ZK-SNAP
ZK-SNAP is the receipt format at the core of ZK-AI. A machine acts — create, transform, approve, settle, command — and the protocol produces a signed receipt at that moment. The claim, fingerprint, and signature travel with the action, not with the platform dashboard. These are the domains where ZK-SNAP runs today.
Domain
An image is made, shared, copied, remixed, used in a training set, and stripped of its metadata somewhere along the way. By the time someone needs to prove it's theirs — or that it's real — the original context is gone. A receipt anchored at the moment of creation survives that journey. The original proves itself, from anywhere it ends up.
A model generates work that sounds like a real artist. The original sits in a training set the artist never approved. The artist needs to prove their version existed first, and under what terms.
Reviewers can check which version was signed and whether later material still matches the receipt trail.
An image is shared, downloaded, re-uploaded, and screenshot. Metadata is gone. A reviewer needs to know whether the visible image still matches the version that was originally signed.
A verifier can check whether content still matches the signed proof path after it leaves the original publishing surface.
Domain
An AI model is trained, deployed, and later questioned. A dataset is transformed through a pipeline and later audited. An agent executes a trade at 2am and the position is wrong. In each case, the question is the same: what actually happened, and can you prove it? The run is over. The dashboard has moved on. The receipt hasn't.
A model passes audit. Months later, a flag turns up in its outputs. The team needs to prove which dataset version the model actually saw, and which transformation pipeline produced it.
Auditors can check which dataset commitments and transformation claims were attached to a training or audit trail.
An agent executes a trade at 2am. The position is wrong. The system says it was within policy. Without a receipt the dashboard does not survive the dispute.
A later reviewer can check what action was signed, under which policy context, and by which issuing key.
A paper is published. Years later, someone wants to reproduce the experiment from the original data. The portal that hosted it is gone. The exported dataset is the only artifact left.
Reviewers can compare later reports or datasets against signed evidence commitments from the original workflow.
Domain
Decisions that affect the public are increasingly made by automated systems inside private vendor infrastructure. The public has a right to verify them — but not a right to see every underlying document. ZK-AI separates those two things: public proof that a decision was made, private disclosure of what it contained. Recognition without exposure.
A public decision was made by an automated workflow inside a private vendor's system. The public has the right to verify it without seeing every underlying record.
The public can check that a receipt commitment was recognized without exposing every underlying document.
A regulator asks a settlement system to prove it executed correctly. The transaction details are private. The proof needs to be public.
A verifier can check receipt recognition while sensitive disclosure remains permissioned.
Domain
A robot deviates from its approved operating envelope. A spacecraft executes an autonomous manoeuvre hours from the nearest ground station. A production deployment goes wrong and the team needs to know what was actually running, when, and signed by whom. ZK-SNAP receipts must verify offline — without a network, without a platform, and without asking anyone.
A robot deviates from its approved operating envelope. Before liability is assigned, someone needs to prove what commands ran, under what safety policy, and when.
Incident reviewers can check the signed command context and safety profile after the machine action has passed.
A production deployment goes wrong. The team rotates keys, switches vendors, and re-issues build attestations. Six months later an auditor needs to know what was actually running, when, and signed by whom.
A verifier can connect signed operational claims to later AnchorRecord material when on-log recognition is present.
A spacecraft executes an autonomous maneuver hours from the nearest ground station. The receipt has to travel back with the telemetry, intact, weeks later.
Operators can preserve signed command and safety evidence for later verification even when disclosure is delayed.