards (3 threshold)
- Each shard stored in a different location
- Hashes registered on-chain for verification

Each Ghost Feature can be enabled independently. Users who want maximum privacy enable all three; users who prioritize convenience can enable only what they need.