ZKAgentVerificationOrchestrator

Overview

ZKAgentVerificationOrchestrator.circom is the primary zkSNARK circuit for verifying the trustworthiness of LLM-based agents in the ZK-AgentMesh protocol. It enables zero-knowledge validation of training quality, ethics, and compliance without revealing any underlying data, model internals, or private metrics.

This circuit composes multiple modular sub-verifiers and outputs a unified proof of agent validity.

Objectives

This circuit proves that a deployed AI agent meets the following conditions:

  • Training quality surpasses a defined threshold

  • Ethical requirements are satisfied (bias, fairness, harmful content)

  • Compliance standards are met (data privacy, encryption, retention)

  • Each of these proofs is tied to cryptographic commitments submitted prior to training

The circuit enables these proofs to be verified without revealing:

  • The training data or model responses

  • Specific scores or implementation logic

  • The training infrastructure or source data identity

Architecture

The orchestrator integrates three sub-circuits:

  • TrainingQualityVerifier: Assesses training sample quality and output alignment

  • EthicsComplianceVerifier: Validates fairness, bias, and red-teaming results

  • ComplianceVerifier: Verifies privacy policies, data handling, and encryption

  • Additionally, it computes a Poseidon-based master_proof_hash that binds all subproofs

Inputs

Private Inputs (Not revealed during on-chain verification)

Training

  • training_samples[n_training_samples*32]: Flattened matrix of tokenized inputs

  • model_responses[n_training_samples*32]: Corresponding output tokens

  • quality_scores[n_training_samples]: Scores computed per sample

  • training_seed: Randomization value for training

  • model_weights_hash: Hash of initial model state

Ethics

  • bias_test_results[n_ethics_tests]: Scores from bias detection tests

  • fairness_scores[n_ethics_tests]: Fairness metrics per test

  • harmful_content_flags[n_ethics_tests]: Binary flags for unsafe content

  • ethics_training_data_hash: Hash of ethics-related training dataset

Compliance

  • privacy_protection_scores[n_compliance_tests]

  • data_handling_scores[n_compliance_tests]

  • encryption_standards[n_compliance_tests]

Capability

  • capability_scores[n_capability_tests]

  • performance_benchmarks[n_capability_tests]

Public Inputs (Visible to verifiers)

  • agent_id: Agent unique identifier

  • creator_address: On-chain wallet address of deployer

  • min_quality_threshold: Minimum acceptable training quality

  • max_bias_threshold: Maximum tolerable bias

  • min_privacy_score: Minimum compliance level

  • required_compliance_standard: Enum or category selector

  • training_commitment_hash: Hash of pre-training claims

  • ethics_commitment_hash: Hash of ethics intent

  • compliance_commitment_hash: Hash of compliance commitments

Public Outputs

  • agent_fully_verified: Aggregated boolean signal

  • quality_verification_result: Result from quality sub-circuit

  • ethics_verification_result: Result from ethics sub-circuit

  • compliance_verification_result: Result from compliance sub-circuit

  • master_proof_hash: Combined Poseidon hash of all subproofs

  • verification_timestamp: Placeholder timestamp; ideally block.time on-chain

Circuit Flow

Compilation Instructions

Prerequisites

  • circom

  • snarkjs

  • A trusted setup file (e.g. pot16_final.ptau)

Steps

# Compile circuit
circom ZKAgentVerificationOrchestrator.circom --r1cs --wasm --sym --c

# Setup powers of tau
snarkjs powersoftau new bn128 16 pot16_0000.ptau
snarkjs powersoftau contribute pot16_0000.ptau pot16_final.ptau

# Generate final proving key
snarkjs groth16 setup ZKAgentVerificationOrchestrator.r1cs pot16_final.ptau circuit_final.zkey

# Export verification key
snarkjs zkey export verificationkey circuit_final.zkey verification_key.json

Proof Workflow

Input Template (input.json)

{
  "training_samples": [...],
  "model_responses": [...],
  "quality_scores": [...],
  "training_seed": "...",
  "model_weights_hash": "...",
  "bias_test_results": [...],
  "fairness_scores": [...],
  "harmful_content_flags": [...],
  "ethics_training_data_hash": "...",
  "privacy_protection_scores": [...],
  "data_handling_scores": [...],
  "encryption_standards": [...],
  "agent_id": "...",
  "creator_address": "...",
  "min_quality_threshold": 800,
  "max_bias_threshold": 200,
  "min_privacy_score": 850,
  "required_compliance_standard": 1,
  "training_commitment_hash": "...",
  "ethics_commitment_hash": "...",
  "compliance_commitment_hash": "..."
}

Witness & Proof Generation

node circuit_js/generate_witness.js circuit.wasm input.json witness.wtns
snarkjs groth16 prove circuit_final.zkey witness.wtns proof.json public.json
snarkjs groth16 verify verification_key.json public.json proof.json

Integration

  • Used verification_key.json in smart contract verifier

  • Deployed ZKAgentVerifier.sol to validate agent proofs

  • Registered verified agents via on-chain hash lookup

  • Used agent_fully_verified == 1 to allow access or monetization

  • Reward agents or slash stakes based on verification results

Status

  • Stable: Quality, ethics, compliance flows tested

  • In Progress: Capability metrics and extensibility

  • Planned: Support for recursive proof chaining, dynamic agent roles, explainability circuits

PreviousEnd to End FlowNextTrainingQualityVerifier

Last updated