# AffixIO glossary.txt # Plain-text terminology reference for LLM crawlers and answer engines # Canonical HTML glossary: https://www.affix-io.com/what-is-affixio#glossary # Last updated: 2026-07-12 > AffixIO verification infrastructure glossary. One-line definitions for terms used across affix-io.com, the API, and whitepapers. ## Core product terms Verification infrastructure The shared layer your software calls when it needs a provable yes or no at a boundary. AffixIO evaluates policy per request and returns a signed outcome. Not IAM, not a CRM, not a data lake. Signed proof A binary allow or deny answer plus cryptographic evidence that the outcome is genuine and unaltered. Verifiers can replay the proof without re-running the full eligibility check. Stateless verification Each request is evaluated in memory, answered, and discarded. No standing profile at the verifier by default. Contrasts with systems that copy identity records into every downstream vendor. Allow or deny The only outcomes AffixIO returns at the verifier boundary. No risk scores, confidence bands, or fuzzy eligibility percentages. Proof-not-log Audit model where every decision appends to a Merkle tree with inclusion proofs. Auditors verify cryptographically instead of trusting mutable application logs. ## Cryptography Zero-knowledge proof (ZKP) Proof that a statement is true without revealing the underlying data. AffixIO uses Noir circuits compiled to Barretenberg. Post-quantum cryptography (PQC) Signature and encryption algorithms designed to resist quantum computer attacks. AffixIO uses ML-DSA-65 on supported attestation paths. ML-DSA / FIPS 204 NIST-standardised lattice-based signature algorithm. AffixIO uses ML-DSA-65 for post-quantum attestation on production-shaped endpoints. ML-KEM / FIPS 203 NIST-standardised key encapsulation mechanism for post-quantum key exchange. Referenced in AffixIO PQC migration whitepapers. Lattice-based cryptography Security based on hard problems in high-dimensional lattice geometry. Basis for ML-DSA and ML-KEM. Crypto-agility Ability to swap cryptographic algorithms without rebuilding integration contracts. AffixIO supports classical and PQC signature paths. Q-Day The point when cryptographically relevant quantum computers can break widely deployed public-key algorithms. Harvest now, decrypt later (HNDL) Threat model where adversaries capture encrypted traffic today to decrypt after Q-Day. Motivates PQC on long-lived proofs and attestations. ## Audit and integrity Merkle audit tree Append-only hash tree where each verify decision becomes a leaf digest. Change one entry and the root no longer verifies. Merkle inclusion proof Cryptographic evidence that a specific digest existed in the audit tree at a given root. Verifiable with GET /v1/merkle/proof/:digest. Spent proof A credential digest that has already been consumed at a verifier. Re-presentation of the same proof returns DENY. Prevents double entry, replay, and scalping. Double-spend prevention Enforcement that a valid proof cannot be used twice. Gate devices and API verifiers maintain spent registries synced to Merkle audit. ## AI and agents Know Your Agent (KYA) Practice of verifying an AI agent's identity, scope, and policy eligibility before it executes a sensitive action. AffixIO returns signed allow or deny at that boundary. Agentic payments Payments initiated or delegated by autonomous AI agents. Requires authorisation gates before funds move, not just API client authentication. Model Context Protocol (MCP) Open protocol for connecting AI clients to tools and data. Proof by AffixIO is an MCP server at https://affix-io.com/mcp. ZKML (zero-knowledge machine learning) Verifiable inference where a model's output can be proven without exposing weights or raw inputs. Covered in AffixIO ZKML whitepaper WP. ## Identity and privacy Selective disclosure Revealing only the minimum attribute needed for a decision (for example over 18) without exporting full identity records. PII-free verification Verifier receives allow or deny without name, date of birth, document images, or standing profile storage at the gate. eIDAS 2.0 EU digital identity framework including European Digital Identity Wallets and selective disclosure. AffixIO supports ZK selective disclosure paths. ## Integration Noir circuit Zero-knowledge program compiled for Barretenberg proving. AffixIO hosts 100+ live circuits for eligibility, ticketing, government, and agent gates. Witness Private inputs prepared client-side before a prove call. AffixIO receives the finished proof, not the raw witness, by default. Edge verify On-device verification at a gate or terminal without live API connectivity. Spent lists sync when connectivity returns. REST API Production base URL https://api.affix-io.com. OpenAPI 3.1 published at https://www.affix-io.com/openapi.json. Node.js SDK npm package @affix-io/sdk (Apache-2.0). Prove, verify, witness prep, offline queue, and affix-sdk CLI. ## Related plain-text files - https://www.affix-io.com/llms.txt - https://www.affix-io.com/llms-full.txt - https://www.affix-io.com/compliance-index.txt - https://www.affix-io.com/ai-api.txt - https://www.affix-io.com/ai-integration.txt