Problem
As of 2026, three major ESG regulations are simultaneously bearing down on manufacturing supply chains:
- CBAM (Carbon Border Adjustment Mechanism) — requires evidence submission of embedded carbon emissions and carbon price payment for steel, aluminum, cement, fertilizer, electricity, and hydrogen exported to the EU
- EUDR (EU Deforestation Regulation) — requires proof that timber, palm oil, soy, beef, coffee, cocoa, and rubber are not derived from deforestation
- DPP (Digital Product Passport, under ESPR) — starting with batteries, expanding to textiles, electronics, and construction materials; requires providing full lifecycle product attributes to consumers, regulators, and recyclers
The structural problem common to all: regulations demand "proof," but practice delivers "declarations."
- Dependence on multi-tier supplier self-declarations: Each tier aggregates data from upstream in Excel and PDF, forwarding it further upstream. There is no tamper detection mechanism.
- Double-counting risk: When the same raw material lot is allocated to multiple final products, the structure allowing duplicate counting across products cannot be eliminated.
- Thin audit evidence: Presenting authorities with bundles of paper documents and Excel files cannot prove immutability.
- Conflict with business confidentiality: Full document disclosure exposes trade secrets — supplier contract terms, procurement prices, and trading relationships.
Furthermore, as autonomous procurement agents are adopted, the absence of means for agents to instantly verify ESG compliance before confirming orders threatens the very feasibility of the agent economy.
Scenario
Automotive parts manufacturer Company S exports steel body panels to Europe. With CBAM's full application starting in 2026, payment of carbon prices corresponding to embedded emissions and submission of calculation grounds are now mandatory.
Company S's procurement spans 5 tiers:
- Tier-1: Steel that S directly purchases
- Tier-2: Steel mills (electric arc / blast furnace)
- Tier-3: Iron ore and coking coal import trading companies
- Tier-4: Mine operators
- Tier-5: Power source composition at extraction sites (fossil fuels / renewables)
Each tier sends emissions data upstream in Excel and PDF. S aggregates these and incorporates them into documents provided to European importers. Internally, four ESG data specialists at S are consumed by normalizing different supplier formats.
At audit, S presents "supplier-submitted data used in aggregation" to the authorities. But the authorities ask whether that data arrived from the supplier at the time without tampering. There is no way to prove a spreadsheet's provenance in Excel.
Additionally, S's newly introduced autonomous procurement agent requires pre-order verification for CBAM compliance, but current electronic data lacks verifiability — the agent ultimately waits for manual final confirmation.
With Lemma, each tier encrypts emissions attributes with issuer signatures before passing them upstream. Each attribute contains:
- Issuer identity (mining operator, steel mill, trading company)
- Measured values and methodology (GHG Protocol Scope 1-3, EUDR compliance criteria)
- Measurement timestamp and scope (batch ID, raw material lot)
- Cryptographic binding to upstream tier (raw-material-unit chain)
S's autonomous procurement agent verifies component-level CBAM compliance as a ZK proof before confirming the order. The EU importer independently confirms that embedded emissions are below the CBAM threshold — without being disclosed raw material details or supplier contracts. When the same raw material is allocated to other products, the cryptographic binding structurally detects double-counting.
At audit, authorities verify a cryptographic provenance chain rather than a bundle of spreadsheets. Supplier trade secrets remain protected while regulatory compliance is established.
Architecture
Lemma's four cryptographic layers correspond to the ESG attribute lifecycle in multi-tier supply chains.
1. ENCRYPT — Per-Tier Sealing of Originals
Each supplier encrypts measurement data originals (production records, energy consumption logs, third-party audit reports) with AES-GCM. Originals remain under the supplier's control. Only attribute values extracted from originals, docHash, and issuer signatures are passed upstream.
2. PROVE — ZK Proofs Against Regulatory Thresholds
On a ZK circuit, proofs are generated for each specific CBAM, EUDR, and DPP requirement:
- "Embedded carbon emissions are at most X tonnes CO₂/tonne" (CBAM)
- "Country of origin is not in a deforestation-risk area" (EUDR)
- "Recycled content ratio is at least Y%" (DPP)
- "No forced labor was involved" (labor condition proof)
Supplier identifiers, contract terms, procurement prices, and specific production processes are not included in the proofs.
3. DISCLOSE — Stakeholder-Specific Selective Disclosure
Different recipients receive different attributes. EU customs receives an aggregated CBAM compliance proof; end consumers receive DPP-relevant attributes; the procurement department's ordering agent receives per-batch attestations; ESG auditors receive the full provenance chain — all delivered with issuer signatures, tamper-proof.
4. PROVENANCE — Multi-Tier Cryptographic Chain
Each tier's attestation is cryptographically bound to the upstream tier's attestation. Starting from the final product's DPP, the provenance chain can be traced back through Tier-1→Tier-2→Tier-3→Tier-4→Tier-5 without disclosing any supplier names. If an attribute is updated or revoked at any tier, downstream proofs automatically recalculate integrity.
┌──────────────────────────────────────────────────────────┐
│ Tier-5: Extraction site (power source composition) │
│ → Fossil/renewable ratio encrypted with signature │
└───────────────────────┬──────────────────────────────────┘
│ Signed emissions attributes
▼
┌──────────────────────────────────────────────────────────┐
│ Tier-4: Mine operator │
│ → Cryptographically binds Tier-5 attributes + own values │
│ → Generates raw-material-lot-level attestations │
└───────────────────────┬──────────────────────────────────┘
│ Chained attestations
▼
┌──────────────────────────────────────────────────────────┐
│ Tier-3 → Tier-2 → Tier-1 │
│ Each tier: encrypt measurements, bind upstream attributes│
│ → Supplier names, contract terms, prices remain private │
└───────────────────────┬──────────────────────────────────┘
│ Complete provenance chain
▼
┌──────────────────────────────────────────────────────────┐
│ Company S (Exporter) │
│ PROVE: ZK proofs against CBAM/EUDR/DPP thresholds │
│ DISCLOSE: │
│ EU Customs → Aggregated CBAM compliance proof │
│ Consumer → DPP-relevant attributes │
│ Procurement agent → Per-batch attestations │
│ ESG auditor → Full provenance chain │
└───────────────────────┬──────────────────────────────────┘
│ Disclosed proofs
▼
┌──────────────────────────────────────────────────────────┐
│ PROVENANCE (On-chain) │
│ All tier attestations anchored │
│ → Update/revocation at any tier triggers downstream │
│ integrity recalculation │
│ → DPP to Tier-5 traceable without supplier name exposure │
└──────────────────────────────────────────────────────────┘Proven Facts
Lemma cryptographically guarantees the following facts in supply chain ESG:
- Issuer and issuance timestamp at each tier
- Issuer signature and applied methodology for measured values
- Cryptographic binding to upstream tiers (raw material unit)
- Structural absence of double-counting
- Compliance against CBAM, EUDR, and DPP regulatory thresholds
- Non-disclosure of supplier names, contract terms, and procurement prices
- Pre-order verification capability for autonomous procurement agents
- Independent verification by regulatory authorities, customs, and third-party auditors
Ready to prove?
Talk to us about your use case. We respond within one business day.