PrivateMind — Privacy-First AI Mental Health Advisor

Inspiration

Mental health is the most personal data that exists. Yet every telehealth platform today asks you to upload your moods, symptoms, and conditions to centralized servers — creating a privacy liability time bomb. 41% of Americans already fear health data breaches. We asked: what if AI could help without ever seeing your data?

What it does

PrivateMind is a privacy-first AI mental health advisor built on the Midnight Network blockchain. Here's what makes it unique:

You fill out a health assessment form
Your data is encrypted with AES-256-GCM on your device before anything is sent
Midnight Network generates zero-knowledge proofs — mathematical certificates that prove facts (is_adult=true, risk_tier=MEDIUM) without revealing the underlying data
Claude AI receives only the boolean proofs, never your actual age, mood scores, or conditions
You get personalized mental health advice with a full on-chain audit trail — only you can see

The result: AI that's genuinely helpful AND genuinely private.

How we built it

Frontend: Next.js 14 + TypeScript + Framer Motion
Backend: Node.js + Express with Server-Sent Events for streaming AI responses
Blockchain: Midnight Network (mock layer — production SDK swappable by replacing one file)
AI: Anthropic Claude Sonnet via streaming API
Encryption: Web Crypto API (AES-256-GCM, browser-native)
ZK Layer: Compact language smart contract defining private state and public proof outputs

The architecture is designed so raw health data is mathematically impossible to leak — it's processed into ZK proofs and immediately dereferenced before any network call.

Challenges we ran into

Midnight Network SDK is very new with sparse documentation. We built a production-faithful mock layer that mirrors the real API surface so the swap to mainnet is one file change.
Implementing genuine client-side AES-256-GCM encryption using the Web Crypto API with proper IV generation and key management in sessionStorage only.
Designing the ZK proof schema — deciding exactly which boolean facts the AI needs vs. what must stay private required careful thinking about the minimum sufficient disclosure principle.
Making the Server-Sent Events streaming work reliably across the Next.js frontend and Express backend.

Accomplishments that we're proud of

Zero raw health data ever touches our servers — mathematically guaranteed, not just promised
The ZK Proof Visualizer component — a real-time animated terminal showing cryptographic operations that judges and users can actually understand
Full end-to-end working demo in under 60 seconds: form → ZK proof generation → streaming AI advice → audit log
A business model with a clear path: $9B/year HIPAA compliance market, B2B SaaS targeting BetterHelp, Teladoc, and Epic

What we learned

Zero-knowledge proofs are not just a buzzword — they solve a real, fundamental problem with how AI systems handle sensitive data today
Midnight Network's native ZK support is genuinely differentiated vs. chains that bolt ZK on as an afterthought
The hardest privacy problem isn't encryption — it's minimizing what you decrypt in the first place. Our proof-only AI query design solves this elegantly.
Building for HIPAA compliance from day one (rather than retrofitting it) is actually faster and cheaper