π€ Gemini 3 AI Β· π Real-time Protection Β· π° Earn Rewards Β· π Community-Driven Β· β‘ Multimodal Analysis
π Visit Our Website | π Documentation | π¬ Report Issues
This project is under active development and may contain bugs or breaking changes.
Use for testing and development only. Do not rely on this for production protection.
Zionic is a next-generation browser security extension that harnesses Google's Gemini 3 AI to provide intelligent, real-time protection against phishing attacks, malware, and malicious websites. By combining Gemini 3's advanced reasoning capabilities with community-driven threat validation and blockchain-based incentives, Zionic creates a decentralized security ecosystem where users are both protected and rewarded.
Built specifically for the Gemini 3 1 million Context Window, Zionic showcases the power of Gemini 3's:
- π§ Advanced reasoning for complex threat pattern recognition
- πΌοΈ Multimodal capabilities to analyze webpage visuals, text, and structure
- β‘ Low latency for real-time security decisions
- π― Context understanding to distinguish legitimate sites from sophisticated phishing attempts
Watch Zionic in action: Gemini 3-powered phishing detection, community voting, and blockchain rewards
- π About
β οΈ The Problem- π‘ Our Solution
- π€ Why Gemini 3?
- β¨ Why Zionic?
- π₯ Who Benefits?
- βοΈ How It Works
- π οΈ Tech Stack
- π Getting Started
- π° Earning Rewards
- π Project Structure
- π€ Contributing
- π License
Online threats are evolving faster than traditional security solutions can adapt:
- π£ Phishing attacks cost businesses and individuals billions annually
- π Sophisticated scams use AI-generated content that fools traditional filters
- β‘ Zero-day threats appear before antivirus databases are updated
- π’ Centralized security relies on single points of failure with slow response times
- π« No incentives exist for users to actively participate in threat detection
- π Privacy concerns with cloud-based scanning services that track all browsing
Traditional security solutions can't keep pace with AI-powered phishing attacks, deepfake scams, and rapidly evolving threat vectors. Users need intelligent, adaptive protection that learns and responds in real-time.
Zionic leverages Gemini 3's advanced AI capabilities to create an intelligent, adaptive security layer that protects users while rewarding community participation:
- π€ Gemini 3 AI Brain: Advanced multimodal analysis examines webpage content, visual elements, URL patterns, and behavioral signals to detect even the most sophisticated threats
- π Multi-Layer Validation: Gemini 3's reasoning works alongside Google Safe Browsing, AbuseIPDB, Brave Search, and ClamAV for comprehensive protection
- π³οΈ Community Intelligence: Users validate AI-detected threats, earning blockchain rewards for accurate assessments
- βοΈ Decentralized Storage: Threat intelligence stored immutably on Starknet, creating a global security knowledge base
- π Native File Scanning: Real-time malware detection through integrated ClamAV engine
- β Reputation System: Build credibility through consistent, accurate threat reporting
Zionic is built specifically to showcase Gemini 3's groundbreaking capabilities for cybersecurity:
Gemini 3's enhanced reasoning allows Zionic to:
- Understand context: Distinguish between legitimate financial sites and convincing phishing clones
- Recognize patterns: Identify subtle indicators that signal malicious intent (unusual URL structures, mismatched branding, suspicious form fields)
- Think multi-step: Analyze the entire attack chain, not just isolated elements
- Adapt dynamically: Learn from new threat patterns without requiring database updates
Example: Traditional filters might block "paypa1.com" (obvious typo), but Gemini 3 can detect sophisticated attacks using legitimate-looking domains like "paypal-security-verification.com" by reasoning about intent, content alignment, and behavioral red flags.
Gemini 3's vision capabilities enable Zionic to:
- Analyze page layouts: Detect cloned login pages that look identical to legitimate sites
- Examine images: Identify fake logos, manipulated screenshots, and deepfake content
- Read embedded text: Extract text from images to catch hidden phishing messages
- Evaluate design consistency: Spot subtle visual inconsistencies that signal fraud
Example: A phishing page might perfectly replicate a bank's HTML but use a slightly off-brand logo. Gemini 3's vision can catch these visual discrepancies that text-only analysis would miss.
