On the asymmetry between cheap generation and expensive verification, and why the next decade's most important infrastructure is the layer we use to check what AI systems actually did.
Zeeshan Khan
Notes from building AI systems — and on the trust problems that define the next decade.
How do we know a system is doing what it claims to be doing? Most of what I write here comes from asking that question across very different domains, for a long time now.
I'm a product and engineering leader working across AI, supply chains, and cybersecurity. I lead AI product and engineering at Jazzware in hospitality. I run SurroundApps, where we build verification infrastructure for industries where trust used to run on faith — garment supply chains, charitable giving, home healthcare, device security. Earlier work has spanned MIT's AI Lab, DARPA-funded research, physical security systems for public safety and defense at Cisco, DNA sequencing platforms at Illumina, and national-scale identity systems including Bangladesh's biometric SIM verification rollout.
I grew up in Dhaka, came to MIT in the era when AI still meant rule-based systems, and have spent the years since watching the field — and the trust problems it creates — evolve through every major shift. I'm based in Silicon Valley and direct SurroundApps's work in Bangladesh remotely.
Essays
What an AI agent should carry with it: a verifiable record of what it is, what it's authorized to do, and who is responsible when it goes wrong. With three precedents — SBOM, DSCSA, and the EU's Digital Product Passport — and what the AI version has to do differently.
Why a passport's value lies not in what it says but in who signed it. On the difference between a self-signed assertion and an independently issued, revocable credential — and why only the second survives an auditor.
If absolute verification is impossible, the frontier moves from preventing failure to containing it. On reversibility, attribution, and why liability — not cryptography — is what makes anyone design for a smaller blast radius.
What it means to lead AI inside a company: not shipping features, but building the methodology by which an organization can stand behind what its systems produce — to a customer, an auditor, eventually a court.
Notes on what each AI wave has gotten right, what each has gotten wrong, and what the current wave is still figuring out.