A zero-knowledge proof-based proxy body cooperation logic closed loop verification system
By using a closed-loop verification system for agent collaboration logic based on zero-knowledge proofs, the problems of logical inconsistency, data leakage, and resource waste in agent collaboration systems are solved, achieving data privacy protection and a fast and secure collaboration process.
Patent Information
- Authority / Receiving Office
- CN · China
- Patent Type
- Applications(China)
- Current Assignee / Owner
- SHENZHEN SAHARA INFORMATION TECHNOLOGY CO LTD
- Filing Date
- 2026-04-09
- Publication Date
- 2026-06-05
AI Technical Summary
Existing agent collaboration systems have problems in trust establishment, privacy protection, rule execution consistency, and anomaly response mechanisms, including logical inconsistencies, data leakage risks, resource waste, and insufficient identity verification.
A closed-loop verification system for agent collaboration logic based on zero-knowledge proof is adopted, including a contract conversion module, a task execution module, a proof generation module, an identity verification module, and a closed-loop verification module. By converting collaboration rules into arithmetic circuits, zero-knowledge proof strings are generated, and dual verification of identity and ability is performed to achieve trigger-based closed-loop verification.
Ensure logical consistency between execution and verification, protect data privacy, reduce trust costs, improve system security and response speed, and prevent resource waste in abnormal situations.
Smart Images

Figure CN122160069A_ABST
Abstract
Description
Technical Field
[0001] This invention belongs to the field of proxy collaboration security technology, specifically a closed-loop verification system for proxy collaboration logic based on zero-knowledge proof. Background Technology
[0002] With the rapid development of distributed computing, blockchain technology, and AI agents, multi-agent collaboration has become a mainstream solution for complex tasks. In this model, multiple independent agent nodes need to collaborate according to a pre-defined protocol to complete data processing, logical judgments, or resource scheduling. However, existing agent collaboration systems suffer from the following technical problems regarding trust establishment, privacy protection, rule execution consistency, and anomaly response mechanisms.
[0003] First, most existing technologies rely on smart contracts described in natural language or hard-coded business logic scripts. These rule descriptions suffer from semantic ambiguity and are prone to confusion. Different agents, when parsing the same collaboration agreement, may exhibit inconsistent execution logic due to misunderstandings or differences in code implementation. Furthermore, existing systems lack mechanisms to transform abstract business rules into standardized mathematical structures. This results in a mismatch between the logical standards used by the "execution end" and the "verification end." The executor runs tasks according to its own understanding, while the verifier often only performs simple result-level checks, unable to mathematically prove whether the execution process adheres to the agreement's constraints.
[0004] Secondly, to achieve verifiability, existing systems typically require agents to transmit raw input data, intermediate computation processes, and even core trade secrets in plaintext to verification nodes or other collaborators. This directly leads to the risk of sensitive data leakage, making agents possessing core data hesitant to participate in collaboration. Although some solutions employ encrypted transmission, the verifier can still see the plaintext data after decryption, failing to achieve "usable but invisible." Existing general encryption methods cannot prove the correctness of computational logic to the outside world without exposing private witness values.
[0005] Furthermore, most systems, upon receiving a collaboration request, directly send it to a complex cryptographic verification process, lacking a pre-emptive identity integrity check and capability assessment mechanism. This requires the system to consume expensive computing resources to verify a malicious request from an illegal domain, with tampered data, or that lacks any execution capability, resulting in wasted resources. Simultaneously, existing identity verification often only involves superficial comparison of digital signatures, lacking dynamic assessment of the proxy's domain credibility and real-time capability thresholds, making it easy for forged identities or incompetent nodes to infiltrate the collaboration network. Summary of the Invention
[0006] In view of the above situation and to overcome the shortcomings of the prior art, the present invention provides a closed-loop verification system for agent collaboration logic based on zero-knowledge proof, so as to at least partially solve the above technical problems.
[0007] The technical solution adopted in this invention is as follows: This invention proposes a closed-loop verification system for agent collaboration logic based on zero-knowledge proof, comprising: Contract conversion module, task execution module, proof generation module, identity verification module, and closed-loop verification module; The output of the contract conversion module is connected to the instruction input of the task execution module and the circuit parameter input of the closed-loop verification module via a data bus, respectively, to convert the cooperation rules in the received multi-agent cooperation task protocol into arithmetic circuits and distribute the generated arithmetic circuit parameters to downstream modules. The signal output terminal of the task execution module is connected to the data input terminal of the proof generation module, which is used to respond to the collaborative task of the requesting agent, execute logic according to the received arithmetic circuit, collect internal input data and common input data during the task execution process, and synchronously transmit the internal input data and common input data to the proof generation module. The proof output terminal of the proof generation module is connected to the verification input terminal of the identity verification module. It is used to generate a zero-knowledge proof string by using the arithmetic circuit as the verification template, the received internal input data as private data, and the public input data as public data, and then send the generated zero-knowledge proof string to the identity verification module. The verification result output terminal of the identity verification module is connected to the trigger control terminal of the closed-loop verification module. It is used to receive the zero-knowledge proof string, retrieve the dynamic agent identity identifier, compare and verify the verification code and home domain identifier of the dynamic agent identity identifier, and send a trigger signal to the closed-loop verification module after the verification is passed. The closed-loop verification module establishes communication connections with the contract conversion module, the proof generation module, and the identity verification module, respectively. After receiving the trigger signal, it retrieves the stored arithmetic circuit parameters and common input data, performs a trigger-based verification operation in combination with the received zero-knowledge proof string, and controls the system state machine to jump or terminate the collaborative task according to the verification operation result.
[0008] In one embodiment of the present invention, the contract conversion module is internally provided with a rule decomposition unit, a logic mapping unit and a circuit assembly unit; The input end of the rule decomposition unit is connected to an external protocol interface to receive collaborative rules that include task division, execution timing, parameter thresholds and exception handling rules, and decomposes the collaborative rules into multiple independent logical units. The signal input terminal of the logic mapping unit is connected to the output terminal of the rule decomposition unit, and is used to map each logic unit into a corresponding sub-circuit structure. The sub-circuit structure is composed of an adder gate, a multiplier gate and a logic gate connected in series or in parallel through physical lines. The output terminal of the adder gate is connected to the input terminal of the multiplier gate, and the control terminal of the logic gate is connected to the comparison result output terminal of the parameter threshold. The input terminal of the circuit assembly unit is connected to the output terminal of the logic mapping unit, and is used to connect all the sub-circuits in series according to the execution timing to form a complete arithmetic circuit. The final output terminal of the arithmetic circuit corresponds to the execution standard judgment value of the cooperation rule, and encapsulates the topology data and gate circuit connection relationship data of the arithmetic circuit into a circuit parameter package, which is sent to the task execution module and the closed-loop verification module through the data bus.
[0009] In one embodiment of the present invention, the proof generation module integrates an initialization unit, a proof calculation unit, and a parameter storage unit. The parameter storage unit is used to store public parameters generated through a trusted setup ceremony. The public parameters include a proof key and a verification key. The proof key is stored in the secure storage area of the proof generation module and is not authorized to read from external networks. The input terminal of the initialization unit is connected to the contract conversion module, which is used to load the arithmetic circuit and the public parameters, and to establish a computing environment for generating zero-knowledge proofs; The data input terminal of the proof calculation unit is connected to the task execution module and the initialization unit respectively. It is used to receive internal input data, public input data and arithmetic circuit model, perform polynomial commitment calculation using the Groth16 algorithm, embed the internal input data as private witness value into the calculation process, generate a zero-knowledge proof string containing group element points, the length of the zero-knowledge proof string is fixed and smaller than the volume of the original execution data, and send it to the identity verification module through an encrypted communication channel.
