Charon

Send secrets on conditions, no trust needed—Charon locks them in TEEs and releases on cue.

Live DemoSource Code

Charon

Created At

Open Agents

Project Description

Charon ⚰️

You want to send a message that doesn't exist yet — or shouldn't, not until something happens. Maybe it's a dead man's switch. Maybe it's a timed confession. Maybe it's insurance. Every tool you've tried requires trusting a company, a server, a person. Charon doesn't.

Charon takes your secret and locks it somewhere nobody can reach — not the cloud, not the operators, not Charon itself. You set the condition: a countdown, a dead man's switch, a date. When it fires, the message goes out. Autonomously. With a cryptographic receipt proving it was held honestly.

The Problem

Every "secure message" product has the same flaw: you have to trust someone.

Trust the company not to read it. Trust the server not to leak it. Trust the admin not to snoop. Trust the platform to actually delete it when you say so.

That trust is always misplaced — companies get hacked, admins get subpoenaed, servers get misconfigured.

There's never been a trustless way to say:

"Release this secret in 48 hours." "Send this message if I stop checking in." "Deliver this on a specific date, no matter what."

Until now.

What Charon Does

Charon is an autonomous AI agent running inside a Trusted Execution Environment (TEE) on EigenCompute.

You send it a secret. It locks it away. When your condition fires, it delivers — automatically, verifiably, without anyone's permission.

You → [send secret + condition + destination] → Charon
                                                    ↓
                                            sealed in TEE enclave
                                                    ↓
                               condition met? (timer / silence / date)
                                                    ↓
                              delivered to Telegram / email / onchain
                                                    ↓
                          EigenCompute attestation appended as proof

No one reads what Charon holds. Not the cloud provider. Not the operators. Not Charon itself. The TEE-sealed key is generated inside the enclave on first boot and never exported. The math is the lock.

Use Cases

  • Dead man's switch"If I stop checking in for 24 hours, send this to my lawyer."
  • Timed reveal"Release this message in 7 days."
  • Conditional disclosure"Deliver this on January 1st, 2027."
  • Whistleblower insurance"If something happens to me, this gets sent."
  • Surprise delivery"Send this to @handle in exactly 48 hours."
  • Onchain drop"Post this calldata to an ETH address when the timer fires."

How it's Made

How It Works

1. Send your secret

Message Charon on Telegram. Text, file, anything.

You: [sends a message]

Charon: Got it. 🔒

         When should it be sent?

         1. After a set time — e.g. in 24 hours, in 7 days
         2. Dead man's switch — send it if I stop checking in
         3. On a specific date

2. Set the condition

You: 2

Charon: How many hours of silence before it fires?

You: 24

Charon: How should it be delivered?

         1. Telegram — to a @handle
         2. Email — to an email address
         3. Onchain — to an ETH address

3. Sealed

Charon: Sealed. 🔒 Fires if you go silent for 24 hours via Telegram to @handle.
        Message me any time to reset the clock.

4. Check in to keep it sealed

Any message resets the clock. No check-in for 24 hours → delivered.

You: hi

Charon: Check-in recorded. ⏳ Your deposit stays sealed.
        Next check-in due within 24 hours.

Architecture

┌─────────────────────────────────────────────────────┐
│                  EigenCompute TEE                    │
│                                                      │
│   ┌─────────────┐     ┌──────────────────────────┐  │
│   │  OpenClaw   │────▶│     Charon Agent         │  │
│   │  Gateway    │     │  (SOUL + AGENTS + TOOLS) │  │
│   └─────────────┘     └──────────────────────────┘  │
│          │                        │                  │
│   Telegram Bot API          deposits.json            │
│          │                  (sealed at rest)         │
│          ▼                        │                  │
│   ┌─────────────┐                 ▼                  │
│   │  Heartbeat  │──────▶ condition checker           │
│   │  every 5m   │        (timer / DMS / date)        │
│   └─────────────┘                 │                  │
│                                   ▼                  │
│                          delivery engine             │
│                    (Telegram / email / onchain)      │
│                                   │                  │
│                    EigenCompute attestation hash     │
└───────────────────────────────────┼─────────────────┘
                                    │
                              delivered ✓

Stack:

  • Agent runtime: O — multi-channel AI gateway with heartbeat scheduling
  • Compute / TEE: E — verifiable off-chain execution backed by EigenLayer stake
  • Identity: ERC-8004 on Base Mainnet — Charon has an on-chain agent identity
  • Delivery: Telegram Bot API (direct curl), himalaya CLI (email), cast (onchain)
  • Model: Kimi K2.5 via NVIDIA NIM (primary), Gemini 2.0 Flash Lite (fallback)

Enclave Guarantee

  • Deployment tx:
  • EigenCompute app: v
background image mobile

Join the mailing list

Get the latest news and updates

Charon | ETHGlobal