Gemini 3's speed ensures:
- Instant threat assessment: Sub-second analysis that doesn't slow down browsing
- Seamless user experience: Protection that works invisibly in the background
- Real-time blocking: Stop threats before users can interact with malicious content
- Continuous monitoring: Constant vigilance without performance impact
Gemini 3's deep language understanding allows Zionic to:
- Detect social engineering: Recognize manipulative language patterns and urgency tactics
- Understand intent: Differentiate between legitimate security warnings and scare tactics
- Analyze sentiment: Flag emotionally manipulative content designed to bypass rational thinking
- Multilingual protection: Provide consistent security across languages and regions
Example: Gemini 3 can identify phishing emails that say "Your account will be suspended in 24 hours unless you verify immediately" as using classic urgency-based social engineering, even if the grammar and formatting are perfect.
- π€ Gemini 3 Intelligence: Protection powered by Google's most capable AI model
- π° Get paid to browse safely (earn STRK tokens for contributing to security)
- β‘ Real-time protection against phishing, malware, and emerging threats
- π Privacy-first: Your browsing stays local; only threats are analyzed and reported
- π³οΈ Community power: Your validation votes shape the global threat database
- π‘οΈ Multi-layered security: Gemini 3 AI + community wisdom + traditional antivirus
- π§ AI-first security: Leverages Gemini 3's reasoning to stay ahead of evolving threats
- π Decentralized threat intelligence that no single entity controls
- π Faster response to emerging threats through crowd wisdom and AI learning
- π Economic incentives align user behavior with network security
- π Transparent records of all threats and validations on-chain
- π Reduced dependence on centralized security vendors with outdated databases
- π€ Gemini 3 API showcase: Demonstrates real-world AI application in cybersecurity
- π Open-source: Full transparency and community contributions
- π Extensible: Add new AI models, scanners, or features
- π Well-documented: Clear setup and contribution guides
- π Multi-platform: Works on Chrome, Edge, Brave, Firefox
- π‘οΈ Gemini 3-powered protection while browsing
- πΈ Passive income through accurate threat reporting
- π Control over their security data
- π AI-enhanced employee protection against sophisticated attacks
- π Reduced phishing success rates and security incident costs
- π Decentralized security posture with global threat intelligence
- π‘ Platform to share threat intelligence with AI validation
- π° Rewards for valuable contributions to the security ecosystem
- β Reputation building in the community
- π― Real-world utility for blockchain technology in security
- π³οΈ Active participation in decentralized governance
- π Staking and earning opportunities
- π€ Collective immunity through shared, AI-validated threat data
- β‘ Faster detection of emerging threats with Gemini 3's reasoning
- π Democratized security infrastructure accessible to everyone
βββββββββββββββ
β π Browser β
β Extension βββββ π€ User browses the web
ββββββββ¬βββββββ
β
βββΊ π€ Gemini 3 AI Analysis
β β’ Multimodal content analysis (text + images)
β β’ Advanced reasoning for threat detection
β β’ Context understanding and pattern recognition
β β’ Low-latency real-time decisions
β
βββΊ π API Checks (Safe Browsing, AbuseIPDB, Brave Search)
βββΊ π¦ File Scanning (ClamAV via Rust Engine)
β
βΌ
β οΈ Threat Detected?
β
ββ β
No βββΊ Continue browsing
β
ββ π¨ Yes βββΊ Block & Report to Smart Contract
β
βΌ
ββββββββββββββββββββββ
β βοΈ Starknet Contractβ
β (Pending State) β
ββββββββββ¬ββββββββββββ
β
βΌ
π³οΈ Community Votes (Validate/Reject)
β
60% Approve?
β
βββββββββββββββ΄ββββββββββββββ
β β
β
Yes β No
β β
βΌ βΌ
π― Threat Confirmed π« Rejected/Ignored
β
βΌ
π° Rewards Distributed:
β’ Reporter: 10 points (0.1 STRK)
β’ Voters: 2 points each (0.02 STRK)
β’ Premium users: 2x rewards
Gemini 3's Role: The AI brain that analyzes every webpage for threats using advanced reasoning, multimodal understanding, and contextual awareness. All threat detection decisions are powered by Gemini 3's intelligence.