[0010] In one embodiment of the present invention, the identity verification module is internally configured with an identity parsing unit, a hash comparison unit, and a capability matching unit; The input end of the identity resolution unit is connected to the proof generation module and is used to extract the dynamic proxy identity identifier of the responding agent from the received data packet. The dynamic proxy identity identifier includes a check code field, a home domain identifier field, and a capability attribute field. The first input of the hash comparison unit is connected to the identity parsing unit, and the second input is connected to the local cache database. It is used to extract the non-verification code part of the dynamic agent identity identifier, calculate its MD5 hash value, and compare the calculated hash value with the verification code field bit by bit. If the comparison result is consistent, a first verification pass signal is generated. The input of the capability matching unit is connected to the identity parsing unit and the preset trusted domain list storage respectively. It is used to determine whether the home domain identifier field exists in the preset trusted domain list, and to retrieve the agent capability attribute data in the core patent 1 cache module to verify whether the capability attribute field meets the minimum capability threshold of the current collaborative task. If the home domain verification is passed and the capability attribute meets the requirements, a second verification pass signal is generated. The input terminals of the logic AND gate of the identity verification module are respectively connected to the output terminals of the first verification pass signal and the second verification pass signal. The identity verification module outputs a high-level trigger signal to the closed-loop verification module only when both signals are high.
[0011] In one embodiment of the present invention, the closed-loop verification module is internally provided with a verification scheduling unit, an algorithm execution unit, and a state control unit; The input terminal of the verification scheduling unit is connected to the trigger control terminal of the identity verification module. It is used to simultaneously retrieve arithmetic circuit parameters from the contract conversion module, retrieve common input data from the common data buffer, and read zero-knowledge proof strings from the data receiving buffer after detecting a high-level trigger signal. The signal input terminal of the algorithm execution unit is connected to the verification scheduling unit, which is used to load the verification key in the public parameters, take the arithmetic circuit parameters, public input data and zero-knowledge proof string as input variables, and perform bilinear pairing verification operation. If the pairing operation result is in the target group unit, the verification result is determined to be true; otherwise, the verification result is determined to be false. The control input terminal of the state control unit is connected to the output terminal of the algorithm execution unit. When the verification result is true, the state control unit drives the system state machine to jump from the "verification in progress" state to the "execution successful" state, and sends a success confirmation message to the requesting agent, while sending a settlement trigger pulse to the settlement system. When the verification result is false, the state control unit drives the system state machine to jump to the "abnormal termination" state, cuts off the data connection with the responding agent, and generates a blocking instruction containing an exception type code.
[0012] In one embodiment of the present invention, a log tracing module is further included, wherein the data input terminal of the log tracing module is respectively connected to the output terminal of the identity verification module, the timestamp output terminal of the proof generation module, and the status output terminal of the closed-loop verification module; The log tracing module is internally equipped with a data acquisition unit, an encryption processing unit, and a distributed storage unit. The data acquisition unit is used to capture identity verification result data, the start and end times of zero-knowledge proof generation, the time consumed by verification operations, the Boolean value of the verification result, and the node identifiers before and after the system state machine transition in real time. The input terminal of the encryption processing unit is connected to the data acquisition unit and is used to perform encryption operations on the captured data using the AES-256 encryption algorithm to generate ciphertext log blocks. The ciphertext log blocks contain an immutable timestamp watermark. The distributed storage unit is connected to the encryption processing unit and is used to copy and store the ciphertext log block to at least three physically isolated distributed nodes. Each distributed node has an independent read / write permission verification interface, which only allows auditing terminals with specific private keys to read the log content.
[0013] In one embodiment of the present invention, an interface adaptation module is further included, which is disposed between the contract conversion module and the external HarmonyOS operating system, and between the proof generation module and the domestic large model interface. For the HarmonyOS operating system, the interface adaptation module has a protocol conversion unit inside, which is used to convert the storage format of arithmetic circuit parameters into a data frame structure supported by the HarmonyOS secure communication protocol, and add an integrity check code to the data transmission link; For the domestic large model interface, the interface adaptation module has a proof encapsulation unit inside, which is used to encapsulate header information that conforms to the domestic large model input standard on the outer layer of the zero-knowledge proof string. The header information includes proof type identifier, version number and length field, so that the domestic large model interface can recognize and parse the zero-knowledge proof string. The interface adaptation module is also equipped with a security gateway located on the data transmission path, which is used to perform two-way authentication on the arithmetic circuit data entering the system and the proof data leaving the system to prevent unauthorized protocol iteration attacks.
[0014] In one embodiment of the present invention, an anomaly handling module is further included, wherein the input terminal of the anomaly handling module is connected to the anomaly signal output terminal of the closed-loop verification module; The anomaly handling module includes a cause analysis unit, a strategy selection unit, and a notification execution unit. The cause analysis unit is used to receive the verification failure report returned by the closed-loop verification module, parse the error code in the report, and generate a retry instruction if the error code indicates a deviation in execution logic; if the error code indicates data tampering or forgery, a blocking instruction is generated. The strategy selection unit is connected to the cause analysis unit and is used to call a preset handling strategy library according to the instruction type. For retry instructions, the strategy selection unit is configured to send a reinitialization signal to the task execution module; for blocking instructions, the strategy selection unit is configured to generate a blacklist broadcast packet containing the identity of the violating agent. The notification execution unit is connected to the policy selection unit and is used to synchronously send the blacklist broadcast packet to all associated agent nodes in the collaborative network, and modify the local access control list to restrict the subsequent collaborative permissions corresponding to the identity of the violating agent.
[0015] In one embodiment of the present invention, the implementation process of the Groth16 algorithm in the proof generation module specifically includes: During the system initialization phase, public parameters are generated, including elliptic curve generators, random poisoning parameters, and a common reference string. The common reference string is divided into proof-side parameters and verification-side parameters, wherein the proof-side parameters are stored in the secure memory of the proof generation module. During the proof generation phase, the responder's agent uses internal input data as private witness value and public input data as public instance, substitutes them into the rank-one constraint system corresponding to the arithmetic circuit, calculates the intermediate polynomial coefficients, and uses the proof-side parameters to blind the intermediate polynomial coefficients, generating a zero-knowledge proof string containing three group elements. The generation process of the zero-knowledge proof string is completed in the local execution environment of the responder's agent. The internal input data is immediately cleared from memory after the calculation is completed, and only the zero-knowledge proof string is retained for external transmission, ensuring that the internal input data is not visible in the transmission link and the verification end.
[0016] In one embodiment of the present invention, the trigger-based verification process in the closed-loop verification module specifically includes: In the preloading step, while the identity verification module outputs a high-level trigger signal, the verification scheduling unit loads the constraint matrix, common input vector, and zero-knowledge proof string of the arithmetic circuit into the register group of the verification algorithm executor in parallel. In the pairing verification step, the algorithm execution unit uses the verification side parameters to calculate the bilinear pairing product of each group element in the zero-knowledge proof string and the arithmetic circuit constraint matrix, and compares the calculation result with the target value derived based on the common input vector. In the result feedback step, if the comparison result is within the preset error tolerance range, a logic high-level signal is output to drive the state machine to jump and generate a success receipt containing a verification pass timestamp; if the comparison result exceeds the error tolerance range, a logic low-level signal is output to trigger the exception handling process and record the mathematical evidence chain of verification failure, wherein the mathematical evidence chain contains the index of specific constraint terms that caused the pairing verification failure.
[0017] The beneficial effects of the technical solution of this invention are as follows: This invention transforms the originally abstract, ambiguous, and easily misunderstood multi-agent collaboration protocol into a standardized arithmetic circuit composed of addition gates, multiplication gates, and logic gates through the collaborative operation of rule decomposition, logic mapping, and circuit assembly units within the contract conversion module. This solidifies the business logic into a mathematically derivable topological structure, ensuring that all subsequent execution and verification have a unique and clear mathematical benchmark. The circuit parameter package generated by the module is synchronously distributed to both execution and verification ends, ensuring absolute consistency between the "exam paper" and the "grading standard".
