Veritaszk
MCP server for VeritasZK zero-knowledge solvency proofs on Aleo. Lets AI agents query and verify organization proof-of-solvency status.
Ask AI about Veritaszk
Powered by Claude Β· Grounded in docs
I know everything about Veritaszk. Ask me about installation, configuration, usage, or troubleshooting.
0/500
Reviews
Documentation
VeritasZK β Prove Solvency. Reveal Nothing.
"We can achieve auditing logs unforgeable after commitment via secure timestamps. Since auditing controls are used to secure trillions of dollars of transactions every year, they are not going away." β Nick Szabo, Confidential Auditing, 1993
VeritasZK is the first onchain implementation of Szabo's 1993 confidential auditing protocol β built natively on Aleo. Organizations prove their assets exceed liabilities via zero-knowledge range proofs. The proof reveals exactly one number (a tier classification from 1-4) and one boolean (is_solvent). Nothing else. Ever.
β Live Demo Β· Indexer API Β· npm
The Problem
November 2, 2022 β CoinDesk leaks FTX's balance sheet. Six days later, $8 billion in customer funds is gone.
July 2022 β Celsius freezes withdrawals. $4.7 billion missing.
November 2022 β BlockFi files for bankruptcy. $1.8 billion.
Common thread: All had clean self-reported financials. No independent cryptographic verification existed.
The industry responded with Merkle Proof of Reserves. Binance published their reserves in late 2022 β 150,000+ wallet addresses made public. Trading bots exploited the address data within 48 hours. Privacy and transparency were forced to be a tradeoff.
The gap: No mechanism existed to prove solvency without either trusting the company's own numbers or revealing every wallet address they own.
The Insight
Nick Szabo solved this theoretically in 1993.
Range proofs over private inputs can prove a ratio (assets Γ· liabilities β₯ threshold) without revealing the numerator or denominator. The proof is cryptographically unforgeable. The underlying data is never disclosed.
The missing piece for 30 years: a blockchain where ZK proofs execute natively, private inputs remain private by default, and public mappings store only the verified result.
Aleo is that blockchain.
Why Only Aleo
This protocol is impossible to implement correctly on transparent chains:
| Chain | Problem |
|---|---|
| Ethereum | All state is public β asset amounts would be visible |
| Aztec | Private state exists but no clean L1 implementation |
| Solana | Fully public β no privacy primitives |
| Aleo | Private Records by default. Off-chain ZK execution. Public Mappings for results only. |
Aleo's architecture maps perfectly to the requirement:
- Private Records store asset/liability data β encrypted onchain, never exposed
- Leo transitions execute the range proof off-chain in the user's wallet
- Public Mappings store only the tier number and boolean β the verified result
- Selective disclosure allows controlled reveal for compliance if needed
No other L1 provides this combination. VeritasZK is not a workaround β it is what Aleo was designed to enable.
How It Works
βββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ
β ORGANIZATION β
β β
β Private Inputs (never leave the wallet): β
β β’ native_credits: 3,000,000 ALEO β
β β’ stablecoin_usd: 1,500,000 USDCx β
β β’ btc_equivalent: 500,000 β
β β’ other_assets: 200,000 β
β β’ total_liabilities: 1,000,000 β
ββββββββββββββββββββββββ¬βββββββββββββββββββββββββββββββββββββββ
β
β Leo transition executes in Shield Wallet
β ZK range proof computed off-chain
βΌ
βββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ
β ALEO TESTNET β
β β
β Public output (all that's stored): β
β β’ tier: 4 β
β β’ is_solvent: true β
β β’ commitment: thr_at1ftfa0c2cj... β
β β’ expiry_block: 16,132,111 β
ββββββββββββββββββββββββ¬βββββββββββββββββββββββββββββββββββββββ
β
β Anyone can query
βΌ
βββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ
β VERIFIER (counterparty, regulator) β
β β
β Sees: Tier 4 Institutional Β· Assets β₯ 3.0Γ Liabilities β
β Basel III Advanced IRB Β· Valid until block 16.1M β
β β
β Never sees: Any amount. Any address. Any asset name. β
βββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ
Tier System
| Tier | Name | Coverage | Regulatory Standard |
|---|---|---|---|
| T1 | Standard | β₯ 1.0Γ | Baseline solvency (general accounting) |
| T2 | Verified | β₯ 1.5Γ | Basel III Tier 1 Capital adequacy |
| T3 | Strong | β₯ 2.0Γ | Solvency II SCR coverage Β· MiCA Article 76 |
| T4 | Institutional | β₯ 3.0Γ | Basel III advanced IRB Β· Insurance SCR buffer |
User Roles
Organization β registers onchain identity, submits prove_threshold via Shield Wallet, manages proof expiry and delegation, downloads compliance certificate.
