README.md

---
license: mit
tags:
  - zero-knowledge-proof
  - zkp
  - audit
  - compliance
  - privacy
  - noir
  - barretenberg
  - affixio
  - circuit
task: zero-knowledge-proof
model_type: noir_circuit
framework: noir
library_name: noir
base_model: audit_proof
datasets: []
metrics: []
inference: false
pipeline_tag: other
---

# Audit Proof Circuit

A zero-knowledge proof circuit for generating tamper-proof audit logs without exposing sensitive data. This circuit implements patent claims 6 and 9, providing cryptographic integrity verification for audit trails while maintaining complete privacy.

## ⚠️ Important: SDK Required with API Key

**This circuit requires the AffixIO SDK from NPM to function. The SDK is NOT included in this repository.**

**For production use, you MUST have an API key from AffixIO. Get your API key at: https://dashboard.affix-io.com**

## Model Details

- **Circuit Type**: Zero-Knowledge Proof (Noir)
- **Proof System**: Noir (Barretenberg backend)
- **Version**: 0.1.0
- **Use Case**: Audit logging, compliance verification, tamper-proof records
- **License**: MIT
- **Developed by**: AffixIO

## Model Description

The Audit Proof circuit generates zero-knowledge proofs for audit logs, allowing verification of audit integrity without revealing:
- Decision values
- Timestamps
- Pseudonymised identifiers
- Rule hashes

This enables privacy-preserving compliance logging and audit trail verification across industries including finance, healthcare, government, and enterprise sectors.

## Inputs

The circuit accepts four private inputs (all `Field` type):

| Input | Type | Description |
|-------|------|-------------|
| `decision_value` | Field | The decision value being audited |
| `timestamp` | Field | Timestamp of the audit event |
| `pseudonymised_id` | Field | Pseudonymised identifier for privacy |
| `rules_hash` | Field | Cryptographic hash of the rules applied |

## Outputs

The circuit returns a single public output:

| Output | Type | Description |
|--------|------|-------------|
| `integrity_verified` | Field | Integrity verification result (1 = verified, 0 = failed) |

## Installation

### Step 1: Install the AffixIO SDK

**This is required to use this circuit. The SDK is not included in this repository.**

```bash
npm install @affixio/sdk
```

### Step 2: Get Your API Key

1. Sign up at https://dashboard.affix-io.com
2. Navigate to API Keys section
3. Create a new API key
4. Copy your API key (starts with `affix_`)

### Step 3: Install Noir (Optional - for circuit development only)

If you want to compile or modify the circuit locally:

```bash
# Using noirup (Recommended)
curl -L https://raw.githubusercontent.com/noir-lang/noirup/main/install | bash
noirup

# Or using npm
npm install -g @noir-lang/noir_wasm

# Or using cargo
cargo install nargo
```

## Usage

### Production Usage with API Key (Required)

**You must use an API key for production deployments. Sandbox mode is only for testing.**

```typescript
import { AffixIO } from '@affixio/sdk';

// Initialize SDK with your API key
const sdk = new AffixIO({
  apiKey: process.env.AFFIXIO_API_KEY || 'affix_xxxxxxxxxxxxxxxxxxxxxxxxxxxxxx',
  baseURL: 'https://api.affix-io.com'
});

// Generate audit proof
const result = await sdk.circuits.auditProof({
  decisionValue: 1, // 1 = approved, 0 = denied
  pseudonymisedId: '0x1234567890abcdef1234567890abcdef',
  rulesHash: '0xabcdef1234567890abcdef1234567890',
  timestamp: new Date().toISOString()
});

console.log('Decision:', result.decision ? 'Approved' : 'Denied');
console.log('Verified:', result.verified);
console.log('Proof ID:', result.proofId);
console.log('Proof:', result.proof);
```

### Environment Variables

For security, store your API key in environment variables:

```bash
# .env file
AFFIXIO_API_KEY=affix_xxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
```

```typescript
import { AffixIO } from '@affixio/sdk';

const sdk = new AffixIO({
  apiKey: process.env.AFFIXIO_API_KEY, // Load from environment
  baseURL: 'https://api.affix-io.com'
});
```

### Sandbox Mode (Testing Only)

**Note: Sandbox mode is for testing only. Production requires an API key.**

```typescript
import { AffixIO } from '@affixio/sdk';

// Initialize SDK in sandbox mode (no API key needed for testing)
const sdk = new AffixIO({
  sandbox: true
});

// Generate audit proof
const result = await sdk.circuits.auditProof({
  decisionValue: 1,
  pseudonymisedId: '0x1234567890abcdef',
  rulesHash: '0xabcdef1234567890',
  timestamp: new Date().toISOString()
}, true); // Use sandbox mode

console.log('Decision:', result.decision);
console.log('Verified:', result.verified);
console.log('Proof:', result.proof);
```

### Direct Circuit Compilation (Advanced)

If you want to compile and use the circuit directly with Noir (not recommended for production):

```bash
# Compile the circuit
nargo compile

# This generates circuit artifacts in target/
```

Then use with Noir SDK:

```typescript
import { Noir } from '@noir-lang/noir_js';
import { BarretenbergBackend } from '@noir-lang/backend_barretenberg';
import circuit from './target/audit_proof.json';

// Initialize backend and circuit
const backend = new BarretenbergBackend(circuit);
const noir = new Noir(circuit);

// Prepare inputs
const inputs = {
  decision_value: "1",
  timestamp: "1704067200",
  pseudonymised_id: "0x1234567890abcdef",
  rules_hash: "0xabcdef1234567890"
};

// Generate proof
const proof = await noir.generateProof(inputs);

// Verify proof
const verification = await noir.verifyProof(proof);
console.log('Verification result:', verification);
```