[0018] This invention achieves a balance between data availability and privacy through the cooperation of a task execution module and a proof generation module. While the task execution module collects internal private and public data according to arithmetic circuit logic, the proof generation module uses a key pair generated by a trusted setup ceremony and the Groth16 algorithm to perform multinomial commitment calculations on sensitive internal input data as private witness values in a local secure environment. Finally, it outputs only a zero-knowledge proof string of fixed length and much smaller in volume than the original data, cutting off the risk of exposure of the original data in the transmission link. Even in an open network environment, the verifier does not need to know any specific trade secrets or personal privacy. The compliance of the task execution can be confirmed solely by the string, reducing the trust cost in multi-party collaboration and enabling untrusted agents to confidently carry out in-depth collaboration while protecting their respective core data.
[0019] This invention employs a dual access control mechanism comprised of an identity verification module and a closed-loop verification module to ensure the security and real-time performance of the system. The identity verification module uses a dual filtering approach of hash comparison and capability matching to verify not only the integrity of the data source and the credibility of the domain, but also dynamically assess whether the agent's execution capability meets the standards. Only requests that simultaneously satisfy cryptographic integrity and business compliance can trigger the subsequent verification process. Upon receiving a trigger signal, the closed-loop verification module immediately retrieves pre-stored circuit parameters and public data, uses bilinear pairing operations to perform millisecond-level triggered verification of zero-knowledge proofs, and directly maps the verification results to jump instructions in the system state machine. This achieves seamless transition from verification success to task confirmation, or instantly terminates collaboration and activates a circuit breaker mechanism upon detecting an anomaly, thereby improving the system's response speed and anti-attack capabilities.
[0020] Additional aspects and advantages of the invention will be set forth in part in the description which follows, and in part will be obvious from the description, or may be learned by practice of the invention. Attached Figure Description
[0021] The above and / or additional aspects and advantages of the present invention will become apparent and readily understood from the following description of the embodiments taken in conjunction with the accompanying drawings, wherein: Figure 1 This is a module framework diagram of the agent collaboration logic closed-loop verification system based on zero-knowledge proof proposed in an embodiment of the present invention; Figure 2 This is a functional framework diagram of the first module of the agent collaboration logic closed-loop verification system based on zero-knowledge proof proposed in an embodiment of the present invention. Figure 3 This is a functional framework diagram of the second module of the agent collaboration logic closed-loop verification system based on zero-knowledge proof proposed in an embodiment of the present invention. Figure 4 This is a functional framework diagram of the third module of the agent collaboration logic closed-loop verification system based on zero-knowledge proof proposed in an embodiment of the present invention. Figure 5 This is a functional framework diagram of the fourth module of the agent collaboration logic closed-loop verification system based on zero-knowledge proof proposed in an embodiment of the present invention. Detailed Implementation
[0022] Embodiments of the present invention are described in detail below, examples of which are illustrated in the accompanying drawings, wherein the same or similar reference numerals denote the same or similar elements or elements having the same or similar functions throughout. The embodiments described below with reference to the accompanying drawings are exemplary and intended to explain the present invention, and should not be construed as limiting the present invention.
[0023] The following describes an embodiment of the present invention, a closed-loop verification system for agent collaboration logic based on zero-knowledge proof, with reference to the accompanying drawings.
[0024] like Figures 1 to 5 As shown, this embodiment of the invention provides a closed-loop verification system for agent collaboration logic based on zero-knowledge proof, including: a contract conversion module, a task execution module, a proof generation module, an identity verification module, and a closed-loop verification module; The output of the contract conversion module is connected to the instruction input of the task execution module and the circuit parameter input of the closed-loop verification module via a data bus. It is used to convert the cooperation rules in the received multi-agent cooperation task protocol into arithmetic circuits and distribute the generated arithmetic circuit parameters to downstream modules. The signal output terminal of the task execution module is connected to the data input terminal of the proof generation module. It is used to respond to the collaborative task of the requesting agent, execute logic according to the received arithmetic circuit, collect internal input data and common input data during the task execution process, and transmit the internal input data and common input data to the proof generation module synchronously. The proof output of the proof generation module is connected to the verification input of the identity verification module. It is used to generate a zero-knowledge proof string by using an arithmetic circuit as the verification template, the received internal input data as private data and the public input data as public data, and then send the generated zero-knowledge proof string to the identity verification module. The verification result output terminal of the identity verification module is connected to the trigger control terminal of the closed-loop verification module. It is used to receive the zero-knowledge proof string, retrieve the dynamic agent identity identifier, compare and verify the verification code and home domain identifier of the dynamic agent identity identifier, and send a trigger signal to the closed-loop verification module after the verification is passed. The closed-loop verification module establishes communication connections with the contract conversion module, the proof generation module, and the identity verification module, respectively. After receiving a trigger signal, it retrieves the stored arithmetic circuit parameters and common input data, combines them with the received zero-knowledge proof string to perform a trigger-based verification operation, and controls the system state machine to jump or terminate the collaborative task based on the verification operation result.
[0025] In specific applications, the contract conversion module parses and formalizes the multi-agent collaborative task protocol. After receiving the natural language or semi-structured collaborative protocol, the module uses its built-in compilation engine to convert the abstract business logic rules into arithmetic circuits that can be executed by a computer. The generated arithmetic circuit parameters are then synchronously distributed to two nodes via a data bus. One path is sent to the task execution module as its underlying instruction set, and the other path is sent to the closed-loop verification module as the standard benchmark for subsequent verification. This ensures that the logic followed by the execution end and the standard relied upon by the verification end come from the same source, thus physically preventing inconsistencies between the execution standard and the verification standard.
[0026] Once the task execution module receives the arithmetic circuit parameters, it officially initiates the collaborative task of the requesting agent. During execution, the module operates according to the logical path defined by the arithmetic circuit and collects various types of data generated during task execution in real time. The data collection adopts a dual-stream isolation strategy to separate internal input data involving the agent's core privacy from publicly available environmental state input data. Internal input data represents the agent's private knowledge or sensitive decision-making basis, while public input data is the basic information for consensus among the collaborating parties. Both types of data are synchronously transmitted to the proof generation module after generation. During the transmission process, the internal input data is always kept encrypted or referenced in local memory and is not exposed to the external network in any plaintext form. After receiving these two types of data, the proof generation module uses the previously issued arithmetic circuit as the sole verification template, initiates the zero-knowledge proof algorithm, uses the internal input data as a private witness and the public input data as a public statement, and generates a short zero-knowledge proof string through complex cryptographic operations. The string mathematically proves that the task executor does indeed possess the correct private data and completes the calculation according to the logic of the arithmetic circuit, but the entire process does not reveal any bit information of the private data. The generated proof string is then sent to the identity verification module for further processing.
[0027] Upon receiving the zero-knowledge proof string, the identity verification module introduces a dynamic proxy identity identification mechanism for dual verification. The module retrieves the dynamic identity identifier of the proxy in the current session. The identifier includes a timestamp, a session random number, and a dynamic factor of the domain information, which can effectively prevent replay attacks and identity forgery. The system compares the generation context of the proof string with the checksum and domain identifier in the dynamic identity identifier. Only when the zero-knowledge proof itself is mathematically valid and the identity of the proxy that generated the proof is legitimate and the domain is correct will the identity verification module send a trigger signal to the closed-loop verification module. This step strongly binds the authenticity of the cryptographic proof with the authenticity of the network entity's identity, ensuring the credibility of the collaborating subject. Upon receiving a trigger signal, the closed-loop verification module retrieves the locally stored arithmetic circuit parameters and common input data. Combined with the zero-knowledge proof string that has just passed identity verification, it performs the final trigger-based verification operation. Since the arithmetic circuit parameters held by the closed-loop verification module are directly derived from the initial contract conversion module and are not affected by the execution process, this verification is the ultimate check of the entire collaboration logic. The result of the verification operation directly drives the transition of the control system's state machine. If the verification passes, the state machine automatically transitions to the next collaboration stage or completes task delivery, achieving fully automated trust transition. If the verification fails, the state machine immediately transitions to the termination state, freezes relevant resources, and cuts off the connection. This constructs a self-healing and resilient logical closed loop at the system level, ensuring that collaboration among multiple agents in an open network environment protects privacy while maintaining logical consistency.
