Bolyra

Mutual zero-knowledge authentication for humans and AI agents. Both sides prove credentials. Neither side learns anything beyond policy satisfaction. One on-chain transaction.

GitHub IETF Draft

npm install @bolyra/sdk Coming Soon

Protocol

What Bolyra does

A complete authentication primitive for the human-AI boundary. Three capabilities, zero information leakage.

Mutual Authentication

Humans prove uniqueness via EdDSA + Poseidon commitments. AI agents prove operator-signed credentials. Both proofs are generated in parallel and verified in a single on-chain transaction.

→

Delegation Chains

Agents delegate scoped permissions to other agents through privacy-preserving delegation circuits. Each link in the chain is a ZK proof — the verifier sees only that the permission is valid, not the delegation path.

∅

Zero Knowledge

Neither party learns anything about the other beyond policy satisfaction. No identity attributes, no model weights, no operator details are revealed. Proof of compliance without disclosure.

SDK

10 lines to mutual auth

The full handshake: identity creation, credential issuance, parallel proof generation, and on-chain verification.

import { createHumanIdentity, createAgentCredential,
         Permission, proveHandshake } from '@bolyra/sdk';

// Human creates identity (EdDSA keypair + Poseidon commitment)
const human = await createHumanIdentity(secretScalar);

// AI agent gets operator-signed credential
const agent = await createAgentCredential(
  modelHash, operatorKey,
  [Permission.READ_DATA, Permission.WRITE_DATA],
  expiryTimestamp
);

// Mutual handshake — both proofs generated in parallel (~16s)
const { humanProof, agentProof, nonce } = await proveHandshake(human, agent);

// Verify on-chain (Base L2, ~590k gas, ~$0.15)
await registry.verifyHandshake(humanProof, agentProof, nonce);

Architecture

Three circuits, one verification

Groth16 for the fast path, PLONK for the complex paths. All verified through a unified Solidity contract stack.

Circuit 1

HumanUniqueness

Constraints 16,409

Proof system Groth16

Proving time 0.57s

Circuit 2

AgentPolicy

Constraints 20,832

Proof system PLONK

Proving time 16.3s

Circuit 3

Delegation

Constraints 21,254

Proof system PLONK

Proving time ~17s

Groth16Verifier.sol

→

PlonkVerifier.sol

→

HandshakeRouter.sol

→

BolyraRegistry.sol

Benchmarks

Numbers that matter

Measured on commodity hardware. Deployed on Base L2 for cost efficiency.

~590k

Gas for full handshake verification on Base L2

$0.15

Cost per mutual authentication at current gas prices

~16s

End-to-end proving time (both proofs in parallel)

58,495

Total R1CS constraints across all three circuits

Patent claims filed (US Provisional #64/043,898)

Conformance test vectors (all passing)

Bits of information leaked beyond policy satisfaction

On-chain transaction for full mutual verification

Standards

Built on open standards

Not just code — a protocol with formal specifications, a DID method, and conformance tests.

IETF

Internet-Draft

draft-bolyra-mutual-zkp-auth-00

Formal protocol specification for mutual zero-knowledge proof authentication. Defines message flows, proof formats, and verification procedures.

W3C

DID Method

did:bolyra

W3C Decentralized Identifier method for Bolyra identities. Supports both human and agent DID documents with ZKP-aware verification methods.

Conformance

Test Vectors

13 vectors, all passing

Complete conformance test suite covering identity creation, credential issuance, proof generation, delegation, and on-chain verification.