## Examples

See the `examples/` directory for complete usage examples:
- `basic-usage.ts` - Basic SDK usage with sandbox mode
- `authenticated-usage.ts` - Production API usage with API key
- `batch-audit.ts` - Batch audit proof generation

## Use Cases

### Compliance & Regulatory
- **GDPR/CCPA Compliance**: Generate audit proofs without storing personal data
- **Financial Audits**: Tamper-proof transaction logs
- **Healthcare**: HIPAA-compliant audit trails
- **Government**: Secure compliance verification

### Enterprise Applications
- **Access Control**: Audit access decisions without exposing user data
- **Decision Logging**: Privacy-preserving decision audit trails
- **Compliance Reporting**: Generate verifiable compliance reports
- **Risk Management**: Audit risk assessment decisions

## Circuit Structure

```
.
├── src/
│   └── main.nr          # Main circuit implementation
├── Nargo.toml           # Noir project configuration
├── Prover.toml.example  # Example prover configuration
├── README.md            # This file
├── examples/            # Usage examples
│   ├── basic-usage.ts
│   ├── authenticated-usage.ts
│   └── batch-audit.ts
├── metadata.yaml        # Circuit metadata
├── LICENSE              # MIT License
└── CITATION.cff         # Citation information
```

## Input Format

All inputs are Noir `Field` types, which are integers modulo the field modulus. When using the SDK, you can pass:

- **Numbers**: String representations (e.g., `"1"`, `"1704067200"`)
- **Hex Strings**: Hexadecimal strings prefixed with `0x` (e.g., `"0x1234"`)
- **BigInt**: BigInt values for large numbers
- **ISO Timestamps**: For timestamp fields, the SDK accepts ISO 8601 strings which are converted to Unix timestamps

## Output Format

The circuit returns a `Field` value:
- `1` if integrity verification passes
- `0` if integrity verification fails

## Security Notes

⚠️ **Important Security Considerations**:

- **API Key Security**: Never commit API keys to version control. Always use environment variables
- This circuit uses a simplified integrity check. In production, consider implementing proper cryptographic hash verification
- Always verify proofs on-chain or in a trusted verification environment
- Keep private inputs secure and never expose them in logs or error messages
- Use the AffixIO SDK for production deployments as it includes additional security features
- Store proofs securely and maintain proof verification records

## Performance

- **Proof Generation**: < 500ms average (online), < 200ms (offline with SDK)
- **Verification**: < 100ms average
- **Circuit Size**: Optimized for production use

## Limitations

- Simplified integrity check (for production, use full cryptographic hashing)
- **Requires AffixIO SDK with API key for production use**
- Field size limitations apply (Noir field modulus)
- SDK must be installed separately (not included in repository)

## API Key Management

### Getting an API Key

1. Visit https://dashboard.affix-io.com
2. Sign up or log in
3. Navigate to "API Keys" section
4. Create a new API key
5. Copy and store securely

### Using API Keys Securely

```typescript
// ✅ Good: Use environment variables
const sdk = new AffixIO({
  apiKey: process.env.AFFIXIO_API_KEY
});

// ❌ Bad: Hardcode API keys
const sdk = new AffixIO({
  apiKey: 'affix_my_secret_key_here' // Never do this!
});
```

### API Key Format

API keys start with `affix_` followed by a long alphanumeric string:
```
affix_xxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
```

## Citation

If you use this circuit in your research or production system, please cite:

```bibtex
@software{affixio_audit_proof,
  title = {Audit Proof Circuit - Zero-Knowledge Proof for Tamper-Proof Audit Logs},
  author = {AffixIO},
  year = {2024},
  url = {https://huggingface.co/affixio/audit-proof-circuit}
}
```

## License

MIT License - See LICENSE file for details

## Contributing

Contributions to improve the circuit or documentation are welcome. Please ensure:
- All changes maintain backward compatibility
- Security best practices are followed
- Tests are included for new features

## Support

For issues related to:

- **This Circuit**: Open an issue on the Hugging Face model page
- **AffixIO SDK**: Visit https://www.affix-io.com/docs or email support@affix-io.com
- **API Keys**: Visit https://dashboard.affix-io.com
- **Noir SDK**: Visit [Noir documentation](https://noir-lang.org/docs) or [Noir GitHub](https://github.com/noir-lang/noir)

## References

- [AffixIO Documentation](https://www.affix-io.com/docs)
- [AffixIO SDK](https://www.npmjs.com/package/@affixio/sdk)
- [AffixIO Dashboard](https://dashboard.affix-io.com)
- [Noir Documentation](https://noir-lang.org/docs)
- [Noir GitHub Repository](https://github.com/noir-lang/noir)
- [Zero-Knowledge Proofs Explained](https://en.wikipedia.org/wiki/Zero-knowledge_proof)

## Related Models

Check out other AffixIO circuits on Hugging Face:
- [Yes/No Decision Circuit](https://huggingface.co/affixio/yesno-circuit)
- [KYC Circuit](https://huggingface.co/affixio/kyc-circuit)
- [Eligibility Circuit](https://huggingface.co/affixio/eligibility-circuit)
- [Consent Verification Circuit](https://huggingface.co/affixio/consent-verification-circuit)

---

**Built with ❤️ by [AffixIO](https://www.affix-io.com)**

**⚠️ Remember: This circuit requires the AffixIO SDK with an API key for production use. Get your API key at https://dashboard.affix-io.com**