[0028] In one specific implementation, the contract conversion module is internally equipped with a rule decomposition unit, a logic mapping unit, and a circuit assembly unit. The input of the rule decomposition unit is connected to an external protocol interface to receive collaborative rules containing task allocation, execution timing, parameter thresholds, and exception handling rules, and decomposes the collaborative rules into multiple independent logic units. The signal input of the logic mapping unit is connected to the output of the rule decomposition unit to map each logic unit into a corresponding sub-circuit structure. The sub-circuit structure is composed of adders, multipliers, and logic gates connected in series or parallel through physical lines. The output of the adder is connected to the input of the multiplier, and the control of the logic gate is connected to the comparison result output of the parameter threshold. The input of the circuit assembly unit is connected to the output of the logic mapping unit. It is used to connect all sub-circuits in series according to the execution timing to form a complete arithmetic circuit. The final output of the arithmetic circuit corresponds to the execution standard judgment value of the cooperation rule. The topology data and gate circuit connection relationship data of the arithmetic circuit are encapsulated into a circuit parameter package and sent to the task execution module and the closed-loop verification module through the data bus.
[0029] In practical applications of this invention, at the start of work, the collaborative rules received by the rule decomposition unit through the external protocol interface often contain complex mixed information such as task division, execution sequence, parameter thresholds, and exception handling. In its original state, the information is semantic and unstructured. The rule decomposition unit uses a pre-set semantic analysis algorithm to peel away the macroscopic collaborative rules layer by layer and identify the independent logical atoms. For example, the rule "stop the motor when the temperature exceeds 50 degrees" is decomposed into three independent logical units: "read the temperature value", "compare with 50", and "output a stop signal". This ensures that each business action is extracted into the smallest indivisible logical granule, laying the foundation for subsequent mathematical processing.
[0030] The disassembled independent logic units are sent to the logic mapping unit. The logic mapping unit directly calls the underlying circuit component library to map each logic unit one-to-one to a specific sub-circuit structure. For example, "accumulation calculation" in business logic will be directly instantiated as an addition gate on the physical circuit, "condition judgment" or "weight allocation" will be instantiated as a multiplication gate, and logic judgment involving "whether the standard is met" will directly correspond to the control terminal of the logic gate. The output terminal of the addition gate will be directly connected to the input terminal of the multiplication gate to form a data flow transmission chain. The control terminal of the logic gate is specifically connected to the comparison result output terminal of the parameter threshold. Each condition judgment in the business rule becomes the on / off control of electrical signals in the circuit. The originally abstract "if...then..." logic ensures that after the business logic is transformed into a circuit, its operation behavior is completely consistent with the original meaning, without any ambiguity.
[0031] Finally, all generated sub-circuit structures are sent to the circuit assembly unit for overall integration. The circuit assembly unit connects these sub-circuits sequentially along the timeline, like building blocks, according to the execution timing defined in the original protocol. The actual running data is input into this circuit, and the final output of the circuit can directly tell the system whether the task is compliant. After completing the topology construction, the circuit assembly unit encapsulates the topology data of the entire arithmetic circuit and the connection relationship data between each gate circuit into a standardized circuit parameter package, which is sent to the task execution module and the closed-loop verification module simultaneously through the data bus. Sending it to the closed-loop verification module is to let it know how to check, fundamentally ensuring that the execution end and the verification end use the same set of logical standards, eliminating trust gaps caused by misunderstandings or version asynchrony, thereby realizing a seamless closed loop of collaborative rules from text definition to mathematical execution to automatic verification.
[0032] In one specific implementation, the proof generation module integrates an initialization unit, a proof calculation unit, and a parameter storage unit. The parameter storage unit is used to store the public parameters generated through the trusted setup ceremony. The public parameters include the proof key and the verification key. The proof key is stored in the secure storage area of the proof generation module and is not open to external networks for reading. The input of the initialization unit is connected to the contract conversion module, which is used to load the arithmetic circuit and the public parameters, and to establish the computing environment for generating zero-knowledge proofs. The data input terminals of the proof calculation unit are connected to the task execution module and the initialization unit, respectively. They are used to receive internal input data, public input data and arithmetic circuit models. The Groth16 algorithm is used to perform polynomial commitment calculation. The internal input data is embedded as a private witness value in the calculation process to generate a zero-knowledge proof string containing group element points. The length of the zero-knowledge proof string is fixed and smaller than the volume of the original execution data. It is then sent to the identity verification module through an encrypted communication channel.
[0033] In specific applications, the core key pair generated by the parameter storage unit through a trusted setup ceremony includes a proof key and a verification key. The proof key is confined to a secure storage area inside the module, physically isolated from external network access, ensuring that even if an attacker breaches the external network, they cannot obtain the private key material required to generate false proof.
[0034] When the system starts, the initialization unit intervenes first. It loads the pre-built arithmetic circuit model from the contract conversion module and retrieves the aforementioned public parameters from the parameter storage unit. The initialization unit mathematically binds the logical structure of the arithmetic circuit with the proof key, pre-calculates the intermediate variables required for the polynomial commitment, and builds a zero-knowledge proof computation sandbox dedicated to the current task. This ensures that all subsequent computations are performed in this controlled and isolated environment, preventing external interference or side-channel attacks. Subsequently, the proof computation unit begins to execute the core computational tasks, simultaneously receiving internal and public input data from the task execution module, as well as the circuit model and computational environment prepared by the initialization unit. The internal input data is directly embedded into the complex mathematical operations as private witness values, while the public input data participates in the verification as public statements. The proof computation unit uses the efficient Groth16 algorithm to transform the originally massive execution logic into polynomial commitment computation on an elliptic curve, hiding the specific values of the internal input data behind the discrete logarithm problem of group elements, so that the final generated zero-knowledge proof string consists of only a few fixed group element points.
[0035] In one specific implementation, the identity verification module is internally configured with an identity parsing unit, a hash comparison unit, and a capability matching unit. The input end of the identity resolution unit is connected to the proof generation module, which is used to extract the dynamic proxy identity identifier of the responding agent from the received data packet. The dynamic proxy identity identifier includes a check code field, a home domain identifier field, and a capability attribute field. The first input end of the hash comparison unit is connected to the identity resolution unit, and the second input end is connected to the local cache database. It is used to extract the non-check code part of the dynamic proxy identity identifier, calculate its MD5 hash value, and compare the calculated hash value with the check code field bit by bit. If the comparison result is consistent, a first verification pass signal is generated. The input terminals of the capability matching unit are connected to the identity resolution unit and the preset trusted domain list memory, respectively. It is used to determine whether the home domain identifier field exists in the preset trusted domain list and to retrieve the agent capability attribute data in the cache module of core patent 1 to verify whether the capability attribute field meets the minimum capability threshold of the current collaborative task. If the home domain verification is successful and the capability attribute meets the requirements, a second verification pass signal is generated. The input terminals of the logic AND gate of the identity verification module are connected to the output terminals of the first verification pass signal and the second verification pass signal, respectively. The identity verification module outputs a high-level trigger signal to the closed-loop verification module only when both signals are high.
