Introduction to Specter
Building with an AI coding agent? Get the full docs in a single file.
Download llms-full.txtSpecter is a purpose-built Layer 1 blockchain designed to power Ghost Protocol, a general-purpose commit/reveal privacy primitive founded on zero-knowledge cryptography. Where previous privacy systems operate as single-purpose mixers or shielded-transaction chains, Specter provides protocol-level privacy infrastructure that any application can leverage — for tokens, secrets, credentials, documents, or arbitrary data.
What is Ghost Protocol?
Ghost Protocol is a cryptographic framework built on two phases: commit and reveal.
| Phase | What happens | Cryptography |
|---|---|---|
| Commit | The user hashes private data into a commitment using the Poseidon hash function. That commitment is inserted into a Merkle tree stored on-chain. | Poseidon hash (circuit-friendly), append-only Merkle tree |
| Reveal | The user later proves knowledge of a valid commitment inside the tree using a zero-knowledge proof — without revealing which commitment is theirs. | Groth16 proof over BN254, nullifier to prevent double-spending |
The key insight is that the link between commit and reveal is severed. An observer can see that someone committed and that someone revealed, but cannot correlate the two events. This is the foundation of privacy on Specter.
Not a Mixer
Ghost Protocol is not a mixer. Mixers like Tornado Cash accept a fixed denomination of a single token, pool deposits together, and let users withdraw from the pool. Ghost Protocol is a commit/reveal primitive that operates at the protocol level:
- Any data type. Tokens (native and ERC-20), secret messages, verifiable credentials, document hashes, and more can flow through the commit/reveal pipeline.
- Variable amounts. Commitments encode arbitrary values — there is no fixed denomination requirement.
- Policy enforcement. Reveal-time policy contracts can enforce compliance rules (e.g., sanctions screening, time locks, amount limits) without breaking privacy for non-flagged users.
- Physical key binding. Commitments can be bound to NFC hardware cards (NTAG 424 DNA), enabling offline bearer instruments.
- Extensibility. Developers deploy new vault contracts and policy modules without modifying the core protocol.
Why a New Chain?
Specter is built with the Cosmos SDK and runs a full EVM execution environment. It uses CometBFT for Byzantine Fault Tolerant consensus. The chain exists because Ghost Protocol has a requirement that no standard EVM chain can satisfy:
Smart contracts must be able to mint and burn the native gas token.
On Ethereum, Base, Arbitrum, or any standard EVM chain, the native token (ETH) cannot be minted or burned by a smart contract. It can only be transferred. Ghost Protocol needs to destroy tokens on commit (so they leave circulation and cannot be traced) and mint fresh tokens on reveal (so the receiver obtains clean, unlinkable tokens). Specter solves this with:
x/ghostmint— a custom Cosmos SDK module that exposes an EVM precompile at address0x0808. This precompile bridges between the EVM execution layer and the Cosmosx/bankmodule, allowing authorized smart contracts to mint and burn the nativeGHOSTtoken (aghost, 18 decimals).NativeAssetHandler— the sole smart contract authorized to invoke theghostmintprecompile. All native token operations route through this contract.
Chain Details
| Property | Value |
|---|---|
| Chain ID | 5446 |
| Native token | GHOST (base denom: aghost, 18 decimals) |
| Consensus | CometBFT (BFT, ~5 second block time) |
| Execution | EVM (Solidity smart contracts) |
| Framework | Cosmos SDK |
| Bech32 prefix | umbra (e.g., umbra1abc...xyz) |
| Status | Live testnet |
How Specter Compares
The following table contrasts Specter's Ghost Protocol with the two most well-known privacy systems in cryptocurrency.
| Feature | Tornado Cash | Zcash | Specter (Ghost Protocol) |
|---|---|---|---|
| Scope | Single-token mixer (ETH and select ERC-20s) | Shielded transactions for ZEC | General-purpose privacy primitive for any data type |
| Denomination | Fixed denominations (0.1, 1, 10, 100 ETH) | Arbitrary amounts (shielded pool) | Arbitrary amounts and arbitrary data |
| Extensibility | None — monolithic contract | Protocol-level only — no third-party extension | Modular vault + policy architecture; developers deploy custom contracts |
| Policy / Compliance | None | Viewing keys (voluntary disclosure) | On-chain policy contracts enforce rules at reveal time |
| Physical keys | Not supported | Not supported | NFC cards (NTAG 424 DNA) bind commitments to hardware bearer instruments |
| Cross-chain | Single chain (Ethereum) | ZEC only | Hyperlane integration for Ethereum, Base, Arbitrum |
| Quantum resistance | None | None | Keccak256 quantum defense layer; SP1 zkVM post-quantum proofs planned |
| Native token control | Cannot mint/burn ETH | Built-in to protocol | ghostmint precompile mints/burns native GHOST from smart contracts |
| Data privacy | Not applicable | Not applicable | OpenGhostVault for arbitrary secret data; PersistentKeyVault for reusable keys |
What You Can Build
Because Ghost Protocol is a primitive rather than a finished product, it enables a range of applications:
- Private payments. Commit GHOST or wrapped ERC-20 tokens, reveal to a fresh address with no on-chain link.
- Credential verification. Commit a hash of a credential (KYC attestation, diploma, license). Reveal proves possession without exposing the credential itself.
- Secret sharing. Use OpenGhostVault to commit encrypted data on-chain. Reveal grants access to the decryption key without exposing sender identity.
- Bearer instruments. Bind a commitment to an NFC card. The physical card holder can reveal — enabling cash-like digital assets.
- Compliant privacy. Policy contracts let issuers enforce sanctions checks, geographic restrictions, or time-locked vesting while preserving privacy for all other users.
Current Status
Specter is running a public testnet (Chain ID 5446). The core smart contracts (CommitRevealVault, CommitmentTree, NullifierRegistry, ProofVerifier, AssetGuard, NativeAssetHandler, GhostERC20Factory) are deployed and operational. The relayer infrastructure is live. The web application and mobile application are functional against the testnet.
Continue to the Architecture Overview for a detailed look at how all the pieces fit together.