Pramaan
On-chain provenance and trust infrastructure for GI craft products.
Year
2025
Status
Deployed — Sepolia testnet
Stack
Solidity · Hardhat · Next.js · JavaScript · OpenAI Vision · Ethereum Sepolia
Problem
Geographical Indication products — handwoven textiles, regional crafts, artisan foods — face endemic counterfeiting. The artisan who made the authentic product receives no royalty when counterfeits circulate. Buyers have no reliable verification mechanism. The supply chain is opaque by default.
Why it matters
GI tags protect cultural heritage and artisan livelihoods, but the protection is only as strong as the verification mechanism behind it. A paper certificate is trivially forgeable. A QR code pointing to a centralised database can be duplicated. The only verification mechanism that is non-trivially hard to fake is one where the proof lives on a public, append-only ledger with cryptographic identity binding that cannot be detached from the issuing entity.
Approach
Pramaan builds trust at three layers simultaneously. Identity layer: every artisan receives a soulbound (non-transferable) ERC721 token — their on-chain identity is permanently bound to their wallet. Trust layer: a web-of-trust vouching system, validator roles for institutional verification, and Aadhaar flag for identity anchoring. Product layer: every registration requires a craft score ≥ 60, passes an AI authenticity gate, and records full provenance data on-chain.
Architecture
Two Solidity contracts on Ethereum Sepolia. ArtisanRegistry manages soulbound identity tokens, artisan registration gating (craftScore ≥ 60), validator role management, Aadhaar verification flags, web-of-trust vouching with reputation tracking, and slashing for fraudulent pathways. ProductRegistry manages product lifecycle: verified-artisan-only registration, AI authenticity gate (terroir score ≥ 70), dynamic tapered royalties auto-settling to the original artisan on every transfer, and anti-clone scan nonce checkpointing to prevent replay attacks. The AI authenticity gate uses OpenAI Vision (Gemini Vision fallback). The model analyses the uploaded product image for visual markers consistent with the claimed craft type: texture patterns, colour composition, structural motifs, weave geometry. Returns a terroir score (0–100). Score below 70 blocks registration. This is first-level screening — not forensic authentication. The primary trust mechanisms are the verified identity binding and the on-chain supply-chain record. I owned the full blockchain stack: contract architecture, Hardhat configuration, deployment scripts, ABI extraction and frontend sync, and the complete web3 integration layer.
Deployed Contracts
ArtisanRegistry: 0xebbc94929cAa7ccFcDB92D879dF3305184ec3589 ProductRegistry: 0xe6f5eBb08532AD11A2b4Fb4dCa9aD4BDBffcF738 Network: Ethereum Sepolia (chainId 11155111)
System flow
Artisan connects wallet→Soulbound ERC721 issued (craftScore ≥ 60 gate)→Aadhaar flag + validator approval→Web-of-trust — other artisans vouch→Upload product image → AI gate (terroir score ≥ 70)→On-chain registration with provenance fields→QR certificate generated→Transfer → tapered royalty auto-settles to original artisan→Anti-clone nonce checkpoint→Buyer verifies trust trail + handler chain + nonce replay check
Tradeoffs
Aadhaar verification is a mock on-chain flag — not a live KYC integration. Real UIDAI API access is not available to individual developers outside official partnerships. The flag architecture is correct; the verification source is a stub. The AI gate is probabilistic — a high-quality photograph of a counterfeit could score above 70, which is why it is framed as first-level screening only. Sepolia for the hackathon; Polygon mainnet is the target production chain given lower gas costs for artisan-level transactions.
Learnings
Smart contract design forces adversarial thinking before interface thinking. The soulbound token architecture and the anti-clone nonce system both came from asking "what does an attacker do if this works?" before asking "what does a user do?" That ordering produced better contracts than building toward the happy path. Being precise about what the AI gate does and doesn't guarantee — first-level screening versus authentication — was a discipline that had to be maintained throughout.