[0036] In a specific application of this invention, when the data packet sent by the proof generation module arrives, the identity resolution unit first starts working, extracting the dynamic proxy identity identifier of the responding agent from the complex data stream. The identifier is a structured composite data body, internally encapsulating a verification code field, a home domain identifier field, and a capability attribute field, so that the identity information simultaneously possesses tamper-proofness, traceability of source, and business adaptability, providing a rich data foundation for subsequent multi-dimensional verification.
[0037] Subsequently, the system enters the first layer of security filtering, namely the integrity self-verification process performed by the hash comparison unit. The unit extracts the core data (excluding the checksum) from the parsed dynamic identity identifier, performs a one-way hash operation on it using the standard MD5 hash algorithm, and generates a new hash fingerprint. This fingerprint, calculated in real time, is compared bit by bit with the original checksum field in the identity identifier. The essence of this process is to let the data prove itself to have not been tampered with. If any bit flips or malicious modifications occur during transmission, the calculated hash value will differ from the preset checksum. If the comparison fails, the process will be directly blocked. Only when the two are completely consistent will the unit generate the first verification pass signal representing the integrity of the data, effectively defending against man-in-the-middle attacks and data packet tampering risks, and ensuring the original authenticity of the identity information.
[0038] After confirming data integrity, the capability matching unit then initiates the second layer of logical verification. First, it searches and matches the extracted home domain identifier field with the system's internal preset trusted domain list storage to ensure that the responding agent comes from a certified legitimate organization or network area, preventing the infiltration of untrusted external nodes. At the same time, it also retrieves the historical data of the agent's capability attributes stored in the core patent 1 cache module and quantitatively compares the current requester's capability attribute fields with the minimum capability threshold required by the currently executed collaborative task. This not only verifies "who" the agent is, but also verifies "what" the agent can do, ensuring that its computing power, storage, or algorithm support capabilities are sufficient to handle the current complex task. Only when the home domain is verified as trustworthy and the capability attributes meet the task threshold will the unit generate a second verification pass signal representing business compliance.
[0039] In one specific implementation, the closed-loop verification module includes a verification scheduling unit, an algorithm execution unit, and a state control unit. The input terminal of the verification scheduling unit is connected to the trigger control terminal of the identity verification module. Upon detecting a high-level trigger signal, it simultaneously retrieves arithmetic circuit parameters from the contract conversion module, retrieves common input data from the common data buffer, and reads the zero-knowledge proof string from the data receiving buffer. The signal input terminal of the algorithm execution unit is connected to the verification scheduling unit. It loads the verification key from the public parameters, uses the arithmetic circuit parameters, common input data, and zero-knowledge proof string as input variables, and performs a bilinear pairing verification operation. If the pairing operation result is at the target group unit, the verification result is determined to be true; otherwise, the verification result is determined to be false. The control input of the state control unit is connected to the output of the algorithm execution unit. When the verification result is true, the state control unit drives the system state machine to jump from the "verification in progress" state to the "execution successful" state, and sends a success confirmation message to the requesting agent, while sending a settlement trigger pulse to the settlement system. When the verification result is false, the state control unit drives the system state machine to jump to the "abnormal termination" state, cuts off the data connection with the responding agent, and generates a blocking instruction containing an exception type code.
[0040] In specific applications, the verification scheduling unit of this invention keenly captures the high-level trigger signal issued by the identity verification module. Once the signal is detected, the verification scheduling unit will initiate a concurrent data capture mechanism, simultaneously initiating requests to three different sources: retrieving the initially defined arithmetic circuit parameters from the contract conversion module to ensure that the verification basis is completely consistent with the original contract; extracting the public input data during the task execution process from the public data cache as a publicly verifiable verification context; and reading the zero-knowledge proof string transmitted by the proof generation module from the data receiving buffer. The three data streams are converged into the same memory space within the time window to form a complete verification triplet. The synchronous retrieval mechanism ensures a high degree of consistency in timestamps and logical versions of all elements required for verification, avoiding verification deviations caused by asynchronous data updates.
[0041] Subsequently, the aggregated data is sent to the algorithm execution unit for cryptographic verification. The algorithm execution unit first loads the verification key pre-stored in the public parameters. The key is the public key portion generated during the trusted setup ceremony, used to unlock the mathematical authenticity of the zero-knowledge proof. Then, the unit initiates a complex bilinear pairing verification operation, which performs multi-dimensional algebraic fusion of the structural constraints of the arithmetic circuit parameters, the numerical constraints of the public input data, and the group element points in the zero-knowledge proof string. The core logic of the operation is to check whether the result of these input variables after bilinear mapping is accurate to the identity element of the target group. This is a black-and-white judgment standard in mathematics. If the result of the pairing operation converges to the identity element, the verification result is judged as true. Conversely, even a one-bit deviation or logical jump error will cause the operation result to deviate from the identity element, and the verification result will be judged as false immediately.
[0042] Finally, when the verification result is true, the state control unit immediately drives the system state machine to smoothly transition from the current "verifying" state to the "execution successful" state. This not only signifies the successful completion of the logical loop of this collaborative task but also triggers a series of subsequent business actions. These include sending a digitally signed success confirmation message to the requesting agent to establish the legal validity of the task completion, and simultaneously sending a settlement trigger pulse to the back-end settlement system to automatically initiate the clearing process for funds or resources, achieving automated connection from technical verification to commercial value realization. Conversely, if the verification result is false, the state control unit instantly drives the system state machine to the "abnormal termination" state. This immediately and physically severs all data connections with the responding agent to prevent further spread of erroneous data or continued malicious attacks. It also automatically generates a blocking instruction containing a specific exception type code. This instruction not only records the reason for the failure but also locks down the logical link where the exception occurred, providing a solid chain of evidence for subsequent security audits and accountability.
[0043] In one specific implementation, it also includes a log tracing module, the data input end of which is connected to the output end of the identity verification module, the timestamp output end of the proof generation module, and the status output end of the closed-loop verification module, respectively. The log tracing module internally includes a data acquisition unit, an encryption processing unit, and a distributed storage unit; The data acquisition unit is used to capture identity verification result data, the start and end times of zero-knowledge proof generation, the time consumed by verification operations, the Boolean value of the verification result, and the node identifiers before and after the system state machine transition in real time. The input end of the encryption processing unit is connected to the data acquisition unit and is used to perform encryption operations on the captured data using the AES-256 encryption algorithm to generate ciphertext log blocks. The ciphertext log blocks contain an immutable timestamp watermark. The distributed storage unit is connected to the encryption processing unit and is used to copy and store the ciphertext log blocks to at least three physically isolated distributed nodes. Each distributed node has an independent read and write permission verification interface, allowing only audit terminals with specific private keys to read the log content.
[0044] It also includes an interface adaptation module, which is set between the contract conversion module and the external HarmonyOS operating system, as well as between the proof generation module and the domestic large model interface. For the HarmonyOS operating system, the interface adaptation module has a protocol conversion unit inside, which is used to convert the storage format of arithmetic circuit parameters into the data frame structure supported by the HarmonyOS secure communication protocol, and add an integrity check code in the data transmission link; for the domestic large model interface, the interface adaptation module has a proof encapsulation unit inside, which is used to encapsulate header information conforming to the domestic large model input standard on the outer layer of the zero-knowledge proof string. The header information includes proof type identifier, version number and length fields, so that the domestic large model interface can recognize and parse the zero-knowledge proof string; The interface adaptation module also includes a security gateway located on the data transmission path. This gateway is used to perform two-way authentication on arithmetic circuit data entering the system and authentication data leaving the system, preventing unauthorized protocol iteration attacks.