Verifier β any counterparty, regulator, or auditor. No wallet required. Searches by org name or commitment hash. Sees tier and expiry. Cannot see any underlying financial data.
Public β views the live proof ledger at /public. All active proofs, tier distribution, expiring soon alerts. Fully transparent at the proof level, fully private at the data level.
Deployed Programs β Aleo Testnet
| Program | Transaction | Role |
|---|---|---|
| veritaszk_registry.aleo | at1syv4aged4jk0gspqyadeq7sq40yga2x85kxc7pcyj60w9vydzczq3mj3at | Org identity, delegation, name registry |
| veritaszk_core.aleo | at19tn3me0tm5sct8q2a3zwz0ffkujtztz9td04psrjj3pmcencj5gse7yv3y | Proof engine, expiry, revocation, multi-wallet |
| veritaszk_audit.aleo | at1jqffrkx5tepef74nvqhmzscywg2ulx8p9ejf70gxj873l07lhgrqdhggfa | Compliance trail, verification logging, proof history |
| veritaszk_threshold.aleo | at1j9ghj3zu5a9n47t07nsyj3uu6f5q6g54u8vn22gse68e428lacqq7ugnz4 | AssetBundle range proofs, tier attestations |
Architecture
veritaszk_registry.aleo
βββββββββββββββββββββββββ
register_org
delegate_proof_authority
register_org_name
β
β validates org identity
βΌ
veritaszk_core.aleo
βββββββββββββββββββββββββ
prove_solvency
prove_solvency_multi_wallet
submit_proof_with_expiry
refresh_proof
revoke_proof_record
selective_disclose
/ \
audit events / \ tier proofs
/ \
βΌ βΌ
veritaszk_audit.aleo veritaszk_threshold.aleo
βββββββββββββββββββββ ββββββββββββββββββββββββββ
log_verification prove_threshold
link_proof_history verify_tier
record_proof_event revoke_tier_proof
record_compliance_disclosure
AssetBundle struct β 4 private asset classes:
struct AssetBundle {
native_credits: u64, // ALEO credits (private)
stablecoin_usd: u64, // USDCx / USAD (private)
btc_equivalent: u64, // BTC-equivalent (private)
other_assets: u64, // Other assets (private)
}
Proof lifecycle:
prove_thresholdβ submits range proof, issuesTierProofRecordonchainsubmit_proof_with_expiryβ anchors proof to a specific block heightrefresh_proofβ renews expiring proof without revealing datarevoke_proof_recordβ organization invalidates outdated proofdelegate_proof_authorityβ compliance team submits on org's behalf
Technical note: Registry validation is enforced at the application layer due to a Leo v4.0.0 CPI finalize-mapping read compiler limitation. Import statements remain in
veritaszk_core.aleofor architectural clarity. Full CPI cross-program invocation is planned for the next Leo release.
Privacy Model
What goes onchain:
tier: u8 // 1, 2, 3, or 4
is_solvent: bool // true or false
commitment: field // cryptographic hash
expiry_block: u32 // block height anchor
What never goes onchain:
β Asset amounts (any)
β Liability amounts
β Wallet addresses
β Asset composition or names
β Treasury strategy
β Identity of verifiers
β Historical balance data
No off-chain keys: VeritasZK holds zero encryption keys for financial data. Proof computation happens entirely inside the organization's Shield Wallet. No VeritasZK server, database, or backend ever receives a balance sheet. This is architecturally different from solutions that encrypt data under a project-controlled key β if that key is compromised, all historical financial data is exposed. VeritasZK has no such key to compromise.
