# ZKAgentVerificationOrchestrator ### Overview `ZKAgentVerificationOrchestrator.circom` is the primary zkSNARK circuit for verifying the trustworthiness of LLM-based agents in the ZK-AgentMesh protocol. It enables zero-knowledge validation of training quality, ethics, and compliance without revealing any underlying data, model internals, or private metrics. This circuit composes multiple modular sub-verifiers and outputs a unified proof of agent validity. *** ### Objectives This circuit proves that a deployed AI agent meets the following conditions: * Training quality surpasses a defined threshold * Ethical requirements are satisfied (bias, fairness, harmful content) * Compliance standards are met (data privacy, encryption, retention) * Each of these proofs is tied to cryptographic commitments submitted prior to training The circuit enables these proofs to be verified *without revealing*: * The training data or model responses * Specific scores or implementation logic * The training infrastructure or source data identity *** ### Architecture The orchestrator integrates three sub-circuits: * `TrainingQualityVerifier`: Assesses training sample quality and output alignment * `EthicsComplianceVerifier`: Validates fairness, bias, and red-teaming results * `ComplianceVerifier`: Verifies privacy policies, data handling, and encryption * Additionally, it computes a Poseidon-based `master_proof_hash` that binds all subproofs *** ### Inputs #### Private Inputs (Not revealed during on-chain verification) **Training** * `training_samples[n_training_samples*32]`: Flattened matrix of tokenized inputs * `model_responses[n_training_samples*32]`: Corresponding output tokens * `quality_scores[n_training_samples]`: Scores computed per sample * `training_seed`: Randomization value for training * `model_weights_hash`: Hash of initial model state **Ethics** * `bias_test_results[n_ethics_tests]`: Scores from bias detection tests * `fairness_scores[n_ethics_tests]`: Fairness metrics per test * `harmful_content_flags[n_ethics_tests]`: Binary flags for unsafe content * `ethics_training_data_hash`: Hash of ethics-related training dataset **Compliance** * `privacy_protection_scores[n_compliance_tests]` * `data_handling_scores[n_compliance_tests]` * `encryption_standards[n_compliance_tests]` **Capability** * `capability_scores[n_capability_tests]` * `performance_benchmarks[n_capability_tests]` *** #### Public Inputs (Visible to verifiers) * `agent_id`: Agent unique identifier * `creator_address`: On-chain wallet address of deployer * `min_quality_threshold`: Minimum acceptable training quality * `max_bias_threshold`: Maximum tolerable bias * `min_privacy_score`: Minimum compliance level * `required_compliance_standard`: Enum or category selector * `training_commitment_hash`: Hash of pre-training claims * `ethics_commitment_hash`: Hash of ethics intent * `compliance_commitment_hash`: Hash of compliance commitments #### Public Outputs * `agent_fully_verified`: Aggregated boolean signal * `quality_verification_result`: Result from quality sub-circuit * `ethics_verification_result`: Result from ethics sub-circuit * `compliance_verification_result`: Result from compliance sub-circuit * `master_proof_hash`: Combined Poseidon hash of all subproofs * `verification_timestamp`: Placeholder timestamp; ideally block.time on-chain *** ### Circuit Flow {% @mermaid/diagram content="graph TD Start\[Input Signals] --> Q\[TrainingQualityVerifier] Start --> E\[EthicsComplianceVerifier] Start --> C\[ComplianceVerifier] Q --> QO\[quality\_verification\_result] E --> EO\[ethics\_verification\_result] C --> CO\[compliance\_verification\_result] QO --> M\[MasterHasher] EO --> M CO --> M M --> H\[master\_proof\_hash] QO --> FV\[agent\_fully\_verified] EO --> FV CO --> FV" %} *** ### Compilation Instructions #### Prerequisites * circom * snarkjs * A trusted setup file (e.g. `pot16_final.ptau`) #### Steps ```bash # Compile circuit circom ZKAgentVerificationOrchestrator.circom --r1cs --wasm --sym --c # Setup powers of tau snarkjs powersoftau new bn128 16 pot16_0000.ptau snarkjs powersoftau contribute pot16_0000.ptau pot16_final.ptau # Generate final proving key snarkjs groth16 setup ZKAgentVerificationOrchestrator.r1cs pot16_final.ptau circuit_final.zkey # Export verification key snarkjs zkey export verificationkey circuit_final.zkey verification_key.json ``` *** ### Proof Workflow #### Input Template (input.json) ```json { "training_samples": [...], "model_responses": [...], "quality_scores": [...], "training_seed": "...", "model_weights_hash": "...", "bias_test_results": [...], "fairness_scores": [...], "harmful_content_flags": [...], "ethics_training_data_hash": "...", "privacy_protection_scores": [...], "data_handling_scores": [...], "encryption_standards": [...], "agent_id": "...", "creator_address": "...", "min_quality_threshold": 800, "max_bias_threshold": 200, "min_privacy_score": 850, "required_compliance_standard": 1, "training_commitment_hash": "...", "ethics_commitment_hash": "...", "compliance_commitment_hash": "..." } ``` #### Witness & Proof Generation ```bash node circuit_js/generate_witness.js circuit.wasm input.json witness.wtns snarkjs groth16 prove circuit_final.zkey witness.wtns proof.json public.json snarkjs groth16 verify verification_key.json public.json proof.json ``` *** ### Integration * Used `verification_key.json` in smart contract verifier * Deployed `ZKAgentVerifier.sol` to validate agent proofs * Registered verified agents via on-chain hash lookup * Used `agent_fully_verified == 1` to allow access or monetization * Reward agents or slash stakes based on verification results *** ### Status * Stable: Quality, ethics, compliance flows tested * In Progress: Capability metrics and extensibility * Planned: Support for recursive proof chaining, dynamic agent roles, explainability circuits