[0045] In practical applications, after constructing a logical closed-loop verification capability, this invention introduces a log traceability module and an interface adaptation module to further ensure the traceability, security, and compatibility of the entire collaboration process in complex heterogeneous environments. The log traceability module begins by capturing real-time data across the entire chain. Its internal data acquisition unit is connected to the output of the identity verification module, the timestamp output of the proof generation module, and the status output of the closed-loop verification module. From the moment the agent's identity is confirmed, to the start and end times of zero-knowledge proof generation, to the specific number of milliseconds consumed in the verification operation, and even whether the final verification result is true or false, and from which node the system state machine jumps to which node, all these minute dynamic data are captured and aggregated in real time. The comprehensive data capture mechanism ensures that any logical jump and any time delay during system operation are completely recorded, with no monitoring blind spots.
[0046] The collected raw data immediately enters the encryption processing unit, transforming the originally readable log information into ciphertext log blocks that cannot be directly cracked. During the encryption process, an immutable timestamp watermark is embedded, giving each log entry a unique temporal fingerprint. Any attempt to forge, modify, or delete logs afterward will be immediately exposed due to a mismatch in the timestamp watermark, thus providing dual physical and mathematical protection for the authenticity of the audit data. The processed ciphertext log blocks are not stored in a single location; they are copied and stored across at least three physically isolated distributed nodes, enhancing data disaster recovery capabilities. Even if individual nodes suffer physical damage or network attacks, the log data remains intact. Each distributed node has an independent read / write permission verification interface; only authorized audit terminals holding a specific private key can unlock and read the log content, providing a chain of evidence for subsequent accountability and security audits.
[0047] Meanwhile, interface adaptation modules are deployed between the contract conversion module and the external HarmonyOS operating system, and between the proof generation module and the domestic large-scale model interface, resolving the "language incompatibility" problem between different technology stacks. When facing the HarmonyOS operating system, the protocol conversion unit within the interface adaptation module automatically intervenes, converting the storage format of the arithmetic circuit parameters generated internally by the system into the standard data frame structure supported by the HarmonyOS secure communication protocol in real time. It also dynamically adds integrity check codes to the data transmission link, ensuring smooth data transmission within the HarmonyOS microkernel environment and leveraging HarmonyOS's own security features to add an extra layer of protection to data transmission, preventing bit flips or data loss during transmission. When interfacing with the domestic large-scale model interface, the proof encapsulation unit automatically encapsulates header information conforming to the domestic large-scale model input standard on the outer layer of the zero-knowledge proof string. The header information includes proof type identifier, version number, and length field metadata, enabling the large-scale model interface to quickly recognize and parse the internal zero-knowledge proof string like recognizing ordinary text. This allows the large-scale model to perform intelligent decision-making or logical reasoning based on this privacy-protected proof data, achieving a deep integration of cryptographic and artificial intelligence technologies.
[0048] In one specific implementation, it also includes an anomaly handling module, the input of which is connected to the anomaly signal output of the closed-loop verification module; The exception handling module internally includes a cause analysis unit, a strategy selection unit, and a notification execution unit. The cause analysis unit receives the verification failure report returned by the closed-loop verification module, parses the error code in the report, and generates a retry instruction if the error code indicates a deviation in execution logic; if the error code indicates data tampering or forged proof, it generates a blocking instruction. The strategy selection unit is connected to the cause analysis unit and is used to call the preset handling strategy library according to the instruction type. For retry instructions, the strategy selection unit is configured to send a reinitialization signal to the task execution module; for blocking instructions, the strategy selection unit is configured to generate a blacklist broadcast packet containing the identity identifier of the violating agent. The notification execution unit connects to the policy selection unit, which is used to synchronously send blacklist broadcast packets to all associated agent nodes in the collaborative network and modify the local access control list to restrict the subsequent collaborative permissions corresponding to the identity of the violating agent.
[0049] The proof of the Groth16 algorithm implementation in the generation module specifically includes: During the system initialization phase, public parameters containing elliptic curve generators, random poisoning parameters, and a common reference string are generated. The common reference string is divided into proof-side parameters and verification-side parameters, with the proof-side parameters stored in the secure memory of the proof generation module. During the proof generation phase, the responder's agent uses internal input data as a private witness value and public input data as a public instance. They substitute these into the rank-one constraint system corresponding to the arithmetic circuit to calculate the intermediate polynomial coefficients. The intermediate polynomial coefficients are then blinded using the proof-side parameters to generate a zero-knowledge proof string containing three group elements. The generation of the zero-knowledge proof string is completed in the responder's agent's local execution environment. The internal input data is immediately cleared from memory after calculation, and only the zero-knowledge proof string is retained for external transmission, ensuring that the internal input data is invisible on the transmission link and at the verification end.
[0050] In practical applications of this invention, when the closed-loop verification module determines that the verification has failed and returns a report, the cause analysis unit inside the anomaly handling module intervenes to deeply analyze the specific error codes carried in the report. By accurately locating the root cause of the fault through code characteristics, if the error code points to an execution logic deviation, such as a temporary error in intermediate calculation values or a minor timing misalignment caused by network fluctuations, the cause analysis unit will determine it as a recoverable fault and generate a retry instruction, aiming to give the system a chance to self-correct. Conversely, if the error code clearly indicates the presence of data tampering traces or suspected zero-knowledge proof forgery, the cause analysis unit will immediately characterize it as a malicious attack and decisively generate a blocking instruction, effectively avoiding accidental damage to normal agents due to occasional technical failures, while also ensuring a zero-tolerance attitude towards real security threats.
[0051] Subsequently, the strategy selection unit receives the instruction type from the cause analysis unit and executes differentiated operations based on the preset handling strategy library. For retry instructions, the strategy selection unit sends a reinitialization signal to the task execution module, triggering a reset of the task environment and a reload of data, enabling the collaborative process to seamlessly restart from the breakpoint and ensuring business continuity. For blocking instructions, the strategy selection unit initiates the highest level of defense response, generates a blacklist broadcast packet containing the unique identifier of the violating agent, notifies the execution unit to take over this important task, and synchronously sends the blacklist broadcast packet to all associated agent nodes in the collaborative network through a high-priority channel, achieving millisecond-level network-wide sharing of threat intelligence. At the same time, it immediately modifies the access control list locally, completely cutting off and restricting all subsequent collaborative permissions corresponding to the violating agent's identifier from the system's bottom layer.
[0052] The proof generation module performs in-depth engineering optimization and security hardening on the implementation of the Groth16 algorithm to ensure absolute reliability of privacy protection. During system initialization, the module first generates a public parameter system containing elliptic curve generators, random poisoning parameters, and a public reference string. The public reference string is scientifically divided into proof-side parameters and verification-side parameters. The proof-side parameters are confined to the secure memory of the proof generation module and physically isolated from the external network, ensuring that only legitimate responder proxies can obtain the key materials used to generate the proof, thus eliminating the risk of parameter leakage at the source.
[0053] Upon entering the proof generation phase, internal input data is used as private witness values, and public input data is used as public instances. These are then substituted into the rank-one constraint system corresponding to the arithmetic circuit generated by the contract transformation module to calculate intermediate polynomial coefficients. During this process, pre-stored proof-side parameters are used to blind the intermediate coefficients. Mathematically, blinding is equivalent to adding an inescapable random mask to the data, ensuring that the final zero-knowledge proof string containing three group elements, while proving the logical correctness, cannot deduce any original input information. The internal input data is immediately and completely erased from memory the moment the polynomial coefficient calculation is completed, leaving only the final zero-knowledge proof string for external transmission. Even if intercepted during data transmission or maliciously analyzed at the verification end, attackers cannot obtain any original internal input data. This truly achieves "usable but invisible" data throughout its entire lifecycle of generation, processing, transmission, and verification, perfectly resolving the fundamental contradiction between data sharing and privacy protection in multi-party collaboration, and providing trust for the entire agent collaboration system.
