Topics · Evidence gap
A later reviewer can check the signed production record without needing the vendor dashboard to still exist, agree, or explain itself independently.
Concrete scenario
A fintech workflow runs inside a SaaS dashboard for three years. Regulators ask for proof of automated credit decisions from 18 months ago. The vendor has sunset the product, the API is gone, and the exported CSV rows have no independent signature. Each row is plausible, but none of them prove what the system actually signed at decision time.
Problem
The record lives inside the system being questioned. When the account closes, retention expires, or the vendor disputes the export, the proof usually stays with the platform — not with the people who need it later.
Mechanism
Verifiable Machine Activity is recorded as a ZK-SNAP receipt at the moment of the accountable event. The receipt carries provenance, an inputs_root commitment to the claim, timestamp, declared profiles, and a signature under the ZKAI-SNAPSHOT domain prefix — material that can leave the dashboard as portable bytes.
Verifiable outcome
Scope boundary
Receipts prove what was signed at production time. They do not recreate unsigned platform events, guarantee vendor uptime, or by themselves establish on-log recognition — that requires governed Chain evidence when DoT-5 is in scope.