Glossary
Core terminology in cryptography, verifiable AI, agent protocols, and AI regulation as Lemma uses them. Only definitions that map back to the product.
Cryptography Layer
The cryptographic primitives Lemma uses for proving, disclosing, and tamper-evidence: ZK proofs, symmetric encryption, hashes, and commitments.
Zero-Knowledge Proof — ZKP
Definition and Lemma implementation of zero-knowledge proofs — a cryptographic primitive that proves a statement true without revealing the underlying secret.
Open →AES-GCM (Galois/Counter Mode)
Authenticated symmetric encryption combining AES in counter mode with Galois/Counter authentication — confidentiality and integrity in a single construction.
Open →Poseidon Hash
An algebraic hash function engineered to minimize cost inside ZK circuits. Proposed by StarkWare et al. in 2019; deployed in StarkNet/Cairo, Filecoin, Aztec, and more.
Open →docHash — document content digest
A cryptographic digest of a document's byte representation. Lemma uses docHash as the primary identifier that fixes the identity of every provenance, attribute, and citation unit.
Open →Content Identifier — multiformats
A self-describing content-addressed identifier. Combines multihash, multicodec, and multibase so the hash algorithm, encoding, and data type are embedded in the identifier itself.
Open →Selective Disclosure
A technique for revealing only chosen attributes from a document or credential — paired with a cryptographic proof — instead of releasing the whole. The bridge between privacy and compliance.
Open →Commitment Scheme
A cryptographic construction that locks in a value (commit) so it can be revealed later (reveal). Binding (cannot change after commit) plus hiding (does not leak before reveal).
Open →Verifiable AI
The terminology that makes AI judgments, citations, and inference traces cryptographically verifiable. Lineage, citation, and audit basics.
Verifiable AI
The implementation domain for making AI judgments, inferences, and citations cryptographically verifiable. Third-party-confirmable across input provenance, model identity, and inference consistency.
Open →Provenance — verifiable lineage
A tamper-evident mechanism for tracking and verifying when, by whom, and from what inputs a data point, model, or decision was produced. The input layer of verifiable AI; a core Lemma pillar.
Open →Provenance Proof
Cryptographic proof that a piece of data originates from a declared lineage. The technical core of any generative AI strategy that needs to prove input authenticity and output provenance without exposing the underlying data.
Open →C2PA — Coalition for Content Provenance and Authenticity
An industry standard for describing and signing media-content provenance. Led by Adobe, Microsoft, BBC, Intel, Sony, and others; widely adopted for AI-generated content identification and edit-trail verification.
Open →Decentralized Identifier — DID
A W3C-standardized identifier specification. An identifier whose issuer, subject, and verifier each operate independently — used for subject identification in attribute attestation and lineage chains.
Open →Verifiable Credentials — VC
A W3C-standardized format for third-party-verifiable attribute statements. Attestations flow under a three-party model of Issuer, Holder, and Verifier.
Open →Retrieval-Augmented Generation
An approach that retrieves external documents at generation time and grounds the response in them. Enables freshness and proprietary knowledge without model retraining — and introduces citation authenticity as a new problem.
Open →Citation Proof
A cryptographic mechanism that proves a citation embedded in an AI response really came from the claimed source document, with neither tampering nor fabrication. The authenticity core of RAG.
Open →Audit Trail
Tamper-evident records of system execution. Essential wherever after-the-fact verification matters — AI decision logs, payment paths, data-access history.
Open →Scope — tenant boundary
Lemma's tenant boundary. Every key, schema, circuit, document, and proof you register is bound to one scope ID. Resource CRUD is scope-isolated; attributes.query can read verified attributes across scopes by design.
Open →Schema — typed attribute declaration
Lemma's typed declaration of the attributes a document carries, anchored to a normalize artifact — a WASM module that hashes raw fields into the canonical form a circuit checks.
Open →Generator — document-generation script metadata
Metadata for a document-generation script. It declares how a rawDoc is produced — input spec, output spec, and source location — and runs on developer infrastructure, not Lemma. The generatorId and its hash become ZK public inputs for verification.
Open →Human-in-the-Loop — HITL
An operating model where a human reviews and approves each AI decision before it executes. The standard control in high-stakes domains — but a throughput ceiling as agent autonomy rises.
Open →Human-off-the-Loop — HOTL
An operating model where AI executes each decision autonomously without waiting for human approval. Throughput rises, but it presupposes an accountability mechanism standing in for the human eye.
Open →Threat Model & AI Attack
The threat class Lemma's pre-execution attestation layer responds to. Frontier-model zero-day discovery and automated exploit-chain construction — the capability range named "Mythos-grade."
Protocols & Agents
Protocols for autonomous agent transactions and machine-to-machine settlement: x402, Trust402, MCP, A2A, and their adjacent specs.
Agentic Payments
Transactions and settlements executed autonomously by AI agents. The new-generation payment stack (x402, MCP, A2A) is the substrate; authority and provenance verification are the core problems.
Open →HTTP 402-native payment protocol
Definition of x402 and Lemma's verification layer (Trust402). An open protocol led by Coinbase that re-purposes HTTP 402 Payment Required to integrate stablecoin settlement directly into HTTP.
Open →Trust402 — Lemma's verifiable x402 layer
Lemma's reference implementation that adds verifiability to the x402 payment protocol. Proves both the settlement fact and the legitimacy (authority, purpose, scope) of the payment.
Open →EIP-3009 — Transfer With Authorization
An Ethereum extension standard that lets a signature alone authorize an ERC-20 transfer (no gas paid by signer). The signer, recipient, amount, validity window, and nonce are signed under EIP-712 and submitted by a third party.
Open →Facilitator — x402 settlement intermediary
A service that brokers x402 settlement validation and execution. Submits the client's payment payload on-chain and returns settlement status to the resource server.
Open →Agent2Agent — A2A
An open protocol that standardizes communication and coordination between AI agents. Proposed by Google in 2025; migrated to a Linux Foundation independent project in 2026.
Open →Model Context Protocol — MCP
An open protocol that gives AI models a uniform way to connect to external tools, data sources, and services. Released by Anthropic in November 2024; donated to the AAIF under the Linux Foundation in December 2025.
Open →Regulatory & Compliance
The regulatory frameworks Lemma's proofs plug into: AI regulation (EU and Japan) and identity verification (KYC/AML).
Know Your Customer / Anti-Money Laundering
An international regulatory regime requiring financial institutions and crypto-asset operators to verify customer identity (KYC) and interdict money-laundering and terrorism-financing pathways (AML).
Open →EU Artificial Intelligence Act — Regulation (EU) 2024/1689
Definition of EU AI Act and Lemma's compliance path. Four risk tiers, a 2025–2027 phased schedule, and automated-logging plus data-governance obligations on high-risk AI.
Open →AI Business Operator Guidelines (METI / MIC)
A soft-law set of guidelines for AI operators, jointly issued by Japan's Ministry of Economy, Trade and Industry and the Ministry of Internal Affairs and Communications in April 2024.
Open →AI Promotion Act (Japan, 2025)
Enacted June 2025, formally titled the "Act on the Promotion of Research, Development, and Utilization of AI-Related Technologies." Japan's first AI-related hard law.
Open →PII (Personally Identifiable Information)
Information that identifies, or can be used to identify, a specific person — name, address, ID numbers, biometrics. GDPR, CCPA, and Japan's APPI all push operators toward collection minimization and breach-surface reduction.
Open →