[0054] In one specific implementation, the trigger-based verification process in the closed-loop verification module specifically includes: In the preloading step, while the identity verification module outputs a high-level trigger signal, the verification scheduling unit loads the constraint matrix, common input vector, and zero-knowledge proof string of the arithmetic circuit into the register group of the verification algorithm executor in parallel. In the pairing verification step, the algorithm execution unit uses the verification side parameters to calculate the bilinear pairing product of each group element in the zero-knowledge proof string and the arithmetic circuit constraint matrix, and compares the calculation result with the target value derived based on the common input vector. In the result feedback step, if the comparison result is within the preset error tolerance range, a logic high-level signal is output to drive the state machine to jump and generate a success receipt containing a verification pass timestamp; if the comparison result exceeds the error tolerance range, a logic low-level signal is output to trigger the exception handling process and record the mathematical evidence chain of verification failure. The mathematical evidence chain contains the index of the specific constraint terms that caused the pairing verification failure.
[0055] In specific applications of this invention, the high-level trigger signal output by the identity verification module and the synchronization clock of the parallel processing mechanism inside the system are triggered at the instant the signal is generated. The verification scheduling unit immediately starts the high-speed concurrent loading program, directly loading the constraint matrix of the arithmetic circuit, the common input vector, and the zero-knowledge proof string to be verified into the high-speed register group of the verification algorithm executor. The parallel preloading strategy eliminates the delay caused by data transfer, ensuring that subsequent core operations can obtain all necessary operands at the fastest speed, laying the foundation for achieving low-latency real-time verification.
[0056] Once the data is in place, the algorithm execution unit immediately enters the core pairing verification step. It performs complex bilinear pairing product operations on each group element point contained in the zero-knowledge proof string and the arithmetic circuit constraint matrix. The high-dimensional algebraic mapping on the elliptic curve group transforms the abstract logical constraints into concrete numerical relationships. At the same time, the system independently derives a theoretical target value using a common input vector. Subsequently, the algorithm execution unit compares the actual calculation result of the bilinear pairing product with the theoretical target value, introducing a preset error tolerance range to accommodate the small rounding errors generated by the underlying hardware when performing floating-point operations or large number operations, ensuring a perfect balance between mathematical rigor and engineering practicality in the verification logic.
[0057] The comparison result directly determines the final outcome of the system. If the deviation between the calculated result and the target value falls within the preset error tolerance range, the system immediately determines that the logical loop is valid and outputs a high-level logic signal, signifying that the legal validity of this collaborative task has been confirmed. Simultaneously, the system automatically generates a success receipt containing a verification timestamp accurate to the nanosecond level, completing the final step from technical verification to business confirmation. Conversely, if the comparison result exceeds the error tolerance range, indicating a substantial logical defect or data tampering, the system immediately outputs a low-level logic signal. This signal acts like an emergency brake, instantly triggering the aforementioned anomaly handling process to prevent the potential spread of risks.
[0058] It should be noted that, in this document, relational terms such as "first" and "second" are used only to distinguish one entity or operation from another, and do not necessarily require or imply any such actual relationship or order between these entities or operations. Furthermore, the terms "comprising," "including," or any other variations thereof are intended to cover non-exclusive inclusion, such that a process, method, article, or apparatus that comprises a list of elements includes not only those elements but also other elements not expressly listed, or elements inherent to such process, method, article, or apparatus.
[0059] The present invention and its embodiments have been described above. This description is not restrictive, and the accompanying drawings are only one embodiment of the present invention; the actual structure is not limited thereto. In conclusion, if those skilled in the art are inspired by this description and design similar structures and embodiments without departing from the spirit of the invention, such designs should fall within the protection scope of the present invention.
Claims
1. A closed-loop verification system for agent collaboration logic based on zero-knowledge proof, characterized in that, include: Contract conversion module, task execution module, proof generation module, identity verification module, and closed-loop verification module; The output of the contract conversion module is connected to the instruction input of the task execution module and the circuit parameter input of the closed-loop verification module via a data bus, respectively, to convert the cooperation rules in the received multi-agent cooperation task protocol into arithmetic circuits and distribute the generated arithmetic circuit parameters to downstream modules. The signal output terminal of the task execution module is connected to the data input terminal of the proof generation module, which is used to respond to the collaborative task of the requesting agent, execute logic according to the received arithmetic circuit, collect internal input data and common input data during the task execution process, and synchronously transmit the internal input data and common input data to the proof generation module. The proof output terminal of the proof generation module is connected to the verification input terminal of the identity verification module. It is used to generate a zero-knowledge proof string by using the arithmetic circuit as the verification template, the received internal input data as private data, and the public input data as public data, and then send the generated zero-knowledge proof string to the identity verification module. The verification result output terminal of the identity verification module is connected to the trigger control terminal of the closed-loop verification module. It is used to receive the zero-knowledge proof string, retrieve the dynamic agent identity identifier, compare and verify the verification code and home domain identifier of the dynamic agent identity identifier, and send a trigger signal to the closed-loop verification module after the verification is passed. The closed-loop verification module establishes communication connections with the contract conversion module, the proof generation module, and the identity verification module, respectively. After receiving the trigger signal, it retrieves the stored arithmetic circuit parameters and common input data, performs a trigger-based verification operation in combination with the received zero-knowledge proof string, and controls the system state machine to jump or terminate the collaborative task according to the verification operation result.
2. The agent collaboration logic closed-loop verification system based on zero-knowledge proof according to claim 1, characterized in that, The contract conversion module is internally equipped with a rule decomposition unit, a logic mapping unit, and a circuit assembly unit. The input end of the rule decomposition unit is connected to an external protocol interface to receive collaborative rules that include task division, execution timing, parameter thresholds and exception handling rules, and decomposes the collaborative rules into multiple independent logical units. The signal input terminal of the logic mapping unit is connected to the output terminal of the rule decomposition unit, and is used to map each logic unit into a corresponding sub-circuit structure. The sub-circuit structure is composed of an adder gate, a multiplier gate and a logic gate connected in series or in parallel through physical lines. The output terminal of the adder gate is connected to the input terminal of the multiplier gate, and the control terminal of the logic gate is connected to the comparison result output terminal of the parameter threshold. The input terminal of the circuit assembly unit is connected to the output terminal of the logic mapping unit, and is used to connect all the sub-circuits in series according to the execution timing to form a complete arithmetic circuit. The final output terminal of the arithmetic circuit corresponds to the execution standard judgment value of the cooperation rule, and encapsulates the topology data and gate circuit connection relationship data of the arithmetic circuit into a circuit parameter package, which is sent to the task execution module and the closed-loop verification module through the data bus.
3. The agent collaboration logic closed-loop verification system based on zero-knowledge proof according to claim 1, characterized in that, The proof generation module integrates an initialization unit, a proof calculation unit, and a parameter storage unit. The parameter storage unit is used to store public parameters generated through a trusted setup ceremony. The public parameters include a proof key and a verification key. The proof key is stored in the secure storage area of the proof generation module and is not authorized to read from external networks. The input terminal of the initialization unit is connected to the contract conversion module, which is used to load the arithmetic circuit and the public parameters, and establish a computing environment for generating zero-knowledge proofs; The data input terminal of the proof calculation unit is connected to the task execution module and the initialization unit respectively. It is used to receive internal input data, public input data and arithmetic circuit model, perform polynomial commitment calculation using the Groth16 algorithm, embed the internal input data as private witness value into the calculation process, generate a zero-knowledge proof string containing group element points, the length of the zero-knowledge proof string is fixed and smaller than the volume of the original execution data, and send it to the identity verification module through an encrypted communication channel.
