How Midnight's Compact Compiler Enforces Privacy at Compile Time

Most blockchain privacy tools trust the developer to handle data correctly. Midnight does not. And I found that out the hard way while building NightScore, a privacy-preserving credit attestation oracle on the Midnight Network. Let me walk you through what happened. What I Was Building NightScore lets borrowers prove their creditworthiness without revealing their financial data. The idea is simple: a borrower inputs their on-chain repayment history, wallet age, transaction volume, and default count locally. A Compact circuit computes a credit tier (Bronze, Silver, Gold) from that data. A ZK proof is generated. Only the tier gets written to the public Midnight ledger. The raw numbers never leave the device. That is the design. The contract looked clean. Then I tried to compile it. The Error Exception: nightscore.compact line 46 char 17: potential witness-value disclosure must be declared but is not: witness value potentially disclosed: the return value of witness onChainRepayments at li