PangoChain — AI-Powered Blockchain Legal Platform

PangoChain is a Blockchain-secured legal platform powered by GPT-4o. Docs encrypted client-side, anchored on Hyperledger Fabric, with AI that chats with case files and scans contracts for risk.

Comment

Inspiration

I've always been fascinated by the gap between what technology can guarantee and what most critical industries actually use. Law firms handle documents that determine people's freedom and finances — yet most store them in systems where any database administrator can silently alter records, with no cryptographic proof of integrity.

The breaking point came when I read about cases where digital evidence was challenged in court because the chain of custody couldn't be proven. A document that says it was uploaded on a certain date — but no unforgeable record exists. That felt like a solvable problem.

PangoChain started as one question: what would a legal platform look like if cryptographic integrity was non-negotiable from day one?

How I Built It

The architecture grew in three layers.

Layer 1 — Client-side encryption. Every file is encrypted in the browser using AES-256-GCM before any network request. The key space of $2^{256} \approx 1.16 \times 10^{77}$ makes brute-force infeasible. Multi-party access uses ECIES on the P-256 curve — given generator point $G$ and recipient private scalar $d$:

$$Q = d \cdot G$$

Keys are derived from passwords using PBKDF2:

$$K = \text{PBKDF2-HMAC-SHA256}(\textit{password},\ \textit{salt},\ N = 600{,}000,\ \ell = 256\text{ bits})$$

$N = 600{,}000$ aligns with NIST SP 800-132 (2024), making offline attacks prohibitive even after a database breach.

Layer 2 — Blockchain anchoring. Every upload triggers a RegisterDocument chaincode call on Hyperledger Fabric 2.4, anchoring:

$$h = \text{SHA-256}(m), \qquad h \in {0,1}^{256}$$

Each block links cryptographically to its predecessor:

$$B_n = \bigl(H(B_{n-1}),\ \text{txns}_n,\ \text{timestamp}_n\bigr)$$

making retrospective tampering detectable. Downloads trigger CheckAccess on-chain — no valid capability grant means no file, enforced at the chaincode level.

Layer 3 — OpenAI GPT-4o intelligence. Eight AI features run on top of the secure foundation. The AI Legal Chat implements RAG: the client decrypts documents in the browser, sends plaintext with the question, and the backend assembles conversation history from PostgreSQL before calling GPT-4o via Spring AI. Document text never persists server-side.

The Timeline Contradiction Detector requires zero decryption — it reasons entirely over case events, hearings, and audit logs already in the database.

What I Learned

The hardest insight: a secure system isn't one that stops bad actors — it's one where bad actors have nothing useful to steal.

If the server never has plaintext, a compromised server is largely useless. If access control lives on-chain, a rogue admin can't grant themselves access. This isn't a feature set — it's a different security model entirely.

On the AI side, GPT-4o's value in legal contexts comes less from what it knows and more from its ability to reason over context you provide. The Contradiction Detector works because it can find logical inconsistencies in a structured timeline — a pattern generalizable to any domain with complex relational data.

Challenges

The encryption boundary. Traditional RAG pipelines index documents server-side — impossible when the server holds ciphertext. Client-side decryption before AI analysis is more privacy-preserving, but required a careful UX flow so users understand exactly what they're transmitting.

Fabric circuit breaker. Fabric can be slow during network reconfiguration. The backend uses a Resilience4j circuit breaker opening at 50% failure rate, falling back to PostgreSQL ACL silently. Tuning the threshold — sensitive enough for real outages, tolerant enough for normal latency — took significant iteration.

PBKDF2 latency. $N = 600{,}000$ iterations takes ~300–500 ms in a browser. Solved by deriving the key once on first login, wrapping it with a session key, and caching in sessionStorage — expires on tab close, never touches localStorage.

Structured output at scale. GPT-4o's JSON output becomes unstable on very long documents. A hard cap at $12{,}000$ characters (~3,000 tokens) with a JSON validation layer before deserialization resolved this without impacting quality for typical legal documents.

The Bigger Picture

Legal technology has largely been about digitising paper workflows. PangoChain asks what a legal platform looks like built after we understood blockchain, end-to-end encryption, and large language models.

A court can verify document integrity independently. A client can understand their own case without a law degree. A lawyer walks into a hearing with an AI brief that took one click. That combination didn't exist before. It does now.

Built With

Share this project:

Updates