ZK-style verifiable execution traces for multi-step AI agent pipelines.
Every step in your pipeline produces a hash-linked proof with business rule assertions. Verify pipeline correctness without re-running it.
Multi-step AI agent pipelines (5-20 steps) are hard to test:
- Regression testing requires re-running the entire pipeline (slow, expensive)
- Debugging — when something breaks, you don't know which step failed
- Trust boundaries — agent A's output feeds agent B, but was it tampered?
- Audit — no proof that a pipeline executed correctly
Step 0: input_hash = hash(raw_data)
Step 1: enrich_proof = {input: input_hash, output: hash(enriched), assert: "all fields populated"}
Step 2: decide_proof = {input: enrich_hash, output: hash(decision), assert: "5 candidates, all scored"}
Step 3: action_proof = {input: decide_hash, output: hash(action), assert: "price in valid range"}
Step 4: verify_proof = {input: action_hash, output: hash(verification), assert: "external API checked"}
Step 5: settle_proof = {input: verify_hash, output: hash(settlement), assert: "amount = agreed_price"}
Each proof contains the previous step's hash (chain linkage) + current output hash + readable assertions.
A verifier only needs to check the proof chain — no need to re-run the pipeline.
pip install agent-proof-chainfrom agent_proof_chain import ProofChain, Verifier, BudgetCircuit, StateTransitionCircuit
# 1. Instrument your pipeline
chain = ProofChain(subject="my-agent-run")
chain.add_step("fetch", input_data, output_data, [
("got 100 records", "len(records) == 100", True),
])
chain.add_step("transform", prev_output, new_output, [
("all records valid", "all_valid", True),
])
chain.add_step("decide", new_output, decision, [
("price in range", "100 <= price <= 500", True),
])
# 2. Verify the chain
valid, errors = chain.verify()
# 3. Add circuit validators for business rules
verifier = Verifier()
verifier.add_circuit(BudgetCircuit([
{"name": "price_valid", "field": "price", "min": 100, "max": 500},
]))
verifier.add_circuit(StateTransitionCircuit({
"draft": ["active"], "active": ["completed"],
}))
report = verifier.verify(chain, circuit_data)
print(report.summary())| ZK Concept | Agent Testing |
|---|---|
| Witness | Input data at each step (user data, API responses, model outputs) |
| Circuit | Business logic rules (pricing formula, state machine, budget constraints) |
| Proof | Output hash + assertions ("selected 5 candidates, all scored above threshold") |
| Verification | Check proof chain integrity without re-running |
Deterministic — fully verifiable (math is math):
- State machine transitions follow allowed paths
- Price is within tier range
- Total rewards don't exceed budget
- Commission <= total payment
Structural — verify shape, not semantics (LLM outputs vary):
- Generated proposal has "Executive Summary" section
- Brief contains "Required Actions"
- Output is > 500 chars
from agent_proof_chain import (
StateTransitionCircuit, # validate state machine
BudgetCircuit, # arithmetic constraints
StructureCircuit, # LLM output structure
SchemaCircuit, # data schema validation
)# Verify a saved proof chain
proof-chain verify proof.json
# Inspect chain details
proof-chain inspect proof.json- Regression without re-running — only re-run changed steps, verify chain didn't break
- Multi-agent trust boundaries — proof ensures data wasn't tampered between agents
- Debug localization — chain breaks at the exact step with the bug
- Audit trail — every pipeline run has its own execution proof
Built and battle-tested on a production multi-agent pipeline (6 steps, 4 circuits). Proof chains verified 4 real transactions with 68 assertions and 73 circuit checks — all passing.
MIT