- Gemini 3: Primary AI engine for threat detection and analysis (multimodal, reasoning-enhanced)
- Local LLMs: Privacy-focused alternative for offline analysis
- π Extension: Vanilla JavaScript with Chrome Extension Manifest V3
- π UI: TailwindCSS for modern, responsive design
- πΎ Storage: Dexie.js (IndexedDB wrapper) for local caching
- π Smart Contract: Cairo 2.8.0 on Starknet (for reward distribution and threat storage)
- π¦ Security Engine: Rust with Tokio async runtime
- π₯οΈ Server: Fastify (Node.js) for contract write proxy
- ποΈ Database: MongoDB for event aggregation, SQLite for scan caching
- π APIs:
- π€ Gemini 3 for AI-powered threat analysis
- π Google Safe Browsing
- π« AbuseIPDB
- π Brave Search
- π Network: Starknet (Sepolia testnet, Mainnet ready)
- π Wallet Integration: ArgentX, Braavos via get-starknet
- π Token: STRK for staking and community rewards
- π¦ Antivirus: ClamAV for file scanning
- π Hashing: SHA-256 for file integrity
- π Native Messaging: Secure browser-to-native communication
Before you begin, ensure you have:
- Node.js (v18 or higher): Download
- Rust (latest stable): Install Rustup
- Scarb (Cairo toolchain): Install Scarb
- Starknet Foundry (sncast): Install Guide
- MongoDB (for backend server): Download
- ClamAV (automatic on first run, or manual install)
- Starknet Wallet (ArgentX or Braavos browser extension)
- Gemini 3 API Key (Required): Get API Key
- Git: For cloning the repository
The smart contract manages threat validation, voting, and reward distribution on Starknet.
βοΈ Detailed instructions: See contracts/README.md
Quick Start:
# Navigate to contracts directory
cd contracts
# Build the contract
scarb build
# Create deployment account
sncast account create --network sepolia --name deployer
# Fund account from faucet
# Visit: https://starknet-faucet.vercel.app/
# Deploy account
sncast account deploy --network sepolia --name deployer
# Declare contract
sncast declare --network sepolia --contract-name ZionicDB
# Deploy contract (save the contract address!)
sncast deploy --network sepolia \
--class-hash YOUR_CLASS_HASH \
--constructor-calldata YOUR_ADMIN_ADDRESS STRK_TOKEN_ADDRESSSave your deployed contract address - you'll need it for the extension configuration!
Default Rewards (configurable by admin):
- Insert threat: 10 points = 0.1 STRK
- Vote on threat: 2 points = 0.02 STRK
- Premium users: 2x multiplier
- Minimum to claim: 1000 points = 10 STRK
The extension monitors browsing activity and uses Gemini 3 to scan for threats.
π ```bash
git clone https://github.com/mitmelon/zionic.git cd zionic
npm install
npm run build:css
npm run build
npm run dev
**Install in Browser:**
1. Open Chrome and navigate to `chrome://extensions/`
2. Enable **Developer mode** (top right toggle)
3. Click **Load unpacked**
4. Select the `dist` folder from your build output
5. Pin the extension to your toolbar for easy access
**Verify Installation:**
- You should see the Zionic icon in your browser toolbar
- Click it to open the dashboard
- You'll be prompted to complete setup on first launch
---
### π¦ Step 3: Install Rust Security Engine
The Rust engine provides native file scanning via ClamAV and local LLM access.
π **Detailed instructions**: See [`program/zionic_engine/README.md`](program/zionic_engine/README.md)
**Quick Start:**
```bash
# Navigate to engine directory
cd program/zionic_engine
# Build for production
cargo build --release
# Run first-time setup
./target/release/zionic_engine
# (Windows: .\target\release\zionic_engine.exe)
What Happens:
- Checks for ClamAV installation (auto-installs on Windows)
- Starts ClamAV daemon
- Updates virus definitions
- Registers native messaging with your browsers
- Creates SQLite database for scan caching
- Installs LLM model that fits your device
- Exposes completion endpoints for extension access
Verify Installation:
# Test the engine
echo '{"action":"ping"}' | ./target/release/zionic_engine
# Should return: {"result":"success",...}The engine now runs automatically when the extension needs to scan files and access local LLM.