Live Infrastructure
REST API Indexer
Base URL: https://veritaszk-production.up.railway.app
# Health check β current block height
curl https://veritaszk-production.up.railway.app/api/health
# All active proofs
curl https://veritaszk-production.up.railway.app/api/proofs
# Single org verification
curl https://veritaszk-production.up.railway.app/api/proofs/thr_commitment
# Network statistics
curl https://veritaszk-production.up.railway.app/api/stats
# Tier distribution across all orgs
curl https://veritaszk-production.up.railway.app/api/tiers
SDK
npm install veritaszk-sdk
import { batchVerifyFromIndexer, watchProof, isProofExpiredFromIndexer } from 'veritaszk-sdk'
// Verify multiple organizations at once
const results = await batchVerifyFromIndexer(
['commitment_1', 'commitment_2'],
'https://veritaszk-production.up.railway.app'
)
// Watch for live status changes (watchdog for expiry)
const stop = watchProof(
commitment,
(status) => console.log('Tier:', status.tier, '| Expired:', status.isExpired),
indexerUrl,
30000 // poll every 30 seconds
)
// Check if a specific proof has expired
const expired = await isProofExpiredFromIndexer(commitment, indexerUrl)
MCP Server (AI Agent Integration)
npm install veritaszk-mcp
{
"mcpServers": {
"veritaszk": {
"command": "npx",
"args": ["veritaszk-mcp"]
}
}
}
Tools available to AI agents:
check_org_solvencyβ verify an organization's current tier and statuslist_expiring_proofsβ find proofs expiring within a time window
CLI
npm install -g veritaszk-cli
veritaszk verify --org DemoExchange # verify by name
veritaszk verify --commitment thr_abc # verify by commitment
veritaszk list # list all active proofs
veritaszk watch thr_commitment # watch for status changes
veritaszk stats # network statistics
Frontend β 7 Pages
| Page | Purpose |
|---|---|
/ | Hero, mechanism, live stats, comparison table, inline 5-second demo |
/organization | Shield Wallet, org registration, prove_threshold, certificate download |
/verifier | Zero-wallet verification, regulatory mapping, embeddable badge |
/public | Live proof ledger, tier filters, expiry tracking |
/vision | The problem, Szabo lineage, regulatory alignment, roadmap |
/docs | API reference, SDK docs, animated CPI architecture diagram |
/enterprise | Compliance workflow, integration options |
Shield Wallet integration: Full 7-state connection machine with correct connect(network, decryptPermission, programs[]) invocation, executeTransaction with exact Leo struct literal format, transactionStatus polling for real at1... transaction IDs, and manual address fallback.
Who Needs This
| User | Problem | VeritasZK Solution |
|---|---|---|
| Crypto exchanges | Prove custodial solvency to institutional clients | T4 Institutional attestation without revealing trading positions |
| DAO treasuries | Transparent solvency for governance token holders | Public tier badge, private treasury |
| DeFi lending | Borrower collateral verification | Onchain tier proof, no strategy disclosure |
| Stablecoin issuers | Reserve ratio attestation under MiCA Article 76 | T3 Strong maps directly to MiCA Article 76 |
| Regulated funds | Basel III / Solvency II compliance reporting | Tier system maps to regulatory standards |
Wave 5 Changelog
New programs:
veritaszk_threshold.aleoβ 4th Leo program with AssetBundle struct and programmable confidence tiers 1-4
New program features (veritaszk_core, veritaszk_audit, veritaszk_registry):
- Proof expiry with block-height anchoring (
submit_proof_with_expiry) - Proof refresh without re-revealing data (
refresh_proof) - Proof revocation with onchain record (
revoke_proof_record) - Delegation authority for compliance teams (
delegate_proof_authority) - Onchain verification logging (
log_verification) - Proof history linking (
link_proof_history) - Org name registry (
register_org_name)
New infrastructure:
- REST API indexer on Railway β true chain indexer, polls Aleo testnet every 12 seconds
veritaszk-sdk@0.3.1β batchVerify, watchProof, isProofExpiredveritaszk-mcp@0.2.1β MCP server for AI agent compliance monitoringveritaszk-cli@0.2.1β terminal-based verification
New frontend:
- Complete rebuild β 7 pages, "Engraved Vault" design system
- ZKFieldAnimation hero β 320 hex-char particles collapse into Tier 4 badge
- Real Shield Wallet transaction submission (prove_threshold on testnet)
- transactionStatus polling for verified
at1...TX IDs - Downloadable compliance certificate (PNG with QR code)
- Embeddable verification badge
- Proof expiry countdown with color-coded urgency (green β amber β red)
- MCP server for AI agent integration
Local Development
git clone https://github.com/Vinaystwt/veritaszk
cd veritaszk
# Frontend
cd frontend && npm install && npm run dev
# β http://localhost:3000
# Indexer
cd bot && npm install && npm run dev
# Leo programs (requires Leo CLI v4.0.0+)
cd veritaszk_threshold && leo build --network testnet
cd veritaszk_core && leo build --network testnet
cd veritaszk_audit && leo build --network testnet
cd veritaszk_registry && leo build --network testnet
No .env required for frontend β Railway indexer URL is public.
Tech Stack
| Layer | Technology |
|---|---|
| Smart contracts | Leo v4.0.0 β 4 programs, Aleo Testnet |
| Frontend | Next.js 15, TypeScript, Tailwind CSS, Framer Motion |
| Wallet | Shield Wallet β Aleo native |
| Chain indexer | Node.js, Railway (always-on) |
| npm packages | veritaszk-sdk Β· veritaszk-mcp Β· veritaszk-cli |
| Hosting | Vercel (frontend) Β· Railway (indexer) |
Nick Szabo proposed confidential auditing in 1993. We built it natively on Aleo in 2026. VeritasZK β Prove Solvency. Reveal Nothing.