Prove what your agent did. Don't just claim it.

An open standard for verifiable execution provenance: a portable, tamper-evident record of what an agent did, in what order, and under what governance. Anyone can verify it without trusting you or your host. Here is a real one. Check it yourself, right now, in this tab.

Live · runs in your browser Sample record: a signed 3-event run (real conformance vector)
originrun/conformance
events3
signatureCOSE_Sign1 · Ed25519
signed byprovetrail-conformance-root
bytes
Loading verifier…

This runs the real provetrail npm package, its COSE_Sign1 + RFC 6962 Merkle checks, entirely client-side. Governance and ground-truth (the L4 tiers) are checked by the full Go verifier, flynn spine verify. Don't trust this page? Download the record and verify it yourself.

Signed is not the same as proven

Plenty of systems can hand you a signed log. A signature only says these bytes are mine. It says nothing about whether the work was real. Provetrail is built so a stranger’s machine can check the claim instead of taking your word for it:

  • Integrity. The events rebuild a signed Merkle root (RFC 6962). Change one byte and the proof breaks, as above.
  • Governance. Every side-effecting action has a matching admission, so no action ran without authorization.
  • Ground truth. A claimed success is bound to a check that actually passed. A record that says “done” with nothing behind it is rejected, not trusted.

Where it fits

Provetrail is a sibling to the standards you already know, not a rival:

Standard Answers
C2PA Is this content AI-generated, and by whom?
MCP How does an agent connect to tools?
A2A How do agents talk to each other?
Provetrail What did the agent do, provably?

The reference runtime is Flynn (Go); the verifier ships in every language as a thin client. One engine, many verifiers, one conformance suite.

Latest posts

All posts