The backend server handles contract write operations and event aggregation.
π Quick Start:
# Navigate to server directory
cd zionic-server
# Create .env file in root directory
cd ..
touch .env # (Windows: type nul > .env)Configure .env file (in root directory):
# MongoDB Connection
MONGODB_URI=mongodb://localhost:27017/zionic
# Starknet Configuration
STARKNET_RPC_URL=your_rpc_endpoint
WALLET_PRIVATE_KEY=your_private_key_here
WALLET_ADDRESS=your_account_address_here
CONTRACT_ADDRESS=your_deployed_contract_address_here
NETWORK=sepolia
# Server API Security
API_KEY=your_secret_api_key_here
# Server Configuration
PORT=3000
# STRK token contract address (Sepolia) - same for mainnet too
STRK_TOKEN_ADDRESS=0x04718f5a0fc34cc1af16a1cdee98ffb20c31f5cd61d6ab07201858f4287c938dStart MongoDB (if running locally):
# Windows
mongod
# macOS (with Homebrew)
brew services start mongodb-community
# Linux
sudo systemctl start mongodStart the Server:
# From root directory
npm start
# Or for development with auto-reload
npm run devServerVerify Server:
# Should see:
# Server listening at http://0.0.0.0:3000
# Connected to MongoDBNow connect everything together! π―
- Open Extension: Click the Zionic icon in your browser
- Install Page: You'll see the installation welcome screen
- Click "Get Started": Proceed to login
- Choose Wallet: Select ArgentX or Braavos
- Connect: Authorize the connection request
- Sign In: Sign the authentication message
- Dashboard: You're now at the main dashboard
This is the most important step! Gemini 3 is the brain of zionic.
- Navigate to Settings: Click the gear icon
- Enter Gemini 3 API Key:
- Get key: Google AI Studio
- Paste into "Gemini API Key" field
- Click "Save"
- Select LLM Type: Choose
gemini(recommended for best protection)
Enhance protection with additional data sources:
- Server URL: Enter your server URL (e.g.,
http://localhost:3000) - Server API Key: Enter the API_KEY from your
.envfile
This enables blockchain reward distribution for validated threats.
If you deployed your own contract:
- Open the extension's
starknet.js - Update the contract address to your deployed address and RPC
- Save and rebuild the extension
Once configured, Zionic automatically protects you with Gemini 3 AI and earns rewards! π
- π Browse Normally: Zionic monitors in the background
- π€ Gemini 3 Analysis: AI analyzes and blocks suspicious sites using advanced reasoning
- π Auto-Report: Threats are submitted to the Starknet smart contract
- π³οΈ Community Votes: Other users validate your AI-detected findings
- π Earn STRK: Get blockchain rewards when threats are confirmed
- π Dashboard: View pending threats requiring validation
- π Review: Check threat details, URLs, and Gemini 3 analysis
- β Vote: Approve (valid threat) or Reject (false positive)
- π° Earn Points: 2 points per vote when you're in the majority
| Action | Points | STRK Value | Requirements |
|---|---|---|---|
| Report threat | 10 | 0.1 STRK | Threat approved by community |
| Vote on threat | 2 | 0.02 STRK | Vote with majority |
| Stake tokens | Varies | - | Unlock voting rights |
| Premium status | 2x | - | Set by admin |
Minimum to Claim: 1000 points (10 STRK)
Approval Threshold: 60% of votes must be positive
To report threats and vote, you must stake STRK:
- Minimum Stake: 10 STRK
- Lock Period: 30 days
- Purpose: Prevents spam and malicious reports
- Withdrawal: Available after lock period
zionic/
βββ contracts/ # Starknet smart contract (reward distribution)
β βββ src/
β β βββ lib.cairo # Main contract code
β βββ Scarb.toml # Contract dependencies
β βββ README.md # Contract build & deploy guide
β
βββ program/
β βββ zionic_engine/ # Rust security engine
β βββ src/
β β βββ main.rs # Native messaging & ClamAV
β βββ Cargo.toml # Rust dependencies