4. The agent collaboration logic closed-loop verification system based on zero-knowledge proof according to claim 1, characterized in that, The identity verification module is internally configured with an identity parsing unit, a hash comparison unit, and a capability matching unit; The input end of the identity resolution unit is connected to the proof generation module and is used to extract the dynamic proxy identity identifier of the responding agent from the received data packet. The dynamic proxy identity identifier includes a check code field, a home domain identifier field, and a capability attribute field. The first input of the hash comparison unit is connected to the identity parsing unit, and the second input is connected to the local cache database. It is used to extract the non-verification code part of the dynamic agent identity identifier, calculate its MD5 hash value, and compare the calculated hash value with the verification code field bit by bit. If the comparison result is consistent, a first verification pass signal is generated. The input of the capability matching unit is connected to the identity parsing unit and the preset trusted domain list storage respectively. It is used to determine whether the home domain identifier field exists in the preset trusted domain list, and to retrieve the agent capability attribute data in the core patent 1 cache module to verify whether the capability attribute field meets the minimum capability threshold of the current collaborative task. If the home domain verification is passed and the capability attribute meets the requirements, a second verification pass signal is generated. The input terminals of the logic AND gate of the identity verification module are respectively connected to the output terminals of the first verification pass signal and the second verification pass signal. The identity verification module outputs a high-level trigger signal to the closed-loop verification module only when both signals are high.
5. The agent collaboration logic closed-loop verification system based on zero-knowledge proof according to claim 1, characterized in that, The closed-loop verification module is internally equipped with a verification scheduling unit, an algorithm execution unit, and a status control unit; The input terminal of the verification scheduling unit is connected to the trigger control terminal of the identity verification module. It is used to simultaneously retrieve arithmetic circuit parameters from the contract conversion module, retrieve common input data from the common data buffer, and read zero-knowledge proof strings from the data receiving buffer after detecting a high-level trigger signal. The signal input terminal of the algorithm execution unit is connected to the verification scheduling unit, which is used to load the verification key in the public parameters, take the arithmetic circuit parameters, public input data and zero-knowledge proof string as input variables, and perform bilinear pairing verification operation. If the pairing operation result is in the target group unit, the verification result is determined to be true; otherwise, the verification result is determined to be false. The control input terminal of the state control unit is connected to the output terminal of the algorithm execution unit. When the verification result is true, the state control unit drives the system state machine to jump from the "verification in progress" state to the "execution successful" state, and sends a success confirmation message to the requesting agent, while sending a settlement trigger pulse to the settlement system. When the verification result is false, the state control unit drives the system state machine to jump to the "abnormal termination" state, cuts off the data connection with the responding agent, and generates a blocking instruction containing an exception type code.
6. The agent collaboration logic closed-loop verification system based on zero-knowledge proof according to claim 1, characterized in that, It also includes a log traceability module, whose data input terminal is connected to the output terminal of the identity verification module, the timestamp output terminal of the proof generation module, and the status output terminal of the closed-loop verification module, respectively. The log tracing module is internally equipped with a data acquisition unit, an encryption processing unit, and a distributed storage unit. The data acquisition unit is used to capture identity verification result data, the start and end times of zero-knowledge proof generation, the time consumed by verification operations, the Boolean value of the verification result, and the node identifiers before and after the system state machine transition in real time. The input terminal of the encryption processing unit is connected to the data acquisition unit and is used to perform encryption operations on the captured data using the AES-256 encryption algorithm to generate ciphertext log blocks. The ciphertext log blocks contain an immutable timestamp watermark. The distributed storage unit is connected to the encryption processing unit and is used to copy and store the ciphertext log block to at least three physically isolated distributed nodes. Each distributed node has an independent read / write permission verification interface, which only allows auditing terminals with specific private keys to read the log content.
7. The agent collaboration logic closed-loop verification system based on zero-knowledge proof according to claim 1, characterized in that, It also includes an interface adaptation module, which is set between the contract conversion module and the external HarmonyOS operating system, and between the proof generation module and the domestic large model interface; For the HarmonyOS operating system, the interface adaptation module has a protocol conversion unit inside, which is used to convert the storage format of arithmetic circuit parameters into a data frame structure supported by the HarmonyOS secure communication protocol, and add an integrity check code to the data transmission link; For the domestic large model interface, the interface adaptation module has a proof encapsulation unit inside, which is used to encapsulate header information that conforms to the domestic large model input standard on the outer layer of the zero-knowledge proof string. The header information includes proof type identifier, version number and length field, so that the domestic large model interface can recognize and parse the zero-knowledge proof string. The interface adaptation module is also equipped with a security gateway located on the data transmission path, which is used to perform two-way authentication on the arithmetic circuit data entering the system and the proof data leaving the system to prevent unauthorized protocol iteration attacks.
8. The agent collaboration logic closed-loop verification system based on zero-knowledge proof according to claim 1, characterized in that, It also includes an anomaly handling module, the input of which is connected to the anomaly signal output of the closed-loop verification module; The anomaly handling module includes a cause analysis unit, a strategy selection unit, and a notification execution unit. The cause analysis unit is used to receive the verification failure report returned by the closed-loop verification module, parse the error code in the report, and generate a retry instruction if the error code indicates a deviation in execution logic; if the error code indicates data tampering or forgery, a blocking instruction is generated. The strategy selection unit is connected to the cause analysis unit and is used to call a preset handling strategy library according to the instruction type. For retry instructions, the strategy selection unit is configured to send a reinitialization signal to the task execution module; for blocking instructions, the strategy selection unit is configured to generate a blacklist broadcast packet containing the identity of the violating agent. The notification execution unit is connected to the policy selection unit and is used to synchronously send the blacklist broadcast packet to all associated agent nodes in the collaborative network, and modify the local access control list to restrict the subsequent collaborative permissions corresponding to the identity of the violating agent.
9. The agent collaboration logic closed-loop verification system based on zero-knowledge proof according to claim 3, characterized in that, The implementation process of the Groth16 algorithm in the proof generation module specifically includes: During the system initialization phase, public parameters are generated, including elliptic curve generators, random poisoning parameters, and a common reference string. The common reference string is divided into proof-side parameters and verification-side parameters, wherein the proof-side parameters are stored in the secure memory of the proof generation module. During the proof generation phase, the responder's agent uses internal input data as private witness value and public input data as public instance, substitutes them into the rank-one constraint system corresponding to the arithmetic circuit, calculates the intermediate polynomial coefficients, and uses the proof-side parameters to blind the intermediate polynomial coefficients, generating a zero-knowledge proof string containing three group elements. The generation process of the zero-knowledge proof string is completed in the local execution environment of the responder's agent. The internal input data is immediately cleared from memory after the calculation is completed, and only the zero-knowledge proof string is retained for external transmission, ensuring that the internal input data is not visible in the transmission link and the verification end.
10. The agent collaboration logic closed-loop verification system based on zero-knowledge proof according to claim 5, characterized in that, The triggered verification process in the closed-loop verification module specifically includes: In the preloading step, while the identity verification module outputs a high-level trigger signal, the verification scheduling unit loads the constraint matrix, common input vector, and zero-knowledge proof string of the arithmetic circuit into the register group of the verification algorithm executor in parallel. In the pairing verification step, the algorithm execution unit uses the verification side parameters to calculate the bilinear pairing product of each group element in the zero-knowledge proof string and the arithmetic circuit constraint matrix, and compares the calculation result with the target value derived based on the common input vector. In the result feedback step, if the comparison result is within the preset error tolerance range, a logic high-level signal is output to drive the state machine to jump and generate a success receipt containing a verification pass timestamp; if the comparison result exceeds the error tolerance range, a logic low-level signal is output to trigger the exception handling process and record the mathematical evidence chain of verification failure, wherein the mathematical evidence chain contains the index of specific constraint terms that caused the pairing verification failure.