VetaLoom - Proof-Backed Governance Guardian

VetaLoom monitors proposals and privileged actions on Amadeus, checks them against a deterministic constitution, and publishes an onchain OK/DANGER alert with ZK proof verified via ZkVerify for trust.

  • 57 Raised
  • 624 Views
  • 1 Judges

Team

Tags

  • Soft Hack

Categories

  • Soft Hack: prototype agents and AI dApps

Description

VetaLoom (Verifiable Governance Guardian  - ZK Proofs via ZkVerify)


1. project overview 

VetaLoom is a proof backed governance security agent for Amadeus  an automated white hat guardian that watches proposals and privileged actions before they execute.

As protocols rely more on onchain governance, timelocks, and upgradeable contracts, the biggest threats often come from “legit-looking” actions: a quiet contract upgrade, a role transfer, a timelock reduction, or a treasury move that becomes an exploit once it goes live. The hard part isn’t only spotting risk early  it’s making the warning trustworthy.

VetaLoom solves this by using a deterministic Constitution (a clear rulebook of what is allowed) and producing a ZK proof that the rulebook was applied correctly. The proof is verified through the ZkVerify pathway, so anyone can trust the verdict without trusting the operator.

In practice, VetaLoom continuously monitors governance proposals and high-impact contract actions, evaluates them against the Constitution, and publishes an onchain signal (OK/DANGER) that wallets, governance UIs, and protocols can consume. This turns governance defense from “trust the bot” into “verify the decision,” creating a foundational safety layer for the agentic economy on Amadeus.

2. Problem Statement

Onchain governance is one of the most dangerous attack surfaces in crypto  not because it’s “broken,” but because it controls the most powerful actions: upgrades, admin roles, timelocks, and treasury movement.

Many real world disasters don’t start with a flashy hack. They start with a proposal that looks normal, then quietly does something harmful, like:

  • upgrading a contract to malicious code

  • transferring owner/admin control to an attacker-controlled address

  • reducing the timelock delay so funds can be moved quickly

  • slipping in a large treasury transfer under vague wording

  • changing critical parameters (oracles, caps, collateral rules) to weaken safety

Right now, defense is mostly reactive:

  • manual review is slow and inconsistent

  • most users can’t decode calldata or fully understand proposal impact

  • bot alerts exist, but they’re often hard to trust because the reasoning isn’t standardized or verifiable

Result: harmful actions can execute before the community coordinates a response, and protocols remain exposed to governance-driven exploits.

3. Solution - Constitution + Proof Governance Defense

VetaLoom solves governance risk by turning proposal review into a deterministic, verifiable agent workflow.

Instead of relying on “AI vibes” or vague heuristics, VetaLoom uses a clear Constitution  a rulebook of what governance is allowed to do. The Constitution contains strict checks such as:

  • no upgrades to unknown/unapproved implementations

  • no admin/owner transfers to untrusted addresses

  • no timelock reductions below safe minimums

  • no large treasury transfers without explicit constraints

  • no oracle changes to unapproved sources

  • no creation of new privileged roles without safeguards

How it works

  1. Observe: VetaLoom monitors governance proposals, timelock queues, and privileged contract actions.

  2. Decode: It summarizes what each proposal will actually execute (targets + functions + impact).

  3. Evaluate: It applies the Constitution deterministically (same input → same verdict).

  4. Prove: It generates a ZK proof that the verdict was computed correctly.

  5. Verify: The proof is verified via the ZkVerify pathway, so the network can trust the result.

  6. Publish / Act: It publishes an onchain OK/DANGER signal (and optionally votes or triggers a veto/pause request where supported).


4. Key Features

Constitution Standard (Deterministic Rules)

  • A clear rulebook for governance safety (what’s allowed vs not allowed)

  • Same proposal + same constitution → same verdict

  • Removes ambiguity and “trust me” security

Governance + Privileged Action Monitoring

  • Watches proposals and execution queues (timelocks)

  • Flags high-risk actions like upgrades, role/admin changes, treasury moves, and critical parameter edits

  • Covers the main ways governance exploits happen

ZK-Proof Verdicts (Verified via ZkVerify)

  • Generates a ZK proof that the constitution was applied correctly

  • Proof verification makes the verdict credible without trusting the agent runner

  • Enables trust-minimized consumption by wallets, UIs, and protocols

Onchain Alert Signal (OK / DANGER)

  • Publishes a canonical, indexable alert that other tools can read

  • Easy to integrate into governance dashboards and wallet warnings

  • Standardizes how security warnings are communicated

Optional Response Actions (Where Supported)

  • Auto-vote against dangerous proposals

  • Trigger veto/pause hooks if the protocol adopts guard rails

  • Supports “warning first,” with a path to prevention

Upgrade Path to Stronger Security

  • Start with alerts + proof-backed reasoning

  • Extend to multi-guardian quorum, challenge windows, and enforcement modules as the ecosystem matures


5. Alignment with the Amadeus Protocol

Amadeus is building an AI-native blockchain where autonomous agents don’t just exist  they coordinate, execute, and manage real value onchain. As that agent economy grows, governance and privileged execution become even more critical, because they control upgrades, permissions, and treasury movement.

