ZK-SNAP
ZK-SNAP is the receipt format at the core of ZK-AI. A machine acts — create, transform, approve, settle, command — and the protocol produces a signed receipt at that moment. The claim, fingerprint, and signature travel with the action, not with the platform dashboard. These are the domains where ZK-SNAP runs today.
Domain
An image is made, shared, copied, remixed, used in a training set, and stripped of its metadata somewhere along the way. By the time someone needs to prove it's theirs — or that it's real — the original context is gone. A receipt anchored at the moment of creation survives that journey. The original proves itself, from anywhere it ends up.
Creative work now travels straight into remix systems, training sets, and repost networks. Artists need proof that a specific version existed before the copy, scrape, or model output arrived.
Rights reviewers can compare circulating material to the signed creation record and see whether the later file still belongs to that trail.
Media spreads faster than metadata. Re-uploads, crops, screen shots, and CDN transforms strip context; reviewers still need to know whether visible pixels match a signed version independent of the original hosting app.
Forensics teams hash the candidate media, verify the receipt offline, and read Sigil state — determining whether the asset matches the signed path after leaving the original surface.
Domain
An AI model is trained, deployed, and later questioned. A dataset is transformed through a pipeline and later audited. An agent executes a trade at 2am and the position is wrong. In each case, the question is the same: what actually happened, and can you prove it? The run is over. The dashboard has moved on. The receipt hasn't.
Model audits fail slowly. When harm appears in outputs, teams must reconstruct which dataset version, filtering steps, and evaluation artifacts actually formed the training path — not which slide deck said they did.
Auditors verify which dataset commitments and pipeline claims were signed, whether evaluation artifacts match roots, and where gaps exist in the staged trail.
Agents combine tool calls, delegated authority, and policy gates at machine speed. When something goes wrong, a dashboard summary is not enough. The action needs its own proof.
Risk and compliance teams can check the signed action and authority context without relying on a vendor summary after the damage is done.
Reproducibility depends on datasets, transforms, and instrument outputs that outlive portals, grants, and lab IT rotations. Publications without signed evidence trails age into unverifiable claims that cannot be challenged with mathematics.
Reviewers recompute digests on later submissions and verify they match signed commitments from the original workflow — seeing exactly where the replication diverges.
Domain
Decisions that affect the public are increasingly made by automated systems inside private vendor infrastructure. The public has a right to verify them — but not a right to see every underlying document. ZK-AI separates those two things: public proof that a decision was made, private disclosure of what it contained. Recognition without exposure.
Automated eligibility, permitting, and enforcement workflows already affect public life. Citizens need proof of machine-assisted decisions without forcing private case files onto the public internet or into vendor dashboards.
Appeals reviewers can check that a decision path was witnessed and open only the fields they are authorized to see under civic disclosure rules.
Settlement and clearing systems must prove correct execution to regulators and counterparties while keeping transaction details confidential. Public proof and private payloads pull in opposite directions during audits and enforcement reviews.
Regulators verify recognition and disclosed commitments match signed receipts while confidential fields remain sealed until authorized review by parties with disclosure rights.
Domain
A robot deviates from its approved operating envelope. A spacecraft executes an autonomous manoeuvre hours from the nearest ground station. A production deployment goes wrong and the team needs to know what was actually running, when, and signed by whom. ZK-SNAP receipts must verify offline — without a network, without a platform, and without asking anyone.
Robots move in the physical world. After an incident, a log narrative is not enough. Investigators need proof of what the machine was told to do and which safety rules were active.
Incident teams can check command context and safety rules after the physical event without depending on the vendor cloud console or narrative logs.
Deployments, firmware, and build attestations rotate across vendors and keys. After an incident, teams need to prove what artifact was running, who signed it, and when it was witnessed — not what the latest wiki page claims.
Verifiers match running digests to signed release receipts and, when present, confirm on-log recognition through inclusion proofs independent of the CI vendor dashboard.
Deep-space and high-latency links delay ground contact. Autonomous maneuvers must carry compact, signed evidence that survives weeks of transit, bit rot in relays, and still verifies when telemetry finally arrives at mission control.
Operators verify signed command and safety evidence after delayed downlink, checking integrity and profile declarations before updating mission risk posture or public communications.