In Zsub we are using cryptographic chaining of attestations to avoid a central computation of trust or complex circuits.. So there is not central relay that knows the social graph or path and neither does anyone in the chain. Chain links just know each other verifier knows no one. Maybe doesn't matter for your case because the graph is already public, but it was nice that we could use simpler crypto (schnorr, pederson, merkle) and get more privacy. Not sure if that helps, but maybe interesting
Discussion
So you're proving "I have a valid path to a trust root" without anyone ever assembling the full picture?
Exactly. No identities revealed. Not to the anchor, not to the verifier, and the relationship keys for the trust attestation are one-off delegations, so participants can't even collude. (Easily. There is always out of band correlation risk.)