β βββ README.md # Engine build guide
β
βββ src/ # Chrome extension source
β βββ background.js # Service worker
β βββ content.js # Content script (page scanning orchestration)
β βββ dashboard.js # Dashboard UI logic
β βββ starknet.js # Blockchain interactions
β βββ images/ # Icons and assets
β
βββ dist/ # Built extension (after npm run build)
βββ zionic-server/ # Backend server (contract write proxy)
β βββ server.js
βββ manifest.json # Extension manifest (Manifest V3)
βββ package.json # Node dependencies
βββ README.md # This file
We welcome contributions! Here's how:
- Fork the repository
- Create a feature branch (
git checkout -b feature/amazing-feature) - Commit your changes (
git commit -m 'Add amazing feature') - Push to the branch (
git push origin feature/amazing-feature) - Open a Pull Request
- π€ Enhanced Gemini 3 prompts for better threat detection
- π Multi-language support
- π¨ UI/UX improvements
- π New security scanner integrations
- π Documentation enhancements
- π Bug fixes and optimizations
Gemini 3 is the core intelligence that makes Zionic revolutionary:
-
π§ Advanced Reasoning: Gemini 3's enhanced reasoning capabilities power sophisticated threat pattern recognition that goes beyond simple keyword matching
-
πΌοΈ Multimodal Analysis: Combines text, visual, and structural analysis to detect threats that fool traditional single-mode scanners
-
β‘ Real-Time Performance: Low-latency analysis ensures protection without compromising browsing experience
-
π― Novel Application: Demonstrates Gemini 3 in a critical real-world use case (cybersecurity) beyond chat interfaces
-
π Social Impact: Protects everyday users from financial fraud, identity theft, and malicious content
Starknet's Role: Provides decentralized storage for threat intelligence and reward distribution, creating economic incentives for community participation. The blockchain layer is purely for rewards and data persistenceβGemini 3 is the brain that makes all security decisions.
- Check Gemini 3 API key: This is required! Go to Settings and verify your API key is saved
- Check wallet connection: Ensure ArgentX/Braavos is installed and connected
- Reload extension: Go to
chrome://extensions/and click reload
- Rate limits: Free tier has limits, upgrade if needed
- Invalid key: Regenerate key from Google AI Studio
- API errors: Check browser console for detailed error messages
- ClamAV not starting: Manually install ClamAV for your OS
- Port 3310 busy: Another ClamAV instance is running, restart it
- See
program/zionic_engine/README.mdfor detailed troubleshooting
- Gemini 3 integration for AI-powered threat detection
- Multimodal analysis (text + visual content)
- Real-time protection with low latency
- Starknet smart contract for rewards
- Chrome extension with wallet integration
- Enhanced Gemini 3 prompts for even better accuracy
- Gemini 3-powered deepfake detection in images/videos
- Mobile app (React Native) with Gemini 3
- Enterprise API for businesses
- Threat intelligence marketplace
This project is licensed under the ISC License. See individual components for specific license details:
- Smart Contract: MIT License
- Rust Engine: Check source file headers
- Extension: ISC License
- π Website: zionic.work.gd
- π GitHub Issues: Report bugs
- π Documentation: See component READMEs for detailed guides
- π Smart Contract:
contracts/README.md - π¦ Rust Engine:
program/zionic_engine/README.md
- π Smart Contract:
Built with:
- π€ Gemini 3 (Google DeepMind) - The AI brain powering all threat detection
- π¦ Rust & Tokio
- ποΈ Cairo & Starknet (for decentralized rewards)
- π‘οΈ ClamAV
- β‘ Node.js & Webpack
- π¨ TailwindCSS
π Visit zionic.work.gd Β· Start protecting the web with Gemini 3 AI and earning rewards today! π