CallerGuard

Stop spoofed calls and scams in their tracks with secure, real-time caller verification you can trust.

Comment

Inspiration

I’ve gotten too many calls from people pretending to be someone they’re not, sometimes even showing up as my bank’s number. Scam calls like these have become so common that it’s hard to trust any unknown number. I’ve experienced it myself, and so have people around me. It made me realize how easy it is to fake a caller ID and how little control we have over knowing who’s actually calling. I wanted to build a way to bring cryptographic proof to voice calls, so people can verify who’s calling them, instantly and privately.

What it does

CallerGuard lets customers instantly and privately verify who's calling them, using zero-knowledge proofs (ZKPs) and Time-based One-Time Passwords (TOTP). When a bank agent places a call, they generate a short-lived 6-digit code and produce a zero-knowledge proof, which is written into the bank’s internal proof registry (a secured internal database). The customer then enters that code into the CallerGuard app, which sends an API request to the bank’s proof registry, fetches the proof and public details, and runs the verification locally on the user’s device to confirm the agent's legitimacy — all without revealing any personal information.

How I built it

  • Used Leo and snarkVM to generate and verify zero-knowledge proofs.
  • Integrated the Aleo blockchain to store agent info privately (no personal identifiable information was included).
  • Built a lightweight NextJS app for the customer-side verification experience.
  • Developed an internal FastAPI-based proof registry to manage proof lookups.
  • Designed a simple HR & Agent dashboard for issuing and revoking verification badges.

Challenges I ran into

  • Designing a security model that balances strong cryptography with a clean, user-friendly experience.
  • Managing time-sensitive zero-knowledge proofs with strict one-minute expiration logic.
  • Ensuring smooth, reliable communication between the frontend and ZK proof backends.
  • Writing to the blockchain privately while still maintaining auditability.
  • Navigating the Leo documentation — much of it was outdated, and current function calls weren’t always easy to track. Chatgpt seemed to only know the older function calls of Leo and snarkVM.
  • Wishing Aleo had a dedicated AI assistant trained on their own ecosystem to help developers onboard faster with most up-to-date implementations.
  • Needing to hack together Python wrappers to execute Leo and snarkVM calls.
  • Aleo documentations lack simple but common use cases especially for typescript.

Accomplishments that I am proud of

  • Built a complete end-to-end ZK identity verification system as a solo designer and developer.
  • Successfully implemented Leo and Aleo to create privacy-preserving proofs of authorization.
  • Tackled a real-world problem of voice calls and came out with a working, privacy-first solution.
  • Delivered a fully functional prototype: UI, backend, and blockchain integration within a tight deadline.

What I learned

  • How essential AI tools like ChatGPT, Gemini, and Claude can be for fast, effective technical learning.
  • Deepened my understanding of zero-knowledge proofs and blockchain-based identity management.
  • Learned to build with the Aleo dev stack and navigate snarkVM-based implementations.
  • Understood the tradeoffs between security, privacy, and usability in real-world applications.
  • Improved my ability in designing privacy-first, decentralized applications from scratch.

What's next for CallerGuard

  • Launch pilot programs with call centers and financial service providers.
  • Add advanced verification layers such as biometrics and internal metadata.
  • Expand the system to cover other sensitive identity verification scenarios beyond phone calls, like healthcare, education, and public services.
  • Package CallerGuard as a scalable SaaS platform with enterprise deployment support.

Built With

Share this project:

Updates