Topics · Domain workflow

Public records and civic systems

Appeals reviewers can check that a decision path was witnessed and open only the fields they are authorized to see under civic disclosure rules.

Concrete scenario

What this looks like in practice

A benefits system auto-denies an application. The applicant appeals and asks for proof the rules engine version and inputs hash used on the decision date. The vendor will not expose full case files to the public docket, yet the city must still show a recognized commitment existed.

Problem

What breaks today

Automated eligibility, permitting, and enforcement workflows already affect public life. Citizens need proof of machine-assisted decisions without forcing private case files onto the public internet or into vendor dashboards.

Mechanism

How ZK-SNAP responds

Agencies anchor receipt commitments with public recognition facts while sensitive fields remain in permissioned disclosure paths governed by profile rules and sealed claim openings. Optional attribution profiles separate who signed from what is publicly shown on civic recognition surfaces without exposing PII by default.

Verifiable outcome

What a verifier can check

Decision receipt verifies offline before civic recognition is considered.
Public recognition facts separate from PII-bearing disclosure paths.
Inclusion proofs support on-log claims when DoT-5 is in scope.
Undisclosed fields remain sealed until authorized opening.

Related profiles and labels

Recognized laterControlled disclosureAppeal-ready

Scope boundary

What a receipt does not replace

Receipts support accountable civic automation — not open records law compliance by themselves, electoral politics, or full transparency of every vendor subsystem.

Go deeper

Try the workflow, then read the spec.

Use Cases tells the story with cards. Proof Lab runs create and verify locally. Protocol holds the normative reference.

Use Cases Proof Lab How it works