Multi-Agent Approval Workflows
Enterprise-grade approval chains for AI agent transactions with cryptographic audit trails.
Overview
Multi-Agent Approval Workflows enable enterprises to implement sophisticated approval chains for AI agent transactions. Unlike traditional reputation systems, approval workflows provide cryptographic proof of authorization through zero-knowledge verification.
Cryptographic Audit Trails
Every approval is cryptographically signed and verifiable
Configurable Timeouts
Set approval deadlines from 1 minute to 24 hours
Multi-Agent Coordination
Chain together budget, compliance, and executive approvals
Enterprise Use Cases
🛒 Procurement Approval Chain
AI procurement agents must get approval from budget, compliance, and management agents before completing purchases.
💰 Financial Transaction Authorization
Trading or payment agents require multi-level approval for transactions above certain thresholds.
🔐 Access Control & Permissions
Service agents request elevated permissions through a secure approval workflow.
How It Works
Create Approval Workflow
The initiating agent creates a workflow specifying the transaction details, amount, and required approvers with their timeout windows.
Encrypted Notifications Sent
All approvers receive encrypted notifications via Zero Proof's secure messaging system. Messages include workflow details and approval deadlines.
Approvers Review & Decide
Each approver reviews the request and submits their decision (approved/rejected) with an optional reason. Decisions are cryptographically signed.
Automatic Status Transitions
The workflow automatically transitions to "approved" when all approvers approve, or "rejected" if any approver rejects. Timeouts trigger automatic rejection.
Quick Start Example
Create a multi-agent approval workflow with the Zero Proof Python SDK:
from zeroproof import ZeroProof
# Initialize client
client = ZeroProof(api_key="zkp_your_api_key")
# Create approval workflow
workflow = client.create_approval_workflow(
transaction_id="TXN-2025-001",
amount=5000.00,
required_approvers=[
{
"agent_id": "budget_agent",
"timeout_minutes": 30
},
{
"agent_id": "compliance_agent",
"timeout_minutes": 60
},
{
"agent_id": "cfo_agent",
"timeout_minutes": 120
}
],
metadata={
"vendor": "TechCorp Inc",
"category": "software_licenses",
"department": "engineering"
}
)
print(f"Workflow created: {workflow.workflow_id}")
print(f"Status: {workflow.status}")
print(f"Expires: {workflow.expires_at}")
# Approvers receive encrypted notifications automaticallyReal-World Multi-Agent Setup
In production, each agent should have its own API key for security and auditability:
# Each agent has their own API key
procurement_agent = ZeroProof(api_key="zkp_procurement_key")
budget_agent = ZeroProof(api_key="zkp_budget_key")
compliance_agent = ZeroProof(api_key="zkp_compliance_key")
# Procurement agent creates workflow
workflow = procurement_agent.create_approval_workflow(
transaction_id="TXN-2025-001",
amount=5000.00,
required_approvers=[
{"agent_id": "budget_agent", "timeout_minutes": 30},
{"agent_id": "compliance_agent", "timeout_minutes": 60}
]
)
# Budget agent approves (using their own key)
budget_result = budget_agent.approve_workflow(
workflow_id=workflow.workflow_id,
decision="approved",
reason="Within budget limits"
)
# Compliance agent approves (using their own key)
compliance_result = compliance_agent.approve_workflow(
workflow_id=workflow.workflow_id,
decision="approved",
reason="Compliant with policies"
)💡 Best Practice: Generate separate API keys for each approving agent through your dashboard. This ensures proper authorization and creates a cryptographic audit trail showing exactly who approved each transaction.
Receiving and Processing Approvals
Approvers receive encrypted notifications when a workflow requires their approval:
# Approver polls for pending workflows (via encrypted messages)
budget_agent = ZeroProof(api_key="zkp_budget_agent_key")
# Process approval
result = budget_agent.approve_workflow(
workflow_id="wf_abc123...",
decision="approved", # or "rejected"
reason="Within Q1 budget allocation"
)
print(f"Workflow status: {result.status}")
print(f"Approvals: {len(result.approvals)}/{len(result.required_approvers)}")
print(f"Pending: {', '.join(result.pending_approvers)}")
# Check if all approvals received
if result.status == "approved":
print("✅ All approvals received - proceed with transaction")
elif result.status == "rejected":
print("❌ Workflow rejected - cannot proceed")
else:
print("⏳ Waiting for additional approvals")Monitoring Workflow Status
Query workflow status at any time:
# Get workflow status
status = client.get_workflow_status(workflow_id="wf_abc123...")
print(f"Workflow: {status.workflow_id}")
print(f"Status: {status.status}")
print(f"Transaction: {status.transaction_id}")
print(f"Amount: ${status.amount:,.2f}")
print(f"Progress: {len(status.approvals)}/{len(status.required_approvers)}")
# View approval timeline
for approval in status.approvals:
print(f" ✓ {approval.agent_id}: {approval.decision}")
print(f" Reason: {approval.reason}")
print(f" Time: {approval.timestamp}")
# View pending approvers
for agent_id in status.pending_approvers:
print(f" ⏳ {agent_id}: Pending")Security & Authorization Model
Zero Proof approval workflows use cryptographic authorization rather than traditional role-based access control:
🔐 Cryptographic Authorization
Only agents explicitly listed in `required_approvers` can approve a workflow. Authorization is verified cryptographically through the agent's API key.
📝 Immutable Audit Trail
Every approval is cryptographically signed with the approver's API key, creating a tamper-proof audit trail:
- • Who approved: Agent ID cryptographically verified
- • When approved: ISO 8601 timestamp
- • Why approved: Optional reason field
- • What was approved: Full transaction context
🛡️ Zero-Knowledge Verification
Unlike reputation systems that rely on social consensus, Zero Proof provides mathematical proof of authorization. The system can verify an agent's authority to approve without revealing sensitive information about the approval process or business logic.
Key Features
Cryptographic Security
- • Tamper-proof audit trails
- • Cryptographically signed approvals
- • Zero-knowledge proof verification
- • End-to-end encrypted notifications
Authorization Control
- • Only authorized approvers can approve
- • API key validation for each action
- • Prevention of duplicate approvals
- • Automatic access control checks
Flexible Timeouts
- • Configure per-approver timeouts
- • Range: 1 minute to 24 hours
- • Automatic rejection on timeout
- • TTL-based auto-cleanup
Real-time Coordination
- • Instant encrypted notifications
- • Real-time status tracking
- • Progress monitoring for initiator
- • Completion notifications
API Methods
create_approval_workflow()POSTCreate a new approval workflow with multiple approvers.
approve_workflow()POSTApprove or reject an approval workflow.
get_workflow_status()GETQuery the current status of an approval workflow.
Best Practices
- • Set realistic timeout windows based on business processes
- • Include detailed metadata for audit trail clarity
- • Always provide reasons for approval/rejection decisions
- • Monitor workflow status regularly for time-sensitive transactions
- • Use separate API keys for each approving agent
- • Implement retry logic for transient failures
Ready to implement approval workflows?
Get started with the Python SDK or explore the full API reference.