Logo
ScienceStack
Table of Contents
Fetching ...
Sign In

"Show Me You Comply... Without Showing Me Anything": Zero-Knowledge Software Auditing for AI-Enabled Systems

Filippo Scaramuzza, Renato Cordeiro Ferreira, Tomaz Maia Suller, Giovanni Quattrocchi, Damian Andrew Tamburri, Willem-Jan van den Heuvel

TL;DR

ZKMLOps is introduced, a novel MLOps verification framework that operationalizes Zero-Knowledge Proofs-cryptographic protocols allowing a prover to convince a verifier that a statement is true without revealing additional information-within Machine-Learning Operations lifecycles, and provides a modular and repeatable process for generating verifiable cryptographic proof of compliance.

Abstract

The increasing exploitation of Artificial Intelligence (AI) enabled systems in critical domains has made trustworthiness concerns a paramount showstopper, requiring verifiable accountability, often by regulation (e.g., the EU AI Act). Classical software verification and validation techniques, such as procedural audits, formal methods, or model documentation, are the mechanisms used to achieve this. However, these methods are either expensive or heavily manual and ill-suited for the opaque, "black box" nature of most AI models. An intractable conflict emerges: high auditability and verifiability are required by law, but such transparency conflicts with the need to protect assets being audited-e.g., confidential data and proprietary models-leading to weakened accountability. To address this challenge, this paper introduces ZKMLOps, a novel MLOps verification framework that operationalizes Zero-Knowledge Proofs (ZKPs)-cryptographic protocols allowing a prover to convince a verifier that a statement is true without revealing additional information-within Machine-Learning Operations lifecycles. By integrating ZKPs with established software engineering patterns, ZKMLOps provides a modular and repeatable process for generating verifiable cryptographic proof of compliance. We evaluate the framework's practicality through a study of regulatory compliance in financial risk auditing and assess feasibility through an empirical evaluation of top ZKP protocols, analyzing performance trade-offs for ML models of increasing complexity.

"Show Me You Comply... Without Showing Me Anything": Zero-Knowledge Software Auditing for AI-Enabled Systems

TL;DR

ZKMLOps is introduced, a novel MLOps verification framework that operationalizes Zero-Knowledge Proofs-cryptographic protocols allowing a prover to convince a verifier that a statement is true without revealing additional information-within Machine-Learning Operations lifecycles, and provides a modular and repeatable process for generating verifiable cryptographic proof of compliance.

Abstract

The increasing exploitation of Artificial Intelligence (AI) enabled systems in critical domains has made trustworthiness concerns a paramount showstopper, requiring verifiable accountability, often by regulation (e.g., the EU AI Act). Classical software verification and validation techniques, such as procedural audits, formal methods, or model documentation, are the mechanisms used to achieve this. However, these methods are either expensive or heavily manual and ill-suited for the opaque, "black box" nature of most AI models. An intractable conflict emerges: high auditability and verifiability are required by law, but such transparency conflicts with the need to protect assets being audited-e.g., confidential data and proprietary models-leading to weakened accountability. To address this challenge, this paper introduces ZKMLOps, a novel MLOps verification framework that operationalizes Zero-Knowledge Proofs (ZKPs)-cryptographic protocols allowing a prover to convince a verifier that a statement is true without revealing additional information-within Machine-Learning Operations lifecycles. By integrating ZKPs with established software engineering patterns, ZKMLOps provides a modular and repeatable process for generating verifiable cryptographic proof of compliance. We evaluate the framework's practicality through a study of regulatory compliance in financial risk auditing and assess feasibility through an empirical evaluation of top ZKP protocols, analyzing performance trade-offs for ML models of increasing complexity.

Paper Structure

This paper contains 16 sections, 3 equations, 6 figures, 5 tables.

Table of Contents

  1. Introduction
  2. Background
  3. Trustworthy AI
  4. Auditing of ML-Enabled Systems
  5. Zero-Knowledge Proofs
  6. Related Work
  7. Research Methods
  8. Proposed Framework
  9. ML-Enabled System Verification Lifecycle: Guidelines for Protocol Selection
  10. Trustworthiness-as-a-Service
  11. Trust Stakeholders
  12. Example Use Case: Regulatory Compliance for a Proprietary Financial Risk Model
  13. Evaluation
  14. Discussion
  15. Threats to Validity and Limitations
  16. ...and 1 more sections

Figures (6)

  • Figure 1: Extended representation of the six trustworthy AI dimensions liu_trustworthy_2022 with a focus on Accountability li_trustworthy_2023.
  • Figure 2: Activity Diagram of the four-step approach for this study.
  • Figure 3: High-Level Overview of the ZKMLOps framework.
  • Figure 4: ZKP-Enhanced ML applications in the MLOps verification lifecycle scaramuzza_engineering_2025.
  • Figure 5: Component architecture of the ZKMLOps framework showing the implementation for two possible auditing workflows: neural network inference verification and dataset bias verification. The dotted boxes represent possible architecture extension points.
  • ...and 1 more figures