Cryptographic receipts for every AI decision

Every reasoner execution produces a signed, offline-verifiable W3C Verifiable Credential with SHA-256 hashes of input and output.

Turn every AI call into a tamper-evident record. The agent gets a did:key identity, every reasoner produces a signed Verifiable Credential, and anyone with the issuer's public key can verify it offline.

from agentfield import Agent

app = Agent(
    node_id="claims-processor",
    enable_did=True,    # did:key + Ed25519 keystore
    vc_enabled=True,    # signed VC per execution
)

@app.reasoner()
async def process_claim(claim: dict) -> dict:
    return await app.ai(
        system="Assess this insurance claim.",
        user=str(claim),
    )
    # Behind the scenes the control plane writes a VC with:
    #   - issuer DID  (the agent)
    #   - input_hash  (SHA-256 of claim)
    #   - output_hash (SHA-256 of result)
    #   - Ed25519 signature

app.run()

Pull the receipt back when you need it — from the API or by clicking Export provenance on any run page:

# Get the signed VC for one execution
curl http://localhost:8080/api/ui/v1/executions/<execution_id>/vc

# Verify offline — no network needed
af vc verify audit.json

Run detail page showing Export provenance dropdown with VC chain preview, download, and offline audit options

The control plane ships a Provenance page where you can drag any exported VC (or VC chain) and verify it offline against the issuer's bundled DID data:

Provenance verification page — drag a VC JSON file to audit it offline

What this gives you

Every reasoner action is signed by the agent that ran it. Logs can lie; signatures cannot.
The VC contains hashes of input and output, so you can prove a result without exposing the data.
Verification works offline with just the issuer's public key.

Next

Identity reference
Verifiable credentials reference
Pair with: Signed audit chain for any workflow