Prerequisites
- Node.js 18+
- npm, yarn, or pnpm
Step 1: Install
bash
npm install @quantzk/attestThis single package includes everything: prover, verifier, registry, transparency log, and verifier registry.
Step 2: Generate Your First Attestation
javascript
import { attest } from '@quantzk/attest';
const attestation = await attest({
pipeline: {
name: 'Loan Approval',
manifest: 'fair-lending-v1',
steps: ['application', 'identity', 'credit', 'fairness', 'pricing', 'decision']
},
decision: {
path: ['application', 'identity', 'credit', 'fairness', 'pricing', 'decision'],
inputs: { credit_score: 720, income: 85000, debt_ratio: 0.32 },
outcome: 'decision'
},
authority: {
type: 'legal_review',
name: 'Covington & Burling LLP',
ref: 'Opinion #2026-AI-FL-014'
}
});
console.log(attestation.attestation_id);
// → "vdi:att:0x7a3f..."
console.log(attestation.proof.system);
// → "groth16"What happened:
- The
attest()function loaded thefair-lending-v1constraint manifest from the built-in registry - It constructed a decision pipeline with 6 steps and 4 constraints
- It generated a real Groth16 zero-knowledge proof using the circuit artifacts
- It signed the entire attestation with Ed25519
- It returned a self-contained, portable attestation object
Your private inputs (credit_score, income, debt_ratio) are never included in the attestation. The ZK proof proves they satisfied all constraints without revealing them.
Step 3: Verify It Offline
javascript
import { verify } from '@quantzk/attest';
const result = await verify(attestation);
console.log(result.valid); // true
console.log(result.steps);
// [
// { step: 1, name: 'schema', valid: true },
// { step: 2, name: 'timestamps', valid: true },
// { step: 3, name: 'pipeline_integrity', valid: true },
// { step: 4, name: 'policy_integrity', valid: true },
// { step: 5, name: 'zk_proof', valid: true, detail: 'Groth16 proof mathematically valid' },
// { step: 6, name: 'signature', valid: true, detail: 'Ed25519 signature valid' },
// { step: 7, name: 'key_integrity', valid: true, detail: 'Key hash matches' }
// ]What happened:
- Schema validation, the attestation has all required fields
- Timestamp check, not expired, not issued in the future
- Pipeline integrity, pipeline hash is a valid SHA-256 hex string
- Policy integrity, constraint manifest hash is valid, authority type is recognized
- ZK proof verification, Groth16 proof is mathematically valid (the core check)
- Signature verification, Ed25519 signature over the canonical payload is valid
- Key integrity, verification key hash matches the embedded key
No server was contacted. No API was called. This runs entirely offline.
Step 4: Emit a Verification Receipt
Verification receipts let you propagate trust without re-verifying the ZK proof.
javascript
import { verifyAndReceipt } from '@quantzk/attest';
import { randomBytes } from 'crypto';
const verifierKey = randomBytes(32).toString('hex');
const { verification, receipt } = await verifyAndReceipt(attestation, {
signingKey: verifierKey,
verifierId: 'vdi:verifier:my-compliance-bot'
});
console.log(receipt.type);
// → "verification_receipt_v1"
console.log(receipt.result.valid);
// → true
console.log(receipt.signature.algorithm);
// → "Ed25519"What happened:
- The full 7-step verification was performed
- A verification receipt was created with the result
- The receipt was signed with your Ed25519 key
- The receipt includes an attestation hash binding it to the original attestation
Step 5: Propagate Trust to a Downstream Agent
Another agent can accept the receipt without re-running the expensive ZK verification.
javascript
import { verifyReceipt } from '@quantzk/attest';
const receiptOk = await verifyReceipt(receipt, {
attestation: attestation,
trustedVerifiers: ['vdi:verifier:my-compliance-bot']
});
console.log(receiptOk.valid); // true
console.log(receiptOk.checks);
// [
// { check: 'expiry', valid: true },
// { check: 'attestation_binding', valid: true },
// { check: 'trusted_verifier', valid: true },
// { check: 'receipt_signature', valid: true }
// ]What happened:
- Checked the receipt hasn't expired (24-hour TTL by default)
- Verified the receipt is bound to the correct attestation (hash match)
- Confirmed the verifier is in the trusted set
- Verified the receipt's Ed25519 signature
This takes ~2ms instead of ~27ms for full verification. At scale across 1000 agents, this is the difference between seconds and minutes.
Next Steps
- Core Concepts, Understand the protocol in depth
- API Reference, Full API documentation
- Enterprise Workflows, Real-world examples for lending, healthcare, AI governance
- Trust Model, Deep dive on trust propagation
