ZK Delegator

Zero-knowledge proof delegation for AI agents — grant scoped permissions without exposing credentials, powered by Auth0 Token Vault

Comment

Inspiration

AI agents are becoming autonomous operators — they browse, transact, and act on behalf of users. But today there's no safe way to delegate credentials to them. You either hand over your full API keys (too much trust) or build bespoke permission logic for every integration (too much friction).

We wanted a system where you could say: "This agent is authorized to act — but only within these bounds, and only I can prove I authorized it."

Zero-knowledge proofs make that possible. Auth0 Token Vault makes it deployable.

What it does

ZK Delegator lets users create cryptographically scoped delegation tokens for AI agents using zero-knowledge proofs and Auth0's Token Vault:

  • Delegate without exposing: Users generate ZK proofs that authorize an agent to act within defined scopes — without revealing the underlying credentials
  • Scoped permissions: Each delegation is bounded by resource, action, and time — agents can't exceed what was explicitly authorized
  • Auth0 Token Vault integration: Delegated tokens are issued and managed through Auth0's secure vault, giving enterprise-grade token lifecycle management
  • Revocable at any time: The original user retains cryptographic control and can invalidate any delegation instantly
  • Auditable chain: Every agent action leaves a verifiable proof trail tied back to the human who authorized it

How we built it

  • ZK proof layer: Implemented using Circom circuits + SnarkJS to generate compact, verifiable delegation proofs on-chain
  • Auth0 Token Vault: Handles secure token issuance, storage, and rotation — agents receive short-lived tokens derived from vault-managed secrets
  • Delegation contract: A lightweight smart contract verifies ZK proofs on-chain before any agent action is executed
  • Agent SDK: A minimal TypeScript SDK that agents use to request, hold, and present delegation proofs to services
  • Demo app: A web interface where users can create, manage, and revoke agent delegations with full audit history

Challenges we ran into

  • Generating ZK proofs efficiently enough for real-time agent workflows required careful circuit optimization
  • Integrating Auth0's Token Vault with ZK proof verification required a custom bridge layer between the vault's token issuance flow and the on-chain verifier
  • Designing the scope schema so it's flexible enough for real-world use cases but compact enough for ZK circuit constraints

Accomplishments that we're proud of

  • Sub-200ms ZK proof generation for delegation tokens — fast enough for real agentic workflows
  • Clean Auth0 Token Vault integration that handles all token lifecycle operations without exposing raw credentials to the agent at any point
  • A working demo where an AI agent browses, acts, and provides verifiable proof of authorization for every action it takes

What we learned

Authorization for AI agents is fundamentally different from authorization for humans. Agents act at machine speed, in parallel, across many services simultaneously. The traditional "ask the user" model breaks immediately. ZK delegation is the only architecture that scales to autonomous agents while preserving human oversight.

What's next for ZK Delegator

  • Multi-party delegation: allow teams to co-authorize agent actions requiring multiple human approvers
  • Cross-chain delegation proofs for multi-chain agent operations
  • Integration with popular agent frameworks (LangChain, AutoGPT, CrewAI)
  • Auth0 Marketplace listing for enterprise deployment

Built With

Share this project:

Updates