-
-
Zenith Landing Page
-
Activate the Vision Link to let Zenith sees you
-
Collaborate with multiple users
-
Neural Briefing based on user's permission and activity
-
Firebase usage
-
Implemented GitHub Actions for automated CI/CD pipeline
-
Requesting verification to publish app
-
User Journey Map
-
Class Diagram Service Structure
-
Mindmap Product Ecosystem
-
AI Generation Process Orchestrator Handshake
-
Architecture System Topology
Inspiration
The inspiration for ZENITH LIVE came from a critical realization: AI can talk, but it often lacks the authority to act securely. We saw a massive gap in "Trust." We wanted to move beyond "text-in/text-out" silos and build a unified, governed agentic ecosystem. We envisioned a world where a creative director could talk to an agent that doesn't just "chat," but is Authorized to Act—building narratives and generating assets only after a secure, human-in-the-loop handshake.
What it does
ZENITH LIVE is a Governed Multimodal Agentic Orchestrator that bridges the gap between real-time interaction and secure automated production:
- Live Studio & Neural Link: Features a low-latency interface powered by Gemini 2.5 Flash for natural voice/vision interaction with procedural gaze-tracking and a live user feed.
- Sovereign Governance: Unlike standard agents, Zenith integrates Auth0 MFA Step-up and OpenFGA. It ensures that high-stakes actions (like accessing GitHub or sensitive data) require a biometric or OTP verification.
- Agentic Handshake: Orchestrates complex tasks by breaking down intent into strategy (Gemini 3.1 Pro), imagery (Imagen 3), and cinematic video (Veo 3.1).
- Sovereign Token Vault: A secure environment where scoped credentials are only released after the governance layer clears the "Relationship-based Access Control" (RBAC/ABAC) via OpenFGA.
How we built it
The project is engineered as a Zero-Trust Full-Stack Infrastructure:
Core Intelligence: Built using the @google/genai SDK, leveraging Gemini 2.5 Flash for real-time multimodal processing and Gemini 3.1 Pro for deep reasoning.
Identity & Security: Deeply integrated Auth0 Actions to trigger Step-up MFA during sensitive agentic state changes. We implemented OpenFGA to model complex relationship permissions, ensuring the agent acts only within its "Trust Circle."
Backend & Cloud: Powered by Node.js 24 and hosted on Google Cloud Run. We utilize GCP Secret Manager to protect the "Sovereign Vault" and Firestore for persistent "Agentic Memory."
The Pivot: From Vercel to the Google Cloud Sovereign Vault Initially, we targeted Vercel for speed. However, as the mission shifted toward Secured Agency, we migrated to Google Cloud Run. This move allowed us to:
- Architectural Synergy: Achieve ultra-low latency between Gemini, Firestore, and our Auth0 middleware.
- Hardened Security: Implement a Secure Gateway Pattern that keeps API keys and User Tokens strictly server-side, managed by Google Cloud’s enterprise-grade security.
- Official Challenge Alignment: Fully meeting the 'Live on Google Cloud' criteria while optimizing for the asia-southeast1 region for a stable multimodal handshake.
After a rigorous evolution from Vercel (https://zenith-live.vercel.app/) to Firebase (https://al-qalam-2265a.web.app/), we finally scaled Zenith on Google Cloud Run Platform (https://zenith-live-875241790017.us-central1.run.app/) to ensure the stability and security required for a truly 'Authorized' agentic platform.
The differences between every milestones are right there, recorded on each URLs.
Challenges we ran into
The biggest hurdle was the "Governance-Latency Tradeoff." Implementing Auth0 MFA and OpenFGA checks in the middle of a live multimodal stream threatened to break the "flow." We solved this by creating an Asynchronous Handshake Pattern, where the agent prepares the "strategy" while the user completes the MFA, ensuring a seamless transition once the token is released. We also navigated the complexity of interleaved multimodal outputs and regional API constraints.
Accomplishments that we're proud of
- Authorized to Act Badge: Successfully built a working prototype where an agent's capability is directly tied to a Verified Identity via Auth0 MFA.
- OpenFGA Integration: Implemented a fine-grained authorization model that prevents "Agent Overreach," a common problem in autonomous AI.
- Multimodal Neural Link: Developed a system where the agent autonomously coordinates between Gemini, Imagen, and Veo models based on the user's verified "Trust Level."
- Verified Cloud Deployment: A fully automated pipeline on Google Cloud Run, proving that high-end AI can be both powerful and secure.
What we learned
We learned that Identity is the new Perimeter for AI agents. Throughout this challenge, we realized that "Agentic Memory" isn't just about data—it's about Permission History. We deepened our understanding of how to balance Gemini's creative power with the rigid security requirements of modern enterprise governance.
What's next for Zenith Live
The roadmap includes:
- Autonomous Distribution: Allowing the agent to post content to social platforms securely after a "Final Handshake."
- Multi-Agent Governance: Introducing environments where multiple Gemini instances collaborate, each with different permission levels governed by OpenFGA.
- Refined Live Studio: Reducing latency even further and expanding the "Neural Link" to support broader AR/VR modalities.
Built With
- auth0
- firebase
- fma
- gemini
- google-cloud
- openfga
- typescript
Log in or sign up for Devpost to join the conversation.