VetaLoom fits Amadeus because it provides a missing foundational layer: trusted security signals for agent-driven and governance-driven systems.

  • Makes onchain coordination safer: agents and protocols can rely on a standard OK/DANGER signal before executing high-impact actions.

  • Matches Amadeus’s agent-native direction: VetaLoom is an autonomous agent that monitors state over time and responds through onchain actions.

  • Uses verification-native primitives: by producing ZK proofs verified via the ZkVerify pathway, VetaLoom aligns with Amadeus’s push toward verifiable compute and trust-minimized automation.

  • Improves ecosystem usability: wallets, governance dashboards, and teams get a simple, consistent way to understand proposal risk without decoding everything manually.

  • Scales with the network: it starts as alerts and voting support, and can later evolve into protocol-level guard rails as adoption grows.

In short, if Amadeus is the foundation for the autonomous economy, VetaLoom is the governance safety layer that keeps that foundation from being undermined by malicious proposals or privileged actions

6. Technical Architecture 

VetaLoom is designed as a hybrid agent system: heavy work happens offchain for speed and cost, while onchain components provide a trusted, verifiable signal.

Offchain Layer (Observation + Analysis + Proof Generation)

This layer is responsible for:

  • Watching governance events (new proposals, queued executions) and privileged actions

  • Decoding what a proposal will actually do (targets, function calls, key parameter changes)

  • Evaluating the proposal against the deterministic Constitution (rule checks)

  • Generating a ZK proof that the verdict (OK/DANGER) was computed correctly

Output from this layer is a compact package:

  • canonical proposal fingerprint (hash)

  • verdict + triggered rule IDs

  • ZK proof for correctness

Onchain Layer (Verification + Public Signal)

This layer provides the trust anchor:

  • stores or references the active constitution hash (source of truth for the rules)

  • verifies the ZK proof via the ZkVerify pathway

  • records an immutable, indexable Alert event (OK/DANGER) that apps can consume

  • optionally supports enforcement hooks (vote/veto/pause) if the protocol integrates them

Minimal Data Flow 

  1. Proposal appears on Amadeus governance

  2. VetaLoom watches and decodes it offchain

  3. Constitution engine produces verdict + proof

  4. Proof is verified via ZkVerify

  5. Onchain alert is published for wallets/UIs/protocols to act on

This architecture keeps the system fast and practical while ensuring the final decision is verifiable and trusted.


7. Agent Economics

VetaLoom uses simple incentives so the system stays useful, not spammy.

Participation (Skin in the game)

To operate VetaLoom as a guardian, an operator must stake/lock $AMA.This does two things:

  • discourages spammy or low-effort guardians

  • signals commitment and accountability

Action costs (Why alerts aren’t free)

When VetaLoom posts a verified alert (or casts a vote / triggers a guard action), it consumes resources:

  • compute cost (analysis + proof generation)

  • network cost (onchain transaction fees)

  • optional bonding cost (a small deposit for high-severity alerts)

This keeps the marketplace of “alerts” clean and prevents noise.

Rewards (Why guardians do the work)

Guardians earn incentives when they provide real protection, such as:

  • catching a malicious proposal early

  • preventing a dangerous execution from going through

  • providing verified risk signals that protocols and users rely on

Rewards can come from:

  • protocol-funded security bounties

  • ecosystem incentives tied to governance safety

  • optional fee-sharing if the alert signal becomes a standard service

The loop

stake $AMA → monitor + prove verdicts → publish trusted alerts → prevent harm → earn rewards

This creates a sustainable model where accurate, high-signal guardians are rewarded and low-quality behavior becomes expensive. 

8. Constraints Awareness

VetaLoom is designed around the reality that blockchains are powerful but constrained, so we only put the right things onchain.

Onchain compute is limited

Smart contracts shouldn’t do heavy analysis (too expensive and slow).That’s why VetaLoom does the deep scanning and decoding offchain, and only brings small, verifiable outputs onchain (verdict + proof).

Latency matters

Governance attacks succeed when they execute before people react.VetaLoom prioritizes early detection by watching proposals and queues as soon as they appear, then publishing an alert quickly.

Determinism is required for trust

Security decisions can’t depend on randomness or subjective AI behavior.VetaLoom uses a deterministic Constitution so:

  • the same proposal always produces the same result

  • verification is straightforward and consistent

Not everything belongs onchain

Onchain is used for:

  • anchoring the constitution hash

  • verifying the proof (via ZkVerify pathway)

  • publishing a canonical OK/DANGER signal

Offchain is used for:

  • monitoring and decoding proposals

  • running the rule checks

  • generating the proof

This split keeps the system practical, fast, and trustworthy without pretending the chain can do everything.

Conclusion

VetaLoom turns governance security into something the Amadeus ecosystem can actually rely on: a deterministic constitution plus a proof-backed verdict.

Instead of “trusting a bot,” users, protocols, and governance UIs get a simple OK / DANGER signal that is verifiable via the ZkVerify pathway. That means dangerous upgrades, role changes, timelock bypasses, and treasury-drain proposals can be flagged early with a decision the network can independently validate.

In simple terms: VetaLoom is the onchain white-hat that spots the rug before it happens and can prove it.

Copyright © 2026 All rights reserved. Powered by LayerX
Discord CommunityEmail Support