Audit trails as cryptographic evidence.
Replace text logs with signed receipts. Map every action to EU AI Act, NIST AI RMF, ISO 42001 articles. Auditors verify the trail without going through us.
One action, one signed receipt.
Life of an Action
Auditors read the action receipt. The receipt cites the delegation. The delegation cites the passport. The chain is verifiable without us.
Regulated industries, EU operators, compliance leads.
Who this is for
A regulator asks for the audit trail behind an agent action. Today the answer is text logs in Datadog or Kibana, with no chain of authority, no signed scope, no contestability surface, no proof of which inputs the agent saw at decision time. APS replaces text logs with cryptographic evidence that holds up under independent verification.
Three primitives, three frameworks.
What ships
Public modules. Mapped to articles your auditor already reads.
Cryptographic audit trail mapped to real frameworks. EU AI Act Articles 14 and 26. NIST AI RMF across Govern, Map, Measure, Manage. ISO 42001 audit requirements. Generated from receipts on disk.
src/core/euaiact.tsgenerateComplianceReport({ standard, receipts })
Action receipts as evidence, not as logs. Every receipt is signed, contestable, replayable. Authority-boundary receipts prove what the agent was authorized to do. Custody receipts prove what data the agent saw.
src/v2/accountability/{action,authority-boundary,custody,contestability,bundle}.ts
Cascade revocation as enforcement. When a delegation is revoked, downstream actions invalidate without a manual log search. The receipt ledger answers is this still authorized in a single signature check.
src/v2/cognitive_attestation/*src/v2/instruction_provenance/*
Mapping primitives to articles.
Architecture
| Framework | Article | Requires | APS primitive |
|---|---|---|---|
| EU AI Act | Art. 14 | Human oversight | AuthorityBoundaryReceipt + HumanEscalationFlag |
| EU AI Act | Art. 26 | Transparency to deployer | ActionReceipt with signed scope chain |
| NIST AI RMF | GOVERN-1.1 | Accountability structures | Charter + offices, separation of powers |
| NIST AI RMF | MEASURE-2.7 | Risk evaluation evidence | CustodyReceipt + ContestabilityReceipt |
| ISO 42001 | A.6.2.6 | Decision audit trail | DecisionLineageReceipt, replayable |
| ISO 42001 | A.9.2 | Continuous monitoring | APSBundle Merkle aggregation |
The protocol specifies procedural validity. Effect safety is a separate axis, catalogued in Paper 8 (The Evidence-Safety Gap). We cite our own limits.
Verifiable on the public record.
Proof
- NIST CAISI input acknowledged. Acknowledged in writing by Drew Keller. Email on file.
- Two NCCoE concept-paper comments in federal record. Filed alongside BSA on the NCCoE site.
- AAIF project proposal #14 in review. Linux Foundation path for cross-vendor agent interoperability.
- IETF Internet-Draft live. draft-pidlisnyi-aps-00. Eight Zenodo papers including Paper 8.
Adjacent
deep
Receipts reference
Action, custody, authority-boundary, contestability.
open →
solution
Content
Signed governance, derivation lineage, cascade revoke.
open →
solution
Enterprise
BYO identity, charter governance, fleet-scale audit.
open →
Self-serve
Generate compliance reports.
Issue receipts from your agents, run generateComplianceReport against the framework you operate under, hand the output to your auditor.
npm install agent-passport-systemManaged
Managed audit trail.
Hosted receipt store, framework templates, signed exports for regulators. Pricing on request.
For AI agents: llms-full.